www.haibunda.com Open in urlscan Pro
104.18.1.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.haibunda.com/
Submission: On October 13 via manual (October 13th 2021, 4:13:13 am UTC) from AE — Scanned from DE

Summary HTTP 332 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 50 IPs in 8 countries across 41 domains to perform 332 HTTP transactions. The main IP is 104.18.1.84, located in and belongs to CLOUDFLARENET, US. The main domain is www.haibunda.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 6th 2021. Valid for: a year.

This is the only time www.haibunda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.18.1.84 104.18.1.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	103.49.221.172 103.49.221.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
11	203.190.242.172 203.190.242.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
15	104.16.92.18 104.16.92.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	103.49.221.102 103.49.221.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
14	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3 8	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
10 27	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
1	18.66.139.116 18.66.139.116	16509 (AMAZON-02) (AMAZON-02)
4	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
2	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
1	54.186.64.106 54.186.64.106	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
5	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
3	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
5	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
30	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
7	103.49.221.244 103.49.221.244	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
7	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	13.32.121.100 13.32.121.100	16509 (AMAZON-02) (AMAZON-02)
18	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 7	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
22	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	103.49.221.173 103.49.221.173	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
2	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
2	142.251.36.195 142.251.36.195	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1 1	172.217.130.70 172.217.130.70	15169 (GOOGLE) (GOOGLE)
2	172.217.130.74 172.217.130.74	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	212.82.100.176 212.82.100.176	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.121.29 13.32.121.29	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	34.248.156.174 34.248.156.174	16509 (AMAZON-02) (AMAZON-02)
1	141.95.34.105 141.95.34.105	16276 (OVH) (OVH)
332	50

15 104.18.1.84 (None, )

ASN13335 (CLOUDFLARENET, US)

www.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 103.49.221.172 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-172-221-49-103.detik.com

cdn.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 203.190.242.172 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-172-242.190.203.detik.com

cdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.16.92.18 (None, )

ASN13335 (CLOUDFLARENET, US)

static.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 103.49.221.102 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-102-221-49-103.detik.com

akcdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.121.27.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.121.21 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.66 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.116 (United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.131 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.64.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-64-106.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.49.221.244 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-244-221-49-103.detik.com

newrevive.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.53 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.49.221.173 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-173-221-49-103.detik.com

connect.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.36.195 (United States)

ASN15169 (GOOGLE, US)
PTR: muc12s12-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.130.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f6.1e100.net

r1---sn-2gb7sn7r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.130.74 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f10.1e100.net

r5---sn-2gb7sn7r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.176 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-29.fra60.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.156.174 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-156-174.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.34.105 (France)

ASN16276 (OVH, FR)
PTR: p34.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	298 KB
53	doubleclick.net 10 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net	299 KB
50	haibunda.com www.haibunda.com cdn.haibunda.com	939 KB
36	detik.net.id cdn.detik.net.id akcdn.detik.net.id	709 KB
26	2mdn.net 2 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-2gb7sn7r.c.2mdn.net r5---sn-2gb7sn7r.c.2mdn.net	2 MB
21	google.com fundingchoicesmessages.google.com analytics.google.com adservice.google.com www.google.com	67 KB
20	detik.com cdnstatic.detik.com kayumanis.detik.com Failed newrevive.detik.com connect.detik.com images.detik.com	194 KB
15	vidy.com static.vidy.com api.vidy.com	336 KB
11	eyeota.net 1 redirects ps.eyeota.net	7 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
8	scorecardresearch.com 3 redirects sb.scorecardresearch.com	6 KB
7	adnxs.com 5 redirects ib.adnxs.com	6 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	147 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	google.de www.google.de adservice.google.de	2 KB
3	trustarc.com choices.trustarc.com	15 KB
3	cloudflare.com cdnjs.cloudflare.com	26 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	127 KB
3	googletagservices.com www.googletagservices.com	112 KB
3	facebook.com www.facebook.com	657 B
3	yahoo.com 3 redirects cms.analytics.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	googletagmanager.com www.googletagmanager.com	130 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	684 B
2	teads.tv sync.teads.tv	344 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	facebook.net connect.facebook.net	171 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	taboola.com cdn.taboola.com	142 KB
1	id5-sync.com id5-sync.com	1 KB
1	1rx.io sync.1rx.io	107 B
1	truste.com choices.truste.com	10 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	turn.com 1 redirects d.turn.com	438 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jsdelivr.net cdn.jsdelivr.net	11 KB
332	41

	Domain	Requested by
35	cdn.haibunda.com	www.haibunda.com cdn.haibunda.com
30	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com googleads.g.doubleclick.net bid.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
27	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net www.haibunda.com 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
27	akcdn.detik.net.id	www.haibunda.com
22	s0.2mdn.net	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com www.haibunda.com s0.2mdn.net
18	tpc.googlesyndication.com	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
15	www.haibunda.com	www.haibunda.com cdn.haibunda.com static.cloudflareinsights.com
13	fundingchoicesmessages.google.com	www.haibunda.com
11	ps.eyeota.net	1 redirects www.haibunda.com ps.eyeota.net
10	images.detik.com	www.haibunda.com
10	securepubads.g.doubleclick.net	www.haibunda.com securepubads.g.doubleclick.net 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
9	cdn.detik.net.id	www.haibunda.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	sb.scorecardresearch.com	3 redirects www.haibunda.com
8	static.vidy.com	www.haibunda.com static.vidy.com
7	api.vidy.com	static.vidy.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	newrevive.detik.com	www.haibunda.com newrevive.detik.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.haibunda.com
6	googleads.g.doubleclick.net	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com www.haibunda.com
5	www.google.com	www.haibunda.com 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com tpc.googlesyndication.com
5	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
3	choices.trustarc.com	choices.truste.com
3	cdnjs.cloudflare.com	s0.2mdn.net
3	pixel.rubiconproject.com	3 redirects
3	fonts.gstatic.com	static.vidy.com fonts.googleapis.com
3	www.googletagservices.com	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
3	www.facebook.com	www.haibunda.com
3	match.adsrvr.org	2 redirects 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
3	www.googletagmanager.com	www.haibunda.com www.googletagmanager.com
2	dpm.demdex.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	r5---sn-2gb7sn7r.c.2mdn.net	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com www.haibunda.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
2	bid.g.doubleclick.net	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com imasdk.googleapis.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google.de	www.haibunda.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.haibunda.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sync.search.spotxchange.com	1 redirects www.haibunda.com
2	sync.mathtag.com	2 redirects
2	cdn.taboola.com	www.haibunda.com cdn.taboola.com
2	cdnstatic.detik.com	www.haibunda.com
1	id5-sync.com
1	sync.1rx.io
1	ups.analytics.yahoo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	r1---sn-2gb7sn7r.c.2mdn.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	fonts.googleapis.com	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
1	connect.detik.com	cdn.detik.net.id
1	choices.truste.com	6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.haibunda.com
1	certify.alexametrics.com	www.haibunda.com
1	analytics.google.com	www.googletagmanager.com
1	certify-js.alexametrics.com	www.haibunda.com
1	d.turn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	static.cloudflareinsights.com	www.haibunda.com
1	cdn.jsdelivr.net	www.haibunda.com
1	www.gstatic.com	www.haibunda.com
0	kayumanis.detik.com Failed	cdn.detik.net.id
332	68

This site contains links to these domains. Also see Links.

Domain
connect.detik.com
www.facebook.com
twitter.com
www.instagram.com
www.detik.com
www.youtube.com
pasangmata.detik.com
adsmart.detik.com
forum.detik.com
event.detik.com
poin.detikshop.com
www.transsnowworld.com
www.transstudiobandung.com
www.cnnindonesia.com
www.cnbcindonesia.com
www.insertlive.com
www.beautynesia.id
www.femaledaily.com

Subject Issuer	Validity	Valid
*.haibunda.com Thawte RSA CA 2018	`2021-07-06` - `2022-07-29`	a year	crt.sh
*.detik.net.id Thawte RSA CA 2018	`2021-01-30` - `2022-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.detik.com Thawte RSA CA 2018	`2020-11-14` - `2021-12-14`	a year	crt.sh
vidy.com Cloudflare Inc ECC CA-3	`2021-06-20` - `2022-06-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-09-28` - `2021-12-07`	2 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.haibunda.com/
Frame ID: AB826BF26B4C02A5D0824E7371139D35
Requests: 191 HTTP requests in this frame

Frame: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D68DED8F38E651482C48A4F42EDD3DC
Requests: 1 HTTP requests in this frame

Frame: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2AB6EA21BEE8FF02AB23D258CECA8433
Requests: 18 HTTP requests in this frame

Frame: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C5BE27EF0A9CAA3A613E1FD0CBF5D6D4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiA1ZG1ATAB&v=APEucNU4R3GFDSJ1z_iaWAyowHooj7zDULzoMp5XwzhJPp6ebkYJ_SOGL30hAaPtG87bbPjLCu_wqDUAqzzypAFABYrxMaLcDgGLGsBlJWQpik7OTZo1cUDrhLoSsvSfpl4f-hllZpuBiU8im57Or20Kg9w7yreTm6_Sh4JQ5zj_lt77mKXHNUc
Frame ID: 196715FD11D682544EFAA26DF43EFA5E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNVXw06TnGn_B33AWu7SaIxKO1Fac81Ux1NftUKUiEuawkYTArs8tIxlNHqPpetLEwesfjHs47SFjXHslZO1vnWUJ9_23DVV2NRVkl6uw2gQMNk_yDwvilhGruzUGw6AdW52SHiVokGlxLhS6KGWu_Ftadu7JqAsR0j8ABYb4BFxmLFV_OI
Frame ID: 832A3F98C5657C4F076CC9B1FB7A534F
Requests: 5 HTTP requests in this frame

Frame: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B1BA5F942CABFD62F892127BDE45B42C
Requests: 18 HTTP requests in this frame

Frame: https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166
Frame ID: A31848F73C6DC304E689F2D1A4883FA8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B8491934770110555757A111E21C1937
Requests: 1 HTTP requests in this frame

Frame: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8655CAAA43B205647A525A8463D3794D
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1E23DFE0DE2C96C0613468D444862331
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A6BDDED010750B6453F95FAFDD76E0E8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6910844ADD911BB1FF4E5908A0571AA2
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/10774078/1632247683405/index.html
Frame ID: 8184438EDEB96408345F9D9A892277D1
Requests: 7 HTTP requests in this frame

Frame: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
Frame ID: 2A9CE5DAE5110F3CB8FF531FDE699BD9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc
Frame ID: 3E4E7BB4F5260906EED49BC26956AD47
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0B53CEB163FC8D2820630EE4E1CB037
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D9BFAB257FA4E1F2A2C44BDE12A8BAB
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
Frame ID: 7F0BBAF90F86FF40FD0CAE022133F608
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C42F55B9A65BC36913F0A2AD925E2ABD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A46D7D582311D8F2305EF0F2CDFF079A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FFEB0DEAC31B2C7592E8902B5A14B343
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 74C8D5E949D9410F871BEB1009DA395B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2988D53D0D39A3F6C9BA5A549EBA83AD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Informasi Terkini Kehamilan, Parenting, dan Mom Life - Haibunda.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

332
Requests

99 %
HTTPS

0 %
IPv6

41
Domains

68
Subdomains

50
IPs

8
Countries

5330 kB
Transfer

10934 kB
Size

47
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.detik.com/oauth/authorize?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://connect.detik.com/accounts/register/option/?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://connect.detik.com/oauth/authorize?clientId=10166&adult=1&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HaiBundacom/

Search URL Search Domain Scan URL

URL: https://twitter.com/haibundacom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haibundacom/

Search URL Search Domain Scan URL

URL: https://www.detik.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/HaiBundacom

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/
Title: Pasang Mata

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/
Title: Adsmart

Search URL Search Domain Scan URL

URL: https://forum.detik.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://event.detik.com/
Title: detikEvent

Search URL Search Domain Scan URL

URL: https://poin.detikshop.com/
Title: detikPoint

Search URL Search Domain Scan URL

URL: https://www.transsnowworld.com/
Title: Trans Snow World

Search URL Search Domain Scan URL

URL: https://www.transstudiobandung.com/
Title: Trans Studio

Search URL Search Domain Scan URL

URL: https://www.cnnindonesia.com/
Title: CNN Indonesia

Search URL Search Domain Scan URL

URL: https://www.cnbcindonesia.com/
Title: CNBC Indonesia

Search URL Search Domain Scan URL

URL: https://www.insertlive.com/
Title: InsertLive

Search URL Search Domain Scan URL

URL: https://www.beautynesia.id/
Title: Beautynesia

Search URL Search Domain Scan URL

URL: https://www.femaledaily.com/
Title: Female Daily

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=

Request Chain 42

https://sb.scorecardresearch.com/cs/8443234/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 50

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384750&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384750&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=

Request Chain 51

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384751&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384751&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjR3b2ZJYmJsSFJHNUV5SW5EMWxxeWF0Q2EzLVN2UmZ5Q3ljakt5SkJxUm8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjR3b2ZJYmJsSFJHNUV5SW5EMWxxeWF0Q2EzLVN2UmZ5Q3ljakt5SkJxUm8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEP6Cie8dB39sbFDqFhu18V0&google_cver=1

Request Chain 53

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=1446771b-3d59-4fa4-b9f9-d08e00901569&bid=1e2n4ou

Request Chain 54

https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=40946166-5cd0-4400-9aee-dc7e08d77476&referrer_pid=mli4m40

Request Chain 55

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-7EoB9NdE2pU7zRID1lqXHChi3EpvTVcohPQ-~A

Request Chain 56

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=mli4m40 HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3294253373894634933&newuser=1&referrer_pid=mli4m40

Request Chain 59

https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=dd1e97c8-2bdb-11ec-9baa-1384e0ef0306

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWZc0YWH8DJ.LJEzcaHH3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWZc0YWH8DJ.LJEzcaHH3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D

Request Chain 249

https://gcdn.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/682602B3C89AE74BFCD534D940E67A2E6ABDD41F.51BACC8B5FFAB83AB41BD333FD48BB560518A19A/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60C08DCE9FAF8E212EACDF6758C7189F97729619.7A95F7FA220FB4AD8364B68D2000E7B5356364C0/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634098356/mv/m/mvi/1/pl/24/file/file.mp4 HTTP 302
https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60C08DCE9FAF8E212EACDF6758C7189F97729619.7A95F7FA220FB4AD8364B68D2000E7B5356364C0/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634098356/mv/m/mvi/1/pl/24/ir/1/rr/12/file/file.mp4

Request Chain 250

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJjV4u0jaRxk6rYwt6oN2wE&google_cver=1&google_push=AYg5qPLxkqtz91c4Ks5gGXTQgKpVMqDzP41ApX2Wp-egamNnnhUurA_6WxsQhjCywuY-t1RcjhKaljAQyQKaeeGdLxFuEaUN-Z6W HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJjV4u0jaRxk6rYwt6oN2wE&google_cver=1&google_push=AYg5qPLxkqtz91c4Ks5gGXTQgKpVMqDzP41ApX2Wp-egamNnnhUurA_6WxsQhjCywuY-t1RcjhKaljAQyQKaeeGdLxFuEaUN-Z6W&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLxkqtz91c4Ks5gGXTQgKpVMqDzP41ApX2Wp-egamNnnhUurA_6WxsQhjCywuY-t1RcjhKaljAQyQKaeeGdLxFuEaUN-Z6W

Request Chain 251

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJtKsn14unUZDfy1LUlfQac&google_cver=1&google_push=AYg5qPLIPYoPalKeU9SaLCqnBbS--GCCulBzSeZCJuBHq4EPzlq0HDeERn0hIJv3d-Uhfcy3iT1bWY6Blw_JO2yrQM_8Pj7kVtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLV1gtSS1EVFpZ&google_push=AYg5qPLIPYoPalKeU9SaLCqnBbS--GCCulBzSeZCJuBHq4EPzlq0HDeERn0hIJv3d-Uhfcy3iT1bWY6Blw_JO2yrQM_8Pj7kVtg

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMclIMMsvpE36OMOcPfBE3w&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMclIMMsvpE36OMOcPfBE3w&google_cver=1

Request Chain 254

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM0Y2Q3YmQtYWM1Ni0yZTBjLWNmMGQtNGM3NGIyZDY5NzJi

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIUXTImHm5cuHnIYk569DlA&google_cver=1

Request Chain 271

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEClRFEHYs-Tb-dJuQLU1fEg&google_cver=1&google_push=AYg5qPI3Gd0H8jG0pPGba8sLfxNBfOA-alF3KDSg6dohrKQNRGQaAdHL9c9om7C_QJyCOWfZw5XFASYYoblqBwWcBY_nPf_8rIui HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QJRhZlzQRACa7tx-CNd0dg&google_push=AYg5qPI3Gd0H8jG0pPGba8sLfxNBfOA-alF3KDSg6dohrKQNRGQaAdHL9c9om7C_QJyCOWfZw5XFASYYoblqBwWcBY_nPf_8rIui

Request Chain 272

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEVrbz3nZ2oTPLiixLr5wi8&google_cver=1&google_push=AYg5qPLCIEjdG4XeoSSGWt17nCYmV3thY22HKRr60CoOfk4au23krTBn318BS8vz75rvUaX0gG08-e7NyhW4B5Ch6t9LP5EGJDwj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEVrbz3nZ2oTPLiixLr5wi8&google_push=AYg5qPLCIEjdG4XeoSSGWt17nCYmV3thY22HKRr60CoOfk4au23krTBn318BS8vz75rvUaX0gG08-e7NyhW4B5Ch6t9LP5EGJDwj

Request Chain 274

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAHWFYM8jQ_56rgiXx3G620&google_cver=1&google_push=AYg5qPJiaVl9n-53Lbpoe6Z_SsVY3t6I7VGiCvyHJUS415mmcRU9ib3TxqPKXy4TTbReaRPgVprNXOBaNfxXEGlstacVRjqvvA1Zlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJiaVl9n-53Lbpoe6Z_SsVY3t6I7VGiCvyHJUS415mmcRU9ib3TxqPKXy4TTbReaRPgVprNXOBaNfxXEGlstacVRjqvvA1Zlw&google_hm=MTM4ODk0MTYzODYxMjYwNjAxNg%3D%3D

Request Chain 276

https://match.360yield.com/match/ebda?google_gid=CAESEOKCXrkAsfeKpUGtEWIiwqQ&google_cver=1&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOKCXrkAsfeKpUGtEWIiwqQ&google_cver=1&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ

Request Chain 277

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELfb33iyDdWP0UyrbWduJs8&google_cver=1&google_push=AYg5qPKSONdWkqvcjrW0M5Ro5CTOVrhpp2WPSyOv0Yuu34YoBZI1YHlJ55ukZI0Yi8XR2kpAncxICk_KuH0EXIvjHrg9gnmwOLW-l_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IcU15dnUxRTJ1Rkt0anBZUlg3bmFBMDY1aVVPVXFSZn5B&google_push=AYg5qPKSONdWkqvcjrW0M5Ro5CTOVrhpp2WPSyOv0Yuu34YoBZI1YHlJ55ukZI0Yi8XR2kpAncxICk_KuH0EXIvjHrg9gnmwOLW-l_o

Request Chain 281

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJjV4u0jaRxk6rYwt6oN2wE&google_cver=1&google_push=AYg5qPIyFbw382Kd3vzPyY2R3e0ewjCp83qb-DZyRf5zdvDxIFDxqmquQQcpFt1A7bOEUCGRVKc3ME8gb7STDDz8eiSKq8RCUhKW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIyFbw382Kd3vzPyY2R3e0ewjCp83qb-DZyRf5zdvDxIFDxqmquQQcpFt1A7bOEUCGRVKc3ME8gb7STDDz8eiSKq8RCUhKW

Request Chain 282

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJtKsn14unUZDfy1LUlfQac&google_cver=1&google_push=AYg5qPLxT_kJbnIMY7FS4ofU_GBU-TNXAvH9L7IfF0IfOntrURNPjoR7M7G7q4gGJL2VYS5pDPk7jYsRJpCsZDtuujnbVDY1oU8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLWjQtRy03SkUz&google_push=AYg5qPLxT_kJbnIMY7FS4ofU_GBU-TNXAvH9L7IfF0IfOntrURNPjoR7M7G7q4gGJL2VYS5pDPk7jYsRJpCsZDtuujnbVDY1oU8

Request Chain 303

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJjV4u0jaRxk6rYwt6oN2wE&google_cver=1&google_push=AYg5qPL6T6PJcr6qoeJP1Vi_xL9ETH_1Fvh8K_aGjTnMQ4Mhi2KJsQoJKCgQKpJPTcKjnSVRBVMKaeyf4HlvAN8kTeUlKyDpJ9Vs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL6T6PJcr6qoeJP1Vi_xL9ETH_1Fvh8K_aGjTnMQ4Mhi2KJsQoJKCgQKpJPTcKjnSVRBVMKaeyf4HlvAN8kTeUlKyDpJ9Vs

Request Chain 304

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJtKsn14unUZDfy1LUlfQac&google_cver=1&google_push=AYg5qPKNQpYOw0wVop_ac0wgrcOeUaCf0_ZTW6Xs57HC0xZGHsHQ9N-gfPDnIH2Ihzk8KkgJa-F7JuL2qLN_CrtbxbkNrpuiUy6- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpMNlYtMVItSUFBVg==&google_push=AYg5qPKNQpYOw0wVop_ac0wgrcOeUaCf0_ZTW6Xs57HC0xZGHsHQ9N-gfPDnIH2Ihzk8KkgJa-F7JuL2qLN_CrtbxbkNrpuiUy6-

Request Chain 331

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17c77da8f57-512f0000010f5bb0&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=17c77da8f57-512f0000010f5bb0&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?bid=6j5b2cv&uid=45031617621248762102642677213817780888&referrer_pid=mli4m40

Request Chain 332

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?uid=YWZc0gAIqBhgmwAR&bid=0rijhbu&referrer_pid=mli4m40

Request Chain 334

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?uid=3177862950431366802&bid=2cr76e1&referrer_pid=mli4m40

332 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.haibunda.com/ 54 KB
15 KB 257ms
219ms Document
text/html 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3e80ea15ded54afac6fd551e08c58b5babdccab07f79fef74cf31e44b490fc1

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:method: GET
:authority: www.haibunda.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 13 Oct 2021 04:13:03 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: '1;mode=block'
strict-transport-security: "max-age=31536000; includeSubDomains" always
s: fe-publish2
x-cached: EXPIRED
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69d5bbb1081521bd-DUS
content-encoding: gzip

GET
H2 200 haibunda.wp.style.css
cdn.haibunda.com/css/ 216 KB
27 KB 574ms
187ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

1e0d978a09a9776d2cc6602d706e880504e526634b88ed33497bcde232fcc7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 09:36:56 GMT
server: static7
cache-status: HIT
etag: W/"607414b8-35fa2"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haibunda.cb.css
cdn.haibunda.com/css/ 13 KB
3 KB 574ms
188ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

a5403de584447c64021ad774ebc8fb49a14783e66afc4d41bbe83aa4ae6a181b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 03:14:56 GMT
server: static7
cache-status: HIT
etag: W/"61109db0-3396"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 87 KB
31 KB 544ms
179ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 07:01:24 GMT
server: static7
cache-status: HIT
etag: W/"60bdc444-15d9d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtmdl.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 4 KB
1 KB 543ms
178ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/gtmdl.js?v=haibunda.3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88e-e65"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik.ads.css
cdn.detik.net.id/commerce/desktop/css/ 9 KB
3 KB 543ms
178ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/desktop/css/detik.ads.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 03:46:21 GMT
server: static7
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5ddf430d-255c"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dtk_commerce.js Show response
cdn.detik.net.id/commerce/commerce/ 2 KB
956 B 544ms
178ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/commerce/dtk_commerce.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

0356c516f36efead47f3474b418ff234ec7fa9a714947e955d4916dc43a1d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Mar 2020 09:00:40 GMT
server: static7
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e748638-623"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 110ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

6d87adf3fc109754ef514d82e3d4567866aae1fef3102b98d4e53ec51de3335e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1014 / 558 of 1000 / last-modified: 1634076306"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27020
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Oct 2021 04:13:04 GMT

GET
H2 200 portal.dc.js Show response
cdn.detik.net.id/libs/js-itportal/ 1010 B
860 B 543ms
178ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/js-itportal/portal.dc.js?v=1.0

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 10:11:15 GMT
server: static7
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e5f7ec3-3f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eyeotadtk.js Show response
cdnstatic.detik.com/live/js/ 312 B
516 B 572ms
190ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.detik.com/live/js/eyeotadtk.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s2-172-242.190.203.detik.com
Software: static7 /
Resource Hash: 7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
etag: W/"5afd2f42-138"
last-modified: Thu, 17 May 2018 07:29:06 GMT
server: static7
barrier_2: HIT
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed.min.js Show response
static.vidy.com/ 5 KB
3 KB 55ms
19ms Script
application/javascript 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/embed.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151585
age: 5588
x-guploader-uploadid: ADPycduucp1E7RaHqI00UwArDe8EfcmSwzdrsFkFYgo4HS71F6jevOr9EHHE9aSkC9nhqPBTW0tiZow7JQ3494_d-IY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:31 GMT
server: cloudflare
etag: W/"b145d7539e78b5b1784435a21008f41b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=6c3BQg==, md5=sUXXU554tbF4RDWiEAj0Gw==
x-goog-generation: 1632151650900589
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,s-maxage=14400,max-age=1800
x-goog-stored-content-length: 4803
cf-ray: 69d5bbb2c8a1faf6-DUS
expires: Wed, 13 Oct 2021 03:33:41 GMT

GET
H2 200 972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png
akcdn.detik.net.id/community/media/visual/2019/07/23/ 8 KB
9 KB 643ms
210ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2019/07/23/972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png?d=1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 04:44:40 GMT
server: static1
cache-status: HIT
etag: W/"5d3690b8-211e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 login_loader.gif
cdn.haibunda.com/images/ 77 KB
74 KB 198ms
194ms Image
image/gif 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/login_loader.gif?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 09:23:47 GMT
server: static7
cache-status: HIT
etag: W/"5ea947a3-13516"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.png
cdn.haibunda.com/images/ 525 B
854 B 198ms
194ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/search-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-20d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb-icon.png
cdn.haibunda.com/images/ 931 B
1 KB 198ms
194ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/fb-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-3a3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter-icon.png
cdn.haibunda.com/images/ 1006 B
1 KB 199ms
195ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/twitter-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-3ee"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagram-icon.png
cdn.haibunda.com/images/ 3 KB
3 KB 379ms
375ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/instagram-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-a20"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close.png
cdn.haibunda.com/images/ 225 B
518 B 379ms
375ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/close.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-e1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 225
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
cdn.haibunda.com/images/ 12 KB
12 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-2f8e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.css
cdn.haibunda.com/css/ 2 KB
1 KB 188ms
188ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/pushnotif.css?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-858"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico_haibunda.png
cdn.haibunda.com/images/ 2 KB
2 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/ico_haibunda.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-8d2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.js Show response
cdn.haibunda.com/js/ 2 KB
1006 B 191ms
190ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/pushnotif.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 07:05:50 GMT
server: static7
cache-status: HIT
etag: W/"60dac64e-717"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_logo_haibunda.png
cdn.haibunda.com/images/ 13 KB
12 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/footer_logo_haibunda.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static7
cache-status: HIT
etag: W/"5f55db10-3311"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_logo2.png
cdn.haibunda.com/images/ 7 KB
7 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/footer_logo2.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static7
cache-status: HIT
etag: W/"5f55db10-1a35"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_fb.png
cdn.haibunda.com/images/ 2 KB
2 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_fb.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static7
cache-status: HIT
etag: W/"5f55db10-89e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_tw.png
cdn.haibunda.com/images/ 3 KB
3 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_tw.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static7
cache-status: HIT
etag: W/"5f55db10-b87"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_ig.png
cdn.haibunda.com/images/ 6 KB
7 KB 379ms
376ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_ig.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static7
cache-status: HIT
etag: W/"5f55db10-1933"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_yt.png
cdn.haibunda.com/images/ 3 KB
3 KB 379ms
377ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_yt.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static7
cache-status: HIT
etag: W/"5f55db10-b21"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haibunda-wp-js.min.js Show response
cdn.haibunda.com/js/ 118 KB
34 KB 192ms
191ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/haibunda-wp-js.min.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

a50d16fb94114f97b8afe54fe017441606825bce1a6cb8fd2390ebd8130d64e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 07:05:50 GMT
server: static7
cache-status: HIT
etag: W/"60dac64e-1d755"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imgLiquid-min.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 192ms
191ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/imgLiquid-min.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-13f7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.6/ 294 KB
97 KB 72ms
21ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.6/firebase.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 08:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98890
x-xss-protection: 0
last-modified: Wed, 18 Jan 2017 00:39:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Thu, 06 Oct 2022 08:55:21 GMT

GET
H2 200 firebase.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 199ms
194ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/firebase.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2019 05:11:48 GMT
server: static7
cache-status: HIT
etag: W/"5df1cc14-14d6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik-vertical.js Show response
cdn.haibunda.com/js/ 1 MB
194 KB 199ms
194ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

e857e1d16831ed7b4062e04ed3b0fe4a4fc19fd08247262f9606af84d427d404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 03:06:45 GMT
server: static7
cache-status: HIT
etag: W/"612856c5-10a778"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 refresh.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 1 KB
716 B 192ms
187ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/refresh.js?v=haibunda.3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88e-430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikLiveUserCounterResponse.js Show response
cdn.detik.net.id/libs/livecounter/ 37 KB
10 KB 192ms
187ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=343af093

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 08:01:26 GMT
server: static7
cache-status: HIT
etag: W/"60f7d456-921a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 47ms
21ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2896105
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 69d5bbb87e4d2187-DUS

GET
H2 200 callback-revive.js Show response
cdnstatic.detik.com/live/_rmbassets/ 168 B
457 B 189ms
185ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.detik.com/live/_rmbassets/callback-revive.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s2-172-242.190.203.detik.com
Software: static7 /
Resource Hash: f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
last-modified: Wed, 28 Apr 2021 07:59:13 GMT
server: static7
barrier_2: MISS
cache-status: HIT
etag: "608915d1-a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
middle-cache: MISS
accept-ranges: bytes
barrier_1: Static
barrier_3: HIT
content-length: 168
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 connectdetik Show response
www.haibunda.com/ 262 B
310 B 203ms
198ms Script
application/javascript 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/connectdetik?fn=onLoginClient

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:path: /connectdetik?fn=onLoginClient
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-cached: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/javascript
s: fe-publish4
cf-ray: 69d5bbb85fad21bd-DUS
x-xss-protection: '1;mode=block'

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 63ms
31ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69d5bbb889812151-DUS

GET
H/1.1

200
OK

/ Show response
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=

1 KB
2 KB

42ms
41ms

Script
application/javascript

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a78803722296e42908804386f9ed6088e070ee311ad1768fda1e279b5fcecc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:04 GMT
Content-Type: application/javascript
Content-Length: 1210
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Date: Wed, 13 Oct 2021 04:13:04 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
33 KB 84ms
32ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2fbc474ff63f1d794159089435f3852a6402469405ac4b9a5abb99b76a550b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32800
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Oct 2021 04:13:04 GMT

GET
H2 200 AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0= Show response
fundingchoicesmessages.google.com/f/ 70 KB
26 KB 100ms
48ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

300509d31cf36c8bd9dbac091aea8e57013715a4a7a6bf5153e263182479c399

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kzb2LfLiRy9yoWluLF86XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kzb2LfLiRy9yoWluLF86XQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kzb2LfLiRy9yoWluLF86XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kzb2LfLiRy9yoWluLF86XQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/detik-haibunda/ 144 KB
23 KB 28ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 880b95d819ddb563bd389dc8e85b00a402a2def535d9e5fd23f333e06464da5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: t7T4RHvmnFZcbLVoE0_QV8gUFax7qZ2s
content-encoding: gzip
etag: "f38bd3de6c8d75af9c30b2b9609cd3bf"
age: 115
x-cache: HIT
content-length: 23501
x-amz-id-2: VBvK3s3ECsoJsIiBMAdkHBLv20uw4n2nPLlnOJhFoV2casg5wKMR0etEYEJGTqbmkdujoM3MTow=
x-served-by: cache-hhn4046-HHN
last-modified: Mon, 11 Oct 2021 09:23:09 GMT
server: AmazonS3
x-timer: S1634098385.711470,VS0,VE1
date: Wed, 13 Oct 2021 04:13:04 GMT
vary: Accept-Encoding
x-amz-request-id: Z62HAK14BH4HV3EQ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 1

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/8443234/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:11:09 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 306
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hKrCjpwuwIg1FwrC7kfUW3ovfJV58j1HdW3UvV2uoeEnvU54Bd2HOQ==

Redirect headers

date: Wed, 13 Oct 2021 04:13:04 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: l73HqIqGIxaTGosXb_7qvf4h6r_GCTvo1on2YP6ACLeAgY8S1C_Tgg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
49 KB 86ms
65ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

21c6ef26a0f322e8d37c1c25f786e456f0f4018de8a9495bc49649428987926f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49984
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Oct 2021 04:13:04 GMT

GET
H2 200 opensans-semibold.ttf
cdn.haibunda.com/fonts/ 33 KB
33 KB 589ms
204ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-semibold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-822c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 33324
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-new.png
cdn.haibunda.com/images/ 846 B
1 KB 351ms
348ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/icon-new.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 07:18:08 GMT
server: static7
cache-status: HIT
etag: W/"5e576d30-34e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-regular.ttf
cdn.haibunda.com/fonts/ 43 KB
44 KB 563ms
204ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-regular.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-ade4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 44516
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-btn.png
cdn.haibunda.com/images/ 764 B
1 KB 347ms
347ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/search-btn.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-2fc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-light.ttf
cdn.haibunda.com/fonts/ 188 KB
188 KB 557ms
204ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-light.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-2ee74"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 192116
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 impl.20211011-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 538 KB
119 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211011-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f29c45140020a3dc10efeb14dc914427794e2d1d04a8081a0d3df10b0955713a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 9nGIKcce3_iKOfW2w2cGNnpGpIzwiRhv
content-encoding: br
etag: "a1e5bdbf52e3cabe205e25b1450b8de0"
age: 10926
x-cache: HIT
content-length: 121438
x-amz-id-2: mbtUpAKzjn/+5AcD+rnfqlXJOwdeFj303P9CWS116pN3G3wvDxsU9APIfhqvayb/0mezJt1yOU0=
x-served-by: cache-hhn4046-HHN
last-modified: Mon, 11 Oct 2021 09:10:58 GMT
server: AmazonS3-br
x-timer: S1634098385.749824,VS0,VE0
date: Wed, 13 Oct 2021 04:13:04 GMT
vary: Accept-Encoding
x-amz-request-id: B2BYZXAQVGEQGF4F
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 82
x-cache-hits: 1799

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384750&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%...
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384750&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C...

64 B
330 B

9ms
9ms

Image
image/gif

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384750&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: llZuMiHWJRwOQhtMwkoywZn6ii_UuiV3k-Rh1kft_2zAXcilDwtDqQ==

Redirect headers

date: Wed, 13 Oct 2021 04:13:04 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384750&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length: 261
x-amz-cf-id: dVYLrZa8ygH-um-zrvLF-GgDWJ77faAfS6sIlHUi-ggKtXunrT63Iw==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384751&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenti...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384751&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parent...

64 B
329 B

9ms
9ms

Image
image/gif

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384751&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: BYVdbeZ2bEiUpucGoicW2AETlLqu1ma9v4BvbW686UApw7yKMmmmzw==

Redirect headers

date: Wed, 13 Oct 2021 04:13:04 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634098384751&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length: 267
x-amz-cf-id: vFwQc_UU9rQMlmuRLugLRwAuCteYBzNC6evaT6zb2U92-JkQVhC39Q==

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjR3b2ZJYmJsSFJHNUV5SW5EMWxxeWF0Q2EzLVN2UmZ5Q3ljakt5SkJxUm8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjR3b2ZJYmJsSFJHNUV5SW5EMWxxeWF0Q2EzLVN2UmZ5Q3ljakt5SkJxUm8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEP6Cie8dB39sbFDqFhu18V0&google_cver=1

70 B
440 B

10ms
9ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEP6Cie8dB39sbFDqFhu18V0&google_cver=1
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:05 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEP6Cie8dB39sbFDqFhu18V0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
https://ps.eyeota.net/match?uid=1446771b-3d59-4fa4-b9f9-d08e00901569&bid=1e2n4ou

70 B
440 B

9ms
9ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1446771b-3d59-4fa4-b9f9-d08e00901569&bid=1e2n4ou
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:05 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=1446771b-3d59-4fa4-b9f9-d08e00901569&bid=1e2n4ou
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3Dmli4m40
https://ps.eyeota.net/match?bid=7vi0rg0&uid=40946166-5cd0-4400-9aee-dc7e08d77476&referrer_pid=mli4m40

70 B
440 B

10ms
9ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=7vi0rg0&uid=40946166-5cd0-4400-9aee-dc7e08d77476&referrer_pid=mli4m40
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:04 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 13 Oct 2021 04:13:04 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ps.eyeota.net/match?bid=7vi0rg0&uid=40946166-5cd0-4400-9aee-dc7e08d77476&referrer_pid=mli4m40
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Oct 2021 04:13:03 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-7EoB9NdE2pU7zRID1lqXHChi3EpvTVcohPQ-~A

70 B
440 B

15ms
13ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-7EoB9NdE2pU7zRID1lqXHChi3EpvTVcohPQ-~A
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:05 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Wed, 13 Oct 2021 04:13:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-7EoB9NdE2pU7zRID1lqXHChi3EpvTVcohPQ-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=mli4m40
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3294253373894634933&newuser=1&referrer_pid=mli4m40

70 B
440 B

22ms
11ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3294253373894634933&newuser=1&referrer_pid=mli4m40
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:04 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3294253373894634933&newuser=1&referrer_pid=mli4m40
pragma: no-cache
date: Wed, 13 Oct 2021 04:13:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H3 204 AGSKWxWPr1Lq2lMaJFAS_F3TWRRCxeGU8gKlPXF2APKxVka5uYonvSW1Foy467aU-xebCIXFwhGeqHR016qoT66TgME= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 90ms
39ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPr1Lq2lMaJFAS_F3TWRRCxeGU8gKlPXF2APKxVka5uYonvSW1Foy467aU-xebCIXFwhGeqHR016qoT66TgME=?pvid=235FC0DB-2C64-4E8F-8454-E11F7C623655&anonid=E85A2870-E37E-4F1D-BBD4-C4FF7FCC0C14

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ZGIvLEcGZz8.es5.O/d=1/rs=AJlcJMxdG92HgWtdihCddSLl5t2p7qpF5w/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fPQrcBB7YU3glamRIWdOFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fPQrcBB7YU3glamRIWdOFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fPQrcBB7YU3glamRIWdOFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fPQrcBB7YU3glamRIWdOFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUoypFx5LbJQsSa8uiOSE932p8ojKAJiTIVaXkOQglvX_3rv1anQppWd7hHamAcyXlPfaZmzbyW1IiNxSbBq1s= Show response
fundingchoicesmessages.google.com/f/ 61 KB
23 KB 50ms
49ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUoypFx5LbJQsSa8uiOSE932p8ojKAJiTIVaXkOQglvX_3rv1anQppWd7hHamAcyXlPfaZmzbyW1IiNxSbBq1s=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MDk4Mzg0LDg2MzAwMDAwMF0sIjIzNUZDMERCLTJDNjQtNEU4Ri04NDU0LUUxMUY3QzYyMzY1NSIsIkU4NUEyODcwLUUzN0UtNEYxRC1CQkQ0LUM0RkY3RkNDMEMxNCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ZGIvLEcGZz8.es5.O/d=1/rs=AJlcJMxdG92HgWtdihCddSLl5t2p7qpF5w/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

feec3e8ee2f7d38c22a9993f2adc734216201c9423f1182abfa351f887e7c118

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Jn+FmK8+/Uk0UyarVD2bFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Jn+FmK8+/Uk0UyarVD2bFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Jn+FmK8+/Uk0UyarVD2bFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Jn+FmK8+/Uk0UyarVD2bFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=dd1e97c8-2bdb-11ec-9baa-1384e0ef0306

0
588 B

16ms
14ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=dd1e97c8-2bdb-11ec-9baa-1384e0ef0306
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Wed, 13 Oct 2021 04:13:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 32
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Wed, 13 Oct 2021 04:13:04 GMT
Server: nginx
Location: /partner?source=280136&sync_limit=7&__user_check__=1&sync_id=dd1e97c8-2bdb-11ec-9baa-1384e0ef0306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 45
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubads_impl_2021100701.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 38ms
37ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126551
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Oct 2021 04:13:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 398 B
201 B 68ms
38ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

283b069e9ffec726e1b1132f6c8a2395d298305db72af2a0a4256779acdcd111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 176
x-xss-protection: 0
expires: Wed, 13 Oct 2021 04:13:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 71ms
33ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1b576c0bf0fa27ee3ffcb41fe56c8b6c718f14819cda3e7ae1b300b0b6251ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49517
x-xss-protection: 0
expires: Wed, 13 Oct 2021 04:13:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 90ms
26ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 5167
date: Wed, 13 Oct 2021 02:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 04:46:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 44ms
11ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: mRqCdOs+Nsxd3CKUMmcIfIK/PhAhpIxhmjW3Bq8dZoypS2XF45Xux8Nc+8yCRl+EPAvN6HnEfdcupna2vzbFQg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Wed, 13 Oct 2021 04:13:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 59ms
10ms Script
application/javascript 18.66.139.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 14551538
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Cf-Id: zOn2hjujlxzdb_-cLwweZ4Sa3GnB2p_5BxRJ3WftXg4wHC3fYz6L6g==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 8ms
8ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:04:15 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 6575
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: UYvIExVjVg_WrignftM1c34-tTZqcyVzmq1GNaqdKj2vqyhihr2ECg==

POST /
kayumanis.detik.com/api/validation/ 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
165 B 29ms
27ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LW7SH9Y4G8&gtm=2oeab0&_p=1520872178&sr=1600x1200&_gaz=1&ul=en-us&cid=1770791578.1634098385&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sid=1634098384&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
360 B 67ms
23ms Ping
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LW7SH9Y4G8&cid=1770791578.1634098385&gtm=2oeab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 64ms
25ms Image
image/gif 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LW7SH9Y4G8&cid=1770791578.1634098385&gtm=2oeab0&aip=1&z=1000336913

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 32ms
6ms Image
image/gif 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&time=1634098385080&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.haibunda.com%2F&random_number=543800664&sess_cookie=874efa0717c77da90b745fb6237&sess_cookie_flag=1&user_cookie=874efa0717c77da90b745fb6237&user_cookie_flag=1&dynamic=true&domain=haibunda.com&account=iSYNs1rcy520uW&jsv=20130128&user_lang=en-US
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 05:06:47 GMT
Via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 83178
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: Lq1J8ZkKKjPVs6AH5_FCpuhkhUS4ETngiZM8oFCFqhrklpdYPprkoA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 548ms
174ms Image
text/plain 54.186.64.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.64.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-64-106.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
server: Server

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 59ms
31ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1520872178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&ul=en-us&de=UTF-8&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=140856977&gjid=1121497619&cid=1770791578.1634098385&tid=UA-891770-244&_gid=1303965659.1634098385&_r=1&gtm=2wgab0WGBMBG8&cd1=47&cd6=kehamilan%2C%20menyusui%2C%20parenting%2C%20nama%20bayi%2C%20mom%27s%20life%2C%20motherhood%2C%20cerita%20bunda%2C%20resep%2C%20tips%20%2C%20video%2C%20referensi%20produk%2C%20rekomendasi%20tempat&cd16=wp&cd17=desktop&cd19=1.431&cd48=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&z=154825893

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 304159643041671 Show response
connect.facebook.net/signals/config/ 492 KB
144 KB 16ms
8ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304159643041671?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

d8d2c8b244c540582650d98767dea827869379aca052ef4d7e68b7ae204d0fb7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 147806
x-xss-protection: 0
pragma: public
x-fb-debug: +YfBaGvnZSASzi0nUmUHPyU4dVodc1kKnCLmyZ+P5cv1Rl0M3rbMdTBp/KMIxOBSXvBTHjbJljpKB0WjC6pj2A==
x-frame-options: DENY
date: Wed, 13 Oct 2021 04:13:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
339 B 9ms
8ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8443234&ns__t=1634098385106&ns_c=UTF-8&cv=3.5&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c7=https%3A%2F%2Fwww.haibunda.com%2F&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
via: 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: K7Xe9yYOT2-mTOLHpwIP17KoEtAq72JgJRZDfwNQZeVx5tbkSb1MMA==
x-cache: Miss from cloudfront

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ZGIvLEcGZz8.es5.O/d=1/rs=AJlcJMxdG92HgWtdihCddSLl5t2p7qpF5w/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ahOxWdLemGkj2WoVUwPCSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ahOxWdLemGkj2WoVUwPCSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ahOxWdLemGkj2WoVUwPCSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ahOxWdLemGkj2WoVUwPCSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 110ms
35ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 92ms
32ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
256 B 67ms
66ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1117915544795561&correlator=4286004510658173&output=ldjh&impl=fif&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=4905536%2CHaiBunda_desktop%2Cballon_ads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634098385&dt=1634098385167&dlt=1634098383743&idt=1372&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3381077581&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2110&msz=1600x0&ga_vid=1770791578.1634098385&ga_sid=1634098385&ga_hid=1520872178&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

127b27fbf282217a4f9e0b9fce41432832253587d9ff86f4313b4d015f229acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 663ms
662ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1117915544795561&correlator=4286004510658173&output=ldjh&impl=fif&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=4905536%2CHaiBunda_desktop%2Cbottomframe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634098385&dt=1634098385175&dlt=1634098383743&idt=1372&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=528661791&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1770791578.1634098385&ga_sid=1634098385&ga_hid=1520872178&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d49848a274a3bd57445bdabc97078e9171037caedb343365b9a3413a28e2b770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8215
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 376ms
375ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1117915544795561&correlator=4286004510658173&output=ldjh&impl=fif&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=4905536%2CHaiBunda_desktop%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=pos%3Dbillboard&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634098385&dt=1634098385178&dlt=1634098383743&idt=1372&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=221&adks=3438090239&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=1770791578.1634098385&ga_sid=1634098385&ga_hid=1520872178&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

281c6b2bbf23407c16636e044f2350695d54978dbd8d74cb706d5f9131f5dcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8405
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 236ms
235ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1117915544795561&correlator=4286004510658173&output=ldjh&impl=fif&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634098385&dt=1634098385181&dlt=1634098383743&idt=1372&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=675&adks=2630211830&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1770791578.1634098385&ga_sid=1634098385&ga_hid=1520872178&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0c52f38ae08f56837fbe4789808263e485bfba6b52b35e29396fc721557c168c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11225
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
20 KB 542ms
541ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1117915544795561&correlator=4286004510658173&output=ldjh&impl=fif&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634098385&dt=1634098385183&dlt=1634098383743&idt=1372&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=960&adks=2451876870&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1770791578.1634098385&ga_sid=1634098385&ga_hid=1520872178&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

123d66a40ec08ab8aa36440f044b1f2adfeb2ed2542de1fc9657e8a094c96e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20126
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D68 6 KB
4 KB 98ms
29ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 13 Oct 2021 04:13:05 GMT
expires: Thu, 13 Oct 2022 04:13:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 45ms
20ms XHR
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-891770-244&cid=1770791578.1634098385&jid=140856977&gjid=1121497619&_gid=1303965659.1634098385&_u=YADAAUAAAAAAAC~&z=2034298215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 13 Oct 2021 04:13:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 26ms
9ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1634098385262&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634098385260.2098472105&it=1634098385104&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 Oct 2021 04:13:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 26ms
9ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1634098385265&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634098385260.2098472105&it=1634098385104&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 Oct 2021 04:13:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 89ms
30ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-891770-244&cid=1770791578.1634098385&jid=140856977&_u=YADAAUAAAAAAAC~&z=1563018701

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
24ms Image
image/gif 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-891770-244&cid=1770791578.1634098385&jid=140856977&_u=YADAAUAAAAAAAC~&z=1563018701

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 100ms
31ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=haibunda.com&host=www.haibunda.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2AB6 6 KB
3 KB 57ms
23ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 13 Oct 2021 04:13:05 GMT
expires: Thu, 13 Oct 2022 04:13:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 api Show response
www.haibunda.com/ 36 KB
9 KB 257ms
257ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0c40b8c9a39d30c74fc7ff8bdad060369a3ad7f006057c6dc64fa2f32c8a5b

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: beritautama%2F47
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=617949c80fedbde2:T=1634098385:S=ALNI_MY6_f4V3Bq9y1zkzBbs0lAs_NQv4g
content-length: 11
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: beritautama%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 69d5bbbd4c7f21bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 56 KB
12 KB 252ms
251ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

630c7612386d9f639409ea0bb7aee66e122b4f73c15528b25596bd836dbbd5b6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: search
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=617949c80fedbde2:T=1634098385:S=ALNI_MY6_f4V3Bq9y1zkzBbs0lAs_NQv4g
content-length: 34
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: search
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish3
cf-ray: 69d5bbbd5c8821bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 6 KB
2 KB 256ms
255ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94c5c8b3ad3d42a16f7d354e09c0f497c8c9cdd25aff3ad0c8c61abb4180fe7c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: author%2Fkolom
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=617949c80fedbde2:T=1634098385:S=ALNI_MY6_f4V3Bq9y1zkzBbs0lAs_NQv4g
content-length: 28
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: author%2Fkolom
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69d5bbbd5c8921bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 958 B
423 B 250ms
249ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ea4bc5c4ef75dc66dda955e8126f9b5603f5b1d573b28f667e174d4dcd3db90

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: tags%2F47
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=617949c80fedbde2:T=1634098385:S=ALNI_MY6_f4V3Bq9y1zkzBbs0lAs_NQv4g
content-length: 2
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: tags%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 69d5bbbd5c9121bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 67 KB
16 KB 254ms
253ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51fd273ed4539f69a3e685db6254c4e77983d40fe6627b9a72b37370b8830d1f

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: mostpop%2F47
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=617949c80fedbde2:T=1634098385:S=ALNI_MY6_f4V3Bq9y1zkzBbs0lAs_NQv4g
content-length: 11
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: mostpop%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 69d5bbbd6c9b21bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 247 KB
55 KB 290ms
289ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a688611ed55222a0349ff8bae8a7795dafb54f638b026cd835d3d38e5d36adf6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: nonheadline%2F47
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=617949c80fedbde2:T=1634098385:S=ALNI_MY6_f4V3Bq9y1zkzBbs0lAs_NQv4g
content-length: 21
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: nonheadline%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 69d5bbbd7ca521bd-DUS
x-xss-protection: '1;mode=block'

GET
H2 200 right-arrow.png
cdn.haibunda.com/images/ 504 B
830 B 196ms
196ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/right-arrow.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: W/"5db2a88f-1f8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asyncjs.php Show response
newrevive.detik.com/delivery/ 29 KB
7 KB 607ms
211ms Script
text/javascript 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncjs.php

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive10
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1;mode=block
expire: Wed, 13 Oct 2021 05:13:06 GMT
x-cached: MISS

GET
H2 200 detikconnect_auto_login.js Show response
cdn.detik.net.id/libs/dc/v1/ 953 B
790 B 181ms
180ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/connectdetik?fn=onLoginClient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

f2e7ba7a712928ec228f4cd3d4e6b9b5f131440fa5e97c893ba77e71c2d1f402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Jul 2020 08:08:08 GMT
server: static7
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
barrier_3: HIT
etag: W/"5f057ee8-3b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thetracker-haibunda-v3.min.js Show response
cdn.detik.net.id/loganalysistracker/ 6 KB
3 KB 185ms
184ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/thetracker-haibunda-v3.min.js?v=3.1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static7 /

Resource Hash

6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 02:34:34 GMT
server: static7
cache-status: HIT
etag: W/"6018ba3a-185f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 container.html Show response
6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C5BE 6 KB
3 KB 24ms
23ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 13 Oct 2021 04:13:05 GMT
expires: Thu, 13 Oct 2022 04:13:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1967 624 B
754 B 87ms
34ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiA1ZG1ATAB&v=APEucNU4R3GFDSJ1z_iaWAyowHooj7zDULzoMp5XwzhJPp6ebkYJ_SOGL30hAaPtG87bbPjLCu_wqDUAqzzypAFABYrxMaLcDgGLGsBlJWQpik7OTZo1cUDrhLoSsvSfpl4f-hllZpuBiU8im57Or20Kg9w7yreTm6_Sh4JQ5zj_lt77mKXHNUc

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPnoIxCA2vS7AhiA1ZG1ATAB&v=APEucNU4R3GFDSJ1z_iaWAyowHooj7zDULzoMp5XwzhJPp6ebkYJ_SOGL30hAaPtG87bbPjLCu_wqDUAqzzypAFABYrxMaLcDgGLGsBlJWQpik7OTZo1cUDrhLoSsvSfpl4f-hllZpuBiU8im57Or20Kg9w7yreTm6_Sh4JQ5zj_lt77mKXHNUc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm1DAt9oY7tRrEkN41nsiRl0rLRzJVqo88JO7avofmynRhV6N_01O1nipg27oM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 13 Oct 2021 04:13:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2AB6 12 KB
9 KB 110ms
58ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAcaj5pPDY1k1E7N6UqBqn5DafsgVL4eNQbmC-ArhCO3SZK7kwwLgDt6A6QnGTAKOofO3IFFqOUAftA2i7elzD9leFQSiW6yNAY0gnZioVVeId50TLeDOKhYWUu4TRxaGViO9rcCMutezwrObT8gZsfOP4cg&dbm_d=AKAmf-C0Eqj5tuJs5KjTiT5_Vls0c0L5XxkU67LlcvgHAOw4cOxPQa2xbK3FfksTe0fo7YbnvdhBBMtfYpthZa9h-xSK_I4T1bkjWtA0w_11RQL0NTyYpVRsXcghmcel1jhyz3lP51n5uvhZIxtl8W1tHrYZjhPcbKWjtKJfN4IkLJb5P6_2iQKX8ehBwzFTv6UcgN8uolzo3r38HmRM3Fpv1Sunwuo9p_pr8Zab263fKgtMKDa796S_RDA7KGUuocc5wRzW0Dqi4PhyZH8i3kq5IRkV13-HLYGPABTUlUbBDt1Q-7eL0lWeBQc2vkqZ1POB61qcTQFMBRcGbW1AsnxdbuBaNwHgmKg1XSYB7lo_lERTquodDlu0LzVvmJ7Qrvnl3AuBw4mU5rQbKk6gAr3n8x64MfC1CiC-qT_lT7_133v0QXTSdJkxVUYWrK__PhsOptmbxrW0rhesqojwmeer6VWCNKXjxx2ufaORAs803Sc5BZcvsJ9GwZocwOpyTlHvZRe0WBEoXrWI6JTpHwosu3G0OKfXBCxOTTsW90vVdf9zXEgKq5iPSouoRSx68kfJnDH4sKC48lArAXooXVlmWUr6qXggtHd8DTRDkw8W0mnx7Jx_1GM1o_PVq-XE0NnGLVPTkc-h9A-ug_ilfnpURdIMhAS9MX4t2R_guAvOejsD_TQ4CIKY00OIEXxV56eBqQo9Q6fwO0UXiM9RI2PSJCeMmVqWPVOi_y439ur0btBtEkmGexD8yyMo13B-yfDn6qkBE-4znKYBXovGA0fO0nNjkp2fgpRHP8287EE9mzrX5LpOcBJqzC3q_ZtUvrTUYu13FceTThlmOfF-w8tpycTbkgwXCW4ET2Kama0bwDTsRkChAELYKVrVkPMKBPRANweM41Bh9prOwfQZLCJk_p8pshqy-Ypl5y-RfufVm3amDtnIeWM9RUuMzSyTg0BKRUeMRtGp0fJepuv2abfiXbxFdrZsmPtjRuwXYkrZoSQou7JpImZLHOSkOT0OQhGrrIv_D71tTzxmg-C8Aq7HtMmE45cguLf0q4NcnSPTM0aSG5ok3eo_kZvRLC_r1kyWmZv0Xz2hLWeIniDG7x_EKZgBGYVrHTLIXzMhsXNcMI1_b_Rl6xYltgUiLNjYRE9UlIN16zoSDv9yrABAjrOKs4Jikd_62quKvVD73VQcAkCBY0Un-O9CvCABSzW-qxtSNUe8h67tl_ibNohoGLU1v3Nrb7Q46SnDeac--50EiMqYFJhrmF2vNX3M_pCgvu3qlosjMhQ_euNAlAtk54U69vL8tgNZ1Pr7uJfWS1KVP_jZxVAzhBIoQ2kvCODypJrmpxjWL6zpifZNAOKwElAYRusB2AUQUpL73Qk9O9G6PiH6MzL2FneNfHEjPGpZUwM7shKwqMcGeLpXxsnB0uRp4ud0GcbKekpWldz8YxzN8-7_BKFQqlmf02yEo_ZeeRSlkMzBwNb2WbeDE-Kgbb63mxY50MrX3EFBOKdn-7GauO1gFuoCBdZ6gWWn8J3nKiGV0TtA3WFzbhDeynOvA_acfoAA2lObTBPRzeXlIQVLa5xRaGGMYXPYUZB-fXvjTeC46coVBdvV4exGxLfeM8sKZdZk3XZKhPM4eXiTvuRTIaVw2M8Bbs7EKV9oPfYVh_Z_tcJUgjLFBC0M7Qd7ws5oK8W1B9OOB4Q2eUTFag3U3-5673jC_9ZanZWqtdSaUWNfzBwWBSPfmblj0xWDzKtz-cR0_YvWx4SKPticX2AG7QArLby0td_LtB2S-91U0pPVdvCF4eivJg7LuvJ_9cDUmudVFqrLrYY8xZr8ECGlz6IZv_NaV_CJ4sZTG7qv2SIPpPWoQW1tw9j8HgBqwTunibhASLdoojiJF9O3pmynKRCofE0J_K3UlAtdKCqWYm8Opio96mVqaBOit8n8LbALHy2RFH5wbkf6EU3EM8UjANnKqO_jm6m0HvrAdftp8gSUv05y02xn28bmkymYGuYiD16sCP_dvZn1KbLhKHdf26jk4GYQcGcLywhcIUmfCFFo711bbXDbyZDpXM0xBV0vVBsUbMT07a-7Jaln1VdpOkqNSjilyXd8sA0MCpZ3aaVb6DadQPSDGB0eYSAFkP3NXU1-iuLq-fh9h5FPThbdm9utfr8YHOS3nXe1xQqi75Rj4GFI_3IPRM6Fjh9Ic6n6XjCMbYCuj6Q7_hdbwxN7p9JyzJABHXWG13ftBMpQla2N6avpaFeH5aXERZ-OpPXSeqZKgT5BNaIo0vtcNp3MhFKIgOpcFKXosMWJVqkMrZ8VMVucSCu6zTZGTRe2m6G-sqYL8svQikac_6t-yyPk0u07JMepRQi0jQLnBbqm9xpBqou4-lu3RQ-kGX6_OnZ_L9cWWua8Q9gQ_qZV4tA1fAiCJXjgppfYXFhYVutaakqTvKqwtuZyH34i9ClCscP9kDqeHAv547xPbsJ1AnPqab2CuiKW53xSYlhmFPNEkk0s1_xe9JaaHsxD4CbN2ru9AotbXQKTadkFdgbIbtcsOsqCjOE2i3ucAqU6MoxzsuDuUvvBjBsh0h_oPbDmnfKIktNuc9F0ofupAMBCXhdG379ojn8ofQUIhvHMewGkbdtehWzgED0hbyn8MH8UIao7O7jACLiXXg&cid=CAASEuRo_C9Zjpnc5ZXJ9-GQCPzqRQ&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5c5512b016d834f10bac1a95026c6957f025c878c633f82e46962683acbc8874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8993
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AB6 42 B
63 B 75ms
44ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bn5rsUdri_okfZiFi8GLLE24e4MVbgFv85VdiRgHPGQ-H53Rw_AqoCWco6d5xcPdCQ5ihyXNCqae7VXSX0-p0aKyNYqtO_zUtf6H8_7q91l8tRxmA

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 2AB6 56 KB
19 KB 52ms
51ms Script
text/javascript 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXrOxEziExrNHLTYOmcw_SSn6Q-aFvT-hTnqBMFlQsumNbbWXk&d=CnkAoCZ_4HFWlxtXx0yaBntziDBDBIBVruOSES52gIrhK30rdMVL3_Lanns6NpPBxUtYKNY3dRiZK1EeMoKCSPp5WcrvMOfcRWU7AubKEoflsgdZr6hkVtdaRUrnjA4JYi084yb2OemdYUIngkYQJZfpviSNj2A9cqroEtkRAKAmf-Bx1NrYx7gb2M7xBlMyjEdDMI2usYdpWr9lxoDBj-l2eIUuIUk1JqatF3NYHJwR5XMhPm-jDI5vvsW2_Dl7PqwFKXE6U1HFV_KTiWanJsnc1jWUnI8ixFgXnlm3tvoO2RwxjzG5EGIEJCCHAmoyy39odo9wp37oTgGeD_z4R-7TOZrarvqM0qw4NwM7WRcaYl5CJPGuFnGdZXatvHKxTNQshloEdwEu9D1kKSqer6tW761MGA_ISp9qWVQzjtx1FUMZSZEWuerfrPYuaoMqjFMwDlwev3qsJk3GX27O14TVTU7JlUQcKSL5-8sIUUS0X4kT5Tv3Kdi44QXEst1j628sKiAy0CQ0BtYmVMExZwXI8A5nXatjjBJY88Q9csu1WDRkAaQKef8zrY2yjaK1turlA1w-64t6DXgJWiXcW1rQ_Gc5x2RJRPKtSYjAHmQTSrSEsddzxP48DNc4CZ55u6oWu5n7xQ1hUhoTsOvdFnBDU-XoxAzFWH3aWlWs4hoxc0YC0oyukyUEc3df2wRYtPglMWlno2FKZzvQEjEOw5iO6BPfB8G4ehOu4NaJcpHlv91B0t9UXQ6nlpfwdDQ19Gh7GEXAQMMI4jAhu1Ye-kZ_eKOhwLglLE48GAGGCMWe4HDIptr5F74GJVxTWjcbcDKVsmlbRK4fH-MwStGPTo27QOQdIty8nIMmDAmSDNWrrL6gZc6M_l8DKg0s6D3xEz_Jpz59U6oK-YhtQ7HS7FMQZmYr660aNvUL4zH0PNH9LgPIHecWnOno6rplobM_glRXVy0IhJ8z1FF4EqbILjzUKiWXdYdSd9ozHsuSOBZzZwxgxaJ1wLk--b8zT0XUxIpWozb_hzV5MCrLzjsIz-AFiDvryq0nWEQRmzbWDiRAfME4iZuA6UwtLnP55doWbU1XCwnNgd7iLvxn91fDv-AnUdyL3vrjpnILDaKum09gFNRztMv8dgTg_obvPeB42YKU_JLci6Q9ICIHaus3lvyJW02kAwBjVcTWPjqcumZXqKtrkFuM0PaGDqtBy6E5lkcEFk8t8LOIH7c8-Tj2Xpv4XGq6DDSDJasD4LfjrateKN-cBRe9S86SKncs9LiM5wyOuxKhWn0TGGNv_3Lhr7SGoDVF7OrQVVnZrRN1bpQE5TFqty-cQlfYyKdbNE-z4l5tOiQPcxae9XG2wOBmsrGQ38UNPVWJSZvr3XrYQ6wapLLDAocUy0Go-gBaf79XzprQgib20Bph8giBaFouy4k0vp825ZeNpy15SjbNzboKI6kVVQLbNiAZ2cJTHs16O8x3QzJXL9UfUyenMlrM2RkHTPjh4wUZ0rcYISTuVN3InQNyRNlWMRGtUlAiwONl_AisSmSajsqu_P5kwfwqWC_0PTbLKUjVsiuWPCwqXI4EZwAYfOjVfvQJul_1_4IOZjv9P8bYlg1XqhvErfMgbPqziqFJawIPVEHG9rxeIWeAR5Sgle_ORY9IsBc3kSUYL8STPtW4m8Q5B6N1vpadAx1CGhYo6K9zQ-0mHz426nZ7KbOoXO0Vv9U5Gepqj513NSx7kgLO_rc9d8fEEoRyiFnqTZPs4BwIrhXirGhH8rH0_P7w2kBBcoczsFMDKkbJn5_6hzbifMBy4ITiWVRIN4xM5TWlNWPI5zSWIlSBy5lUH9zjkc64np9wAenQKhCGhpCsOLBDq1vnbEK8bc1HrHcazxkAHhQuWsqnVqDZ6cg1XV7ITadxXHh1xWqBfGjhZFUvo78BzEEG8baZx3O_NDBySGB91i7ihoPWqmVaKyEdOjdUPQg_GU--1HWnDh9Kpy37ec9u379_qTU1QYemUR3JyfLhEsLC3zhVreGEmqWchgc3XyQKboFbbGDIjLE7-dc22Odxn0dW4FZn5C-pJaroJKjLikb1Hy7E-4f1PaHgHPBpMRUnGpw0RQKGTMCcQ0h0QbrL0jD8UGuRkIxIoY2QlDBhE9cZgTnhnaGUSJRETOb39sv1LNpzQv6zLZ-UeWvoxPTAA80iMuIqm2BWX3hyDFECdUlQrmjn9-iJ-22l0gT5Z45X6zD66YwZSlXZmOQ3uwd8vREbuOSHGM2Yk8n0F7w6P5vKqoGj5Ow5snn2tar2KU65Wmojo0wMWma6Og-YW94cPA2JvWZ-kzXkqSH-vZMvULHEaoGmWxrOqbytWh8Cpw-HSE6PuVTNBPYk2uR005o4IPqswxoGrTiRx7QWvM-rZ19pB1EfDX_126zsk4nwYA0lw-jf0xHnLCjMtqNZzFCwtejbfv020pNh5jWaAveGjy4fbpOK2GBastyAy6bBbFxC4xQzHPNFdjnbOfdw6Y3EIZyrOrWIJ1ggOPrtLbLdQwABAR6x9hp9T5lklfWUZQHUu7gsuYlg6J7I8XBKsr9JdppmQeNaM8yaNudtf-FUVTEtz8BP2zp423CKtzWn3AN4i2gmCr2HYgzKO0eD5aQw3oj491qEQuYfUHoPkLoM5zb3FBHE3caJHCIeCjIL-I5W6naRxGolpa9xXEQckb0HPCk4UKoO8BMQU7Gnzo7SPIc8VjO7DRh8uUnFvfU7slRgnkYKL6BqrHdZgQM58M5a8JiGkEO1JfkTrEF2wdSQxhukLNgOISNcTe1zhopNYA5y1m6Lu8u1kuPqmjPbAwQrFoCTIx54t2otY_-A4IBNoLH20J1SIUiYHWblGVtwDJZVfM2BlQcwvhsIG781r1JSd2DOZqPpPD_c0pb7-nYDdt9lPgoCQB9DDy--UMNA8QC0N9VJYBM57yDt5VZfRGm85PSCqVTkrhEJz5w0QqHutoS7-KFwXxEdaB-smsHSLoktfdb-niPP4ju27OVOsPDG5HRSHK19T-76vR351MsWeYdPgk1NP8FMYVH4rkpv_j6rdwFadpa-SALAPhObezyBLySYiITILwtXuqoLMSSIH9EsA6o4iF1l_XY9UBXx00yhwe43Aa8R-4HbGBlKB5-KKxDAWVHKBLXTL3lgIqmy2wmsgzl3gbZK-Nwd185bGaLOGhYIABIS5Gj8L1mOmdzllcn34ZAI_OpFYAE

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

f844cfe134e708e745147c273bd8033f316f64527a55ecfb7e563c6e1f724777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18893
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 2AB6 27 KB
10 KB 37ms
8ms Script
text/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=2&c=digitas01cont2&w=300&h=250
Requested by: Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 59d752dfa9d8b9ca85ffd56369e6954faf24194d833585aa53683523a69e534a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 09:03:54 GMT
content-encoding: gzip
server: nginx
age: 68951
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: YeM6NAmsdEvVRw10CoB2yImFk14QeROHB5e8oQm3mKJkjnyog02E4w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2AB6 3 KB
1 KB 86ms
29ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:10:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AB6 123 KB
38 KB 150ms
99ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Oct 2021 04:13:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2AB6 14 KB
7 KB 81ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 03:19:26 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 832A 624 B
340 B 55ms
35ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNVXw06TnGn_B33AWu7SaIxKO1Fac81Ux1NftUKUiEuawkYTArs8tIxlNHqPpetLEwesfjHs47SFjXHslZO1vnWUJ9_23DVV2NRVkl6uw2gQMNk_yDwvilhGruzUGw6AdW52SHiVokGlxLhS6KGWu_Ftadu7JqAsR0j8ABYb4BFxmLFV_OI

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNVXw06TnGn_B33AWu7SaIxKO1Fac81Ux1NftUKUiEuawkYTArs8tIxlNHqPpetLEwesfjHs47SFjXHslZO1vnWUJ9_23DVV2NRVkl6uw2gQMNk_yDwvilhGruzUGw6AdW52SHiVokGlxLhS6KGWu_Ftadu7JqAsR0j8ABYb4BFxmLFV_OI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm1DAt9oY7tRrEkN41nsiRl0rLRzJVqo88JO7avofmynRhV6N_01O1nipg27oM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 13 Oct 2021 04:13:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C5BE 54 KB
25 KB 82ms
62ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUYnVQ6yjlaBoivD3Er-_RDvA-L3cucg0Y6GdZu6W-e5IOkXnLmd5xlld6tOlRvO9CcMF5NZq7uHPejdToeK9f5S7l09QLYCftDAi_9a-W0ze0_MZ77x_8cnodTwHhO9qcWJuFO41LmY7t0XH53YV7-2HQhw&dbm_d=AKAmf-AqNowlRQ_Ii6ODeBb0bteIpHvCR7GMa0eezCmmiynyFstDaL6CVEoouxvcObsazQPQaLmD55V2nB5SSSz9WdbyNFRAk7HmP2ZGqeDvid3v-3Mp7PgkbK4AADW_-mSFQXFZ-AhBGwrmA1d1jyOtqpyan6nQF-UvAPK6CaR7VNKhwO8QEIfy7jnPDx68GrnnwxBf1yz7IlwiWWgPSqsEeg4r_cL5Pokl6-0SXRNDL9Nb_FBKGkNsX2UeIOp27AuDixVJI89zWzJdxBnlD7SyAwcZR-gyls4xcbI8K_oH6eiesl2efLfsiPR6yADQoBuVu1ME1KD-hFCO_yIKo1PwxnmzzWEn1GcN6Img_6ecVnfNeVHm0KOnPF89pqlwTcyQ5sAT17Xx_XooYPfZWOXwplfYCGAT_wG0Yxyyz9d6om8EA1tpq3IzdFhjuxdOw6ck7Zvl8u_qeX3zhaxRKHhBmeqmBtiaN-m9xHAyprLEPyLIccC7kX4X8Cbh_k8fdLEvUNaBTOO9DT8OZ2k8yn8OFGP_gvLMYWIBq1DXdvKcmAvLieSnbDvfLHhFhQ2FGrl-K81VxwvonmyyAh1C0JvLgfFqf5Oido8vaYwWQS4bEkIXH103W55Ah4IQ9fsy3MzbWwl_HvD6_k16Dw5tYNlXcJR-JKAalIwP8RHBc90sBPuYj5C5OW9_g8Rw9j5UUNId4o4rg5cM-QYaPrqtwhri447yBphoX8uGrSKP1-Wl4gcr-hQ5YWX2d-3VrkqTKX5M1ZYVDksnucn6tnf3uXTTEY6j0bHLoyn4LghSCojdScTUiOSHT8G5hTcFXFRTujG_zvhlw697LmQZqbJVGXxHIo0X_j6FCLe8MQ92ur-o6lZ6dTnD5LXu9Iud0zNv94SLc66-bVzCSP1JQeRrCOTneK9Qm21UPPRMNuJxE1pgQnOFBtXINlxjkrpT2Ta9BJIqlRsYKABK1yPBvIPgBjBcHCzXYQMEoIHM2HgYJk4c9s04XkLhlKxGQxG2VMY6A1l12LiFxZpi3lQT_o9kjxkbUZL3yinyljjA30xZCr_Cma34u5f2sAKx3GhAsruWHoG6ku5gV1sloC04ZHx2yb-q-U2ANyKtWSXGFN3wd0jrMuZ0YHqK610KtpcvPC36fvkpcT2s8CAQLW8z7XYq6SKJSJyDOwCyPNqeH0DILIb1vJpQDthpLF1jRyAEGYb0o0VBsJTNhLxmE8A4javLh05-U16qqCtfuc-3NWvm4Re_iyVd8DGbJqrnTUCKbCq0-7LeE79PxKmXyfQ2R5dVe1nwHvUADLC-D6NO-hECJ9I0mzOT4iMhl7-LyqaAiBOkWLTeiiyJMX5y-Xc_qM83x7aIj_WiEKFms-dDgNEouPyA_7PGyGPsFfEtdkZO07Nx5X8X_1PNxBB16hZsJNGgF4ENX73T65dUQxBAUChmQ_eJi1VHOvucboANCPAe3DXsAoRcVazlZIoxAJL54Wqui8Vq9Dr9ZnrdvVSc9cDS10VnMAepqJxf8AjCAfMG7YHAv5o9Tzr3QlNCIteYPuKTM9B1VsLqzYrNuxLYFzg1HJuLhmY5EPkk3iy9PufM9-f4Ttx_Ox52N39_OaYWLqC78lb4gtM-yg-mq0vbf5n19h8ty6n_SDHUfoDqJ0a509gODmh6Mzd8tIiUwrK6Km_pkonrv0DaVplo_cRTOBo4EYohReCjb4oBklvx6HajlCP2IauicDG-a5vtfUzopi5d76YlAuIBOdOltJzWA_TIbBwbl5kXBYJFg7mkYlsX0NRtyznXi6EZDFYy53gTBYLZmU8Lv8_DcpXfEHLtoFHGI13JtB6myRb4Pbj_GQROgW9ydZ7fqRfhvctRGLuB_gK7BExd4efUlOz1Y8AJWecQIcxBYePqfjU7XplYWN7K4j8jsRddBjzfnD3dhO3tLHkNrVyHCgO5H8tozej1ajgnsfEp9NiKZOKquX434KQDamWgOSAw7diEv3OLWPHjWmdQZNPKRHlLoxyx_0lBfZ2htORbBq3bosy1D8_vwDlMe-GvqMNLDNSnBzerJ7sQF5F0P4L_MZ6lvVTliZXhqXEd_XXUBweymZniNQsJ65_pI-xSr9omIfZVUqeZ_XOYTWAkWwBI6tl4qtRcY2PLL5VN7nmeGf0KLYNoJ6jA8ebcSLM8sAPToods2cPz1iJ0VJooKdTSjdPxv3h5d6CQ2k1VYxcLs2OEu8NP-vel0HlHi-WltZbNtIIKdOmGw4igbNqyiO3c8a1-69mckxGe3z8HsFBttVjYGFAgVGIBDSpbWOiv17KHoYqD80ITy6lgHZgAu8IvCd1i350_9U1zrBKIjM2_JmBelLrd2yOMc_STnsBtRyQMHiDwgtizd3cpAdSznhnSHd6_c2Vv2pYa1XhdP-W8POyQjz1phfILzpPpnXr8ShVdTGgHBlsaGHy6kI6y-O2fkL8jStFvF8n0VwvrDzBucED13uT3s9TOoXC_EN2F118vb7u3YVteI8m-dnn7TSlVshei-A7LKzeZLb9BqX_QfHBXtN5OHjZ4NDEHxTTi5MxDa-Ly_kTlUxiVW0YTdYXmGJZPwche6HnXY4dD8e9P-xeD5ZuKn9g2nejcplZGL6PQ1rA1o4glZcYQSwFP0yVZzBmQG3BLN2qiP3Ow8bxfpQkgwxNMLOs_pd7r02xYxkUCKFTK57hVhTjMwihNefCBP6aCvDrc8a_K3qCyeisZYWYTvkfcxV_WFy7zRQYG93guDoLN1tibz6sNfOT2mNrntyKa8UeYR0lwYpjYr2DbTw0mHNpzWnNe4ovyBwWM-NMi-uBAU9mMAsIQWrfLvVdAuArq_izZaq_KnGpBzlwrwlzpk4942DC-9rB4b_6lxkhZyJm14chPS2shsqP3t_nZXyWTG7-0UOzFUSDCVFG_fKAw6HZUkf94OM7euRCw3Qiz3EggWFgs35JyOYLrkToo6xmvBAUie6ZjlgPzhK5nYM4-QAPG-G4rCJHyEx5gvF7KsiOUVvP0zUbOui3WYKk7doZncl2D8JJcmZHVK22DSh4Jfay53E3VFyLGLbH2Z3fvtW09h87AJRwcBR2KEupZ73JXq_c6s2GAfZs-MG3n2tQRMHwu5mTmFlxlkfdlpaAGd9gqGasyKrcKGtdec_kxG7lzg60CGxmZqtvKoZIfUH-Giflas0bLasBAroRHMeSLjtf6sm7D&cid=CAASEuRoeezHmrYuOyG-qyZ7BI321w&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b4dceb5f8276f9d8fc656f3828b2070ce06692584cf1b451ac8dccc479e88ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25702
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5BE 42 B
63 B 44ms
43ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0ayYKEo_p9dv2L_8yGFM4OsMXTVqlUrCEVyiVGre7Lt6dhoF2hPkhqt5ju_0N6sON599l3IDZRA2Z3Q59yb87IzBZ2toCl4WvNcDMENwJLatQ_Zw

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame C5BE 3 KB
1 KB 76ms
50ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:10:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5BE 123 KB
37 KB 154ms
134ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Oct 2021 04:13:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame C5BE 14 KB
6 KB 51ms
25ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 03:19:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C5BE 0
0 80ms
29ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSB3Vb9TkLWb_HHfC1LGbWb0YolGjTlabUdLrsEeYuZWotIF3S2VcL5R_CWF4ZRmeeCyfLW0ww5MEFVhuvroFVyBcNadA
Requested by: Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1967
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1

43 B
1014 B

18ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiA1ZG1ATAB&v=APEucNU4R3GFDSJ1z_iaWAyowHooj7zDULzoMp5XwzhJPp6ebkYJ_SOGL30hAaPtG87bbPjLCu_wqDUAqzzypAFABYrxMaLcDgGLGsBlJWQpik7OTZo1cUDrhLoSsvSfpl4f-hllZpuBiU8im57Or20Kg9w7yreTm6_Sh4JQ5zj_lt77mKXHNUc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Oct 2021 04:13:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1967
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWZc0YWH8DJ.LJEzcaHH3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2

43 B
1014 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiA1ZG1ATAB&v=APEucNU4R3GFDSJ1z_iaWAyowHooj7zDULzoMp5XwzhJPp6ebkYJ_SOGL30hAaPtG87bbPjLCu_wqDUAqzzypAFABYrxMaLcDgGLGsBlJWQpik7OTZo1cUDrhLoSsvSfpl4f-hllZpuBiU8im57Or20Kg9w7yreTm6_Sh4JQ5zj_lt77mKXHNUc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Oct 2021 04:13:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1967
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1

0
578 B

25ms
13ms

Image
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiA1ZG1ATAB&v=APEucNU4R3GFDSJ1z_iaWAyowHooj7zDULzoMp5XwzhJPp6ebkYJ_SOGL30hAaPtG87bbPjLCu_wqDUAqzzypAFABYrxMaLcDgGLGsBlJWQpik7OTZo1cUDrhLoSsvSfpl4f-hllZpuBiU8im57Or20Kg9w7yreTm6_Sh4JQ5zj_lt77mKXHNUc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:05 GMT
X-Proxy-Origin: 216.131.111.33; 216.131.111.33; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 94e7a147-8e22-45c9-941a-c4e0dfeb2e03
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:05 GMT
X-Proxy-Origin: 216.131.111.33; 216.131.111.33; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 842dc157-7d50-42b8-8057-1272eacd3f84
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B1BA 6 KB
3 KB 28ms
27ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 13 Oct 2021 04:13:05 GMT
expires: Thu, 13 Oct 2022 04:13:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.js Show response
static.vidy.com/0.38.5/ 767 KB
246 KB 51ms
21ms Script
application/javascript 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/index.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151626
age: 1928431
x-guploader-uploadid: ADPycdudrbLalRfpktf0avHg99gbjC-Zvg4GfuY7C6WRWkcF6Bl_jA2LRWjf-5fmoiZKoD117_FcXgs6tKnVkdDenG4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"adb6bb0bddb9236e076354be09c1d8df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=vk2y4g==, md5=rba7C925I24HY1S+CcHY3w==
x-goog-generation: 1632151645319398
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 785503
cf-ray: 69d5bbbf5aeb2181-DUS
expires: Tue, 20 Sep 2022 15:29:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 832A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1

43 B
894 B

16ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNVXw06TnGn_B33AWu7SaIxKO1Fac81Ux1NftUKUiEuawkYTArs8tIxlNHqPpetLEwesfjHs47SFjXHslZO1vnWUJ9_23DVV2NRVkl6uw2gQMNk_yDwvilhGruzUGw6AdW52SHiVokGlxLhS6KGWu_Ftadu7JqAsR0j8ABYb4BFxmLFV_OI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Oct 2021 04:13:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 832A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWZc0YWH8DJ.LJEzcaHH3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2

43 B
1014 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNVXw06TnGn_B33AWu7SaIxKO1Fac81Ux1NftUKUiEuawkYTArs8tIxlNHqPpetLEwesfjHs47SFjXHslZO1vnWUJ9_23DVV2NRVkl6uw2gQMNk_yDwvilhGruzUGw6AdW52SHiVokGlxLhS6KGWu_Ftadu7JqAsR0j8ABYb4BFxmLFV_OI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Oct 2021 04:13:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8b1M25DUGEcNGuv2Hg8qY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 832A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1

0
578 B

18ms
13ms

Image
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNVXw06TnGn_B33AWu7SaIxKO1Fac81Ux1NftUKUiEuawkYTArs8tIxlNHqPpetLEwesfjHs47SFjXHslZO1vnWUJ9_23DVV2NRVkl6uw2gQMNk_yDwvilhGruzUGw6AdW52SHiVokGlxLhS6KGWu_Ftadu7JqAsR0j8ABYb4BFxmLFV_OI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:05 GMT
X-Proxy-Origin: 216.131.111.33; 216.131.111.33; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 05995336-57b1-4998-bfff-df3b37be7f8f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI8SSW2senZF-jiIWA6mcKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 832A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:05 GMT
X-Proxy-Origin: 216.131.111.33; 216.131.111.33; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 05a3be66-010d-4206-8871-075d5ee0b929
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE3Nzg2Mjk1MDQzMTM2NjgwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2AB6 41 KB
15 KB 64ms
28ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAcaj5pPDY1k1E7N6UqBqn5DafsgVL4eNQbmC-ArhCO3SZK7kwwLgDt6A6QnGTAKOofO3IFFqOUAftA2i7elzD9leFQSiW6yNAY0gnZioVVeId50TLeDOKhYWUu4TRxaGViO9rcCMutezwrObT8gZsfOP4cg&dbm_d=AKAmf-C0Eqj5tuJs5KjTiT5_Vls0c0L5XxkU67LlcvgHAOw4cOxPQa2xbK3FfksTe0fo7YbnvdhBBMtfYpthZa9h-xSK_I4T1bkjWtA0w_11RQL0NTyYpVRsXcghmcel1jhyz3lP51n5uvhZIxtl8W1tHrYZjhPcbKWjtKJfN4IkLJb5P6_2iQKX8ehBwzFTv6UcgN8uolzo3r38HmRM3Fpv1Sunwuo9p_pr8Zab263fKgtMKDa796S_RDA7KGUuocc5wRzW0Dqi4PhyZH8i3kq5IRkV13-HLYGPABTUlUbBDt1Q-7eL0lWeBQc2vkqZ1POB61qcTQFMBRcGbW1AsnxdbuBaNwHgmKg1XSYB7lo_lERTquodDlu0LzVvmJ7Qrvnl3AuBw4mU5rQbKk6gAr3n8x64MfC1CiC-qT_lT7_133v0QXTSdJkxVUYWrK__PhsOptmbxrW0rhesqojwmeer6VWCNKXjxx2ufaORAs803Sc5BZcvsJ9GwZocwOpyTlHvZRe0WBEoXrWI6JTpHwosu3G0OKfXBCxOTTsW90vVdf9zXEgKq5iPSouoRSx68kfJnDH4sKC48lArAXooXVlmWUr6qXggtHd8DTRDkw8W0mnx7Jx_1GM1o_PVq-XE0NnGLVPTkc-h9A-ug_ilfnpURdIMhAS9MX4t2R_guAvOejsD_TQ4CIKY00OIEXxV56eBqQo9Q6fwO0UXiM9RI2PSJCeMmVqWPVOi_y439ur0btBtEkmGexD8yyMo13B-yfDn6qkBE-4znKYBXovGA0fO0nNjkp2fgpRHP8287EE9mzrX5LpOcBJqzC3q_ZtUvrTUYu13FceTThlmOfF-w8tpycTbkgwXCW4ET2Kama0bwDTsRkChAELYKVrVkPMKBPRANweM41Bh9prOwfQZLCJk_p8pshqy-Ypl5y-RfufVm3amDtnIeWM9RUuMzSyTg0BKRUeMRtGp0fJepuv2abfiXbxFdrZsmPtjRuwXYkrZoSQou7JpImZLHOSkOT0OQhGrrIv_D71tTzxmg-C8Aq7HtMmE45cguLf0q4NcnSPTM0aSG5ok3eo_kZvRLC_r1kyWmZv0Xz2hLWeIniDG7x_EKZgBGYVrHTLIXzMhsXNcMI1_b_Rl6xYltgUiLNjYRE9UlIN16zoSDv9yrABAjrOKs4Jikd_62quKvVD73VQcAkCBY0Un-O9CvCABSzW-qxtSNUe8h67tl_ibNohoGLU1v3Nrb7Q46SnDeac--50EiMqYFJhrmF2vNX3M_pCgvu3qlosjMhQ_euNAlAtk54U69vL8tgNZ1Pr7uJfWS1KVP_jZxVAzhBIoQ2kvCODypJrmpxjWL6zpifZNAOKwElAYRusB2AUQUpL73Qk9O9G6PiH6MzL2FneNfHEjPGpZUwM7shKwqMcGeLpXxsnB0uRp4ud0GcbKekpWldz8YxzN8-7_BKFQqlmf02yEo_ZeeRSlkMzBwNb2WbeDE-Kgbb63mxY50MrX3EFBOKdn-7GauO1gFuoCBdZ6gWWn8J3nKiGV0TtA3WFzbhDeynOvA_acfoAA2lObTBPRzeXlIQVLa5xRaGGMYXPYUZB-fXvjTeC46coVBdvV4exGxLfeM8sKZdZk3XZKhPM4eXiTvuRTIaVw2M8Bbs7EKV9oPfYVh_Z_tcJUgjLFBC0M7Qd7ws5oK8W1B9OOB4Q2eUTFag3U3-5673jC_9ZanZWqtdSaUWNfzBwWBSPfmblj0xWDzKtz-cR0_YvWx4SKPticX2AG7QArLby0td_LtB2S-91U0pPVdvCF4eivJg7LuvJ_9cDUmudVFqrLrYY8xZr8ECGlz6IZv_NaV_CJ4sZTG7qv2SIPpPWoQW1tw9j8HgBqwTunibhASLdoojiJF9O3pmynKRCofE0J_K3UlAtdKCqWYm8Opio96mVqaBOit8n8LbALHy2RFH5wbkf6EU3EM8UjANnKqO_jm6m0HvrAdftp8gSUv05y02xn28bmkymYGuYiD16sCP_dvZn1KbLhKHdf26jk4GYQcGcLywhcIUmfCFFo711bbXDbyZDpXM0xBV0vVBsUbMT07a-7Jaln1VdpOkqNSjilyXd8sA0MCpZ3aaVb6DadQPSDGB0eYSAFkP3NXU1-iuLq-fh9h5FPThbdm9utfr8YHOS3nXe1xQqi75Rj4GFI_3IPRM6Fjh9Ic6n6XjCMbYCuj6Q7_hdbwxN7p9JyzJABHXWG13ftBMpQla2N6avpaFeH5aXERZ-OpPXSeqZKgT5BNaIo0vtcNp3MhFKIgOpcFKXosMWJVqkMrZ8VMVucSCu6zTZGTRe2m6G-sqYL8svQikac_6t-yyPk0u07JMepRQi0jQLnBbqm9xpBqou4-lu3RQ-kGX6_OnZ_L9cWWua8Q9gQ_qZV4tA1fAiCJXjgppfYXFhYVutaakqTvKqwtuZyH34i9ClCscP9kDqeHAv547xPbsJ1AnPqab2CuiKW53xSYlhmFPNEkk0s1_xe9JaaHsxD4CbN2ru9AotbXQKTadkFdgbIbtcsOsqCjOE2i3ucAqU6MoxzsuDuUvvBjBsh0h_oPbDmnfKIktNuc9F0ofupAMBCXhdG379ojn8ofQUIhvHMewGkbdtehWzgED0hbyn8MH8UIao7O7jACLiXXg&cid=CAASEuRo_C9Zjpnc5ZXJ9-GQCPzqRQ&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 11 Oct 2022 10:04:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame C5BE 23 KB
9 KB 24ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUYnVQ6yjlaBoivD3Er-_RDvA-L3cucg0Y6GdZu6W-e5IOkXnLmd5xlld6tOlRvO9CcMF5NZq7uHPejdToeK9f5S7l09QLYCftDAi_9a-W0ze0_MZ77x_8cnodTwHhO9qcWJuFO41LmY7t0XH53YV7-2HQhw&dbm_d=AKAmf-AqNowlRQ_Ii6ODeBb0bteIpHvCR7GMa0eezCmmiynyFstDaL6CVEoouxvcObsazQPQaLmD55V2nB5SSSz9WdbyNFRAk7HmP2ZGqeDvid3v-3Mp7PgkbK4AADW_-mSFQXFZ-AhBGwrmA1d1jyOtqpyan6nQF-UvAPK6CaR7VNKhwO8QEIfy7jnPDx68GrnnwxBf1yz7IlwiWWgPSqsEeg4r_cL5Pokl6-0SXRNDL9Nb_FBKGkNsX2UeIOp27AuDixVJI89zWzJdxBnlD7SyAwcZR-gyls4xcbI8K_oH6eiesl2efLfsiPR6yADQoBuVu1ME1KD-hFCO_yIKo1PwxnmzzWEn1GcN6Img_6ecVnfNeVHm0KOnPF89pqlwTcyQ5sAT17Xx_XooYPfZWOXwplfYCGAT_wG0Yxyyz9d6om8EA1tpq3IzdFhjuxdOw6ck7Zvl8u_qeX3zhaxRKHhBmeqmBtiaN-m9xHAyprLEPyLIccC7kX4X8Cbh_k8fdLEvUNaBTOO9DT8OZ2k8yn8OFGP_gvLMYWIBq1DXdvKcmAvLieSnbDvfLHhFhQ2FGrl-K81VxwvonmyyAh1C0JvLgfFqf5Oido8vaYwWQS4bEkIXH103W55Ah4IQ9fsy3MzbWwl_HvD6_k16Dw5tYNlXcJR-JKAalIwP8RHBc90sBPuYj5C5OW9_g8Rw9j5UUNId4o4rg5cM-QYaPrqtwhri447yBphoX8uGrSKP1-Wl4gcr-hQ5YWX2d-3VrkqTKX5M1ZYVDksnucn6tnf3uXTTEY6j0bHLoyn4LghSCojdScTUiOSHT8G5hTcFXFRTujG_zvhlw697LmQZqbJVGXxHIo0X_j6FCLe8MQ92ur-o6lZ6dTnD5LXu9Iud0zNv94SLc66-bVzCSP1JQeRrCOTneK9Qm21UPPRMNuJxE1pgQnOFBtXINlxjkrpT2Ta9BJIqlRsYKABK1yPBvIPgBjBcHCzXYQMEoIHM2HgYJk4c9s04XkLhlKxGQxG2VMY6A1l12LiFxZpi3lQT_o9kjxkbUZL3yinyljjA30xZCr_Cma34u5f2sAKx3GhAsruWHoG6ku5gV1sloC04ZHx2yb-q-U2ANyKtWSXGFN3wd0jrMuZ0YHqK610KtpcvPC36fvkpcT2s8CAQLW8z7XYq6SKJSJyDOwCyPNqeH0DILIb1vJpQDthpLF1jRyAEGYb0o0VBsJTNhLxmE8A4javLh05-U16qqCtfuc-3NWvm4Re_iyVd8DGbJqrnTUCKbCq0-7LeE79PxKmXyfQ2R5dVe1nwHvUADLC-D6NO-hECJ9I0mzOT4iMhl7-LyqaAiBOkWLTeiiyJMX5y-Xc_qM83x7aIj_WiEKFms-dDgNEouPyA_7PGyGPsFfEtdkZO07Nx5X8X_1PNxBB16hZsJNGgF4ENX73T65dUQxBAUChmQ_eJi1VHOvucboANCPAe3DXsAoRcVazlZIoxAJL54Wqui8Vq9Dr9ZnrdvVSc9cDS10VnMAepqJxf8AjCAfMG7YHAv5o9Tzr3QlNCIteYPuKTM9B1VsLqzYrNuxLYFzg1HJuLhmY5EPkk3iy9PufM9-f4Ttx_Ox52N39_OaYWLqC78lb4gtM-yg-mq0vbf5n19h8ty6n_SDHUfoDqJ0a509gODmh6Mzd8tIiUwrK6Km_pkonrv0DaVplo_cRTOBo4EYohReCjb4oBklvx6HajlCP2IauicDG-a5vtfUzopi5d76YlAuIBOdOltJzWA_TIbBwbl5kXBYJFg7mkYlsX0NRtyznXi6EZDFYy53gTBYLZmU8Lv8_DcpXfEHLtoFHGI13JtB6myRb4Pbj_GQROgW9ydZ7fqRfhvctRGLuB_gK7BExd4efUlOz1Y8AJWecQIcxBYePqfjU7XplYWN7K4j8jsRddBjzfnD3dhO3tLHkNrVyHCgO5H8tozej1ajgnsfEp9NiKZOKquX434KQDamWgOSAw7diEv3OLWPHjWmdQZNPKRHlLoxyx_0lBfZ2htORbBq3bosy1D8_vwDlMe-GvqMNLDNSnBzerJ7sQF5F0P4L_MZ6lvVTliZXhqXEd_XXUBweymZniNQsJ65_pI-xSr9omIfZVUqeZ_XOYTWAkWwBI6tl4qtRcY2PLL5VN7nmeGf0KLYNoJ6jA8ebcSLM8sAPToods2cPz1iJ0VJooKdTSjdPxv3h5d6CQ2k1VYxcLs2OEu8NP-vel0HlHi-WltZbNtIIKdOmGw4igbNqyiO3c8a1-69mckxGe3z8HsFBttVjYGFAgVGIBDSpbWOiv17KHoYqD80ITy6lgHZgAu8IvCd1i350_9U1zrBKIjM2_JmBelLrd2yOMc_STnsBtRyQMHiDwgtizd3cpAdSznhnSHd6_c2Vv2pYa1XhdP-W8POyQjz1phfILzpPpnXr8ShVdTGgHBlsaGHy6kI6y-O2fkL8jStFvF8n0VwvrDzBucED13uT3s9TOoXC_EN2F118vb7u3YVteI8m-dnn7TSlVshei-A7LKzeZLb9BqX_QfHBXtN5OHjZ4NDEHxTTi5MxDa-Ly_kTlUxiVW0YTdYXmGJZPwche6HnXY4dD8e9P-xeD5ZuKn9g2nejcplZGL6PQ1rA1o4glZcYQSwFP0yVZzBmQG3BLN2qiP3Ow8bxfpQkgwxNMLOs_pd7r02xYxkUCKFTK57hVhTjMwihNefCBP6aCvDrc8a_K3qCyeisZYWYTvkfcxV_WFy7zRQYG93guDoLN1tibz6sNfOT2mNrntyKa8UeYR0lwYpjYr2DbTw0mHNpzWnNe4ovyBwWM-NMi-uBAU9mMAsIQWrfLvVdAuArq_izZaq_KnGpBzlwrwlzpk4942DC-9rB4b_6lxkhZyJm14chPS2shsqP3t_nZXyWTG7-0UOzFUSDCVFG_fKAw6HZUkf94OM7euRCw3Qiz3EggWFgs35JyOYLrkToo6xmvBAUie6ZjlgPzhK5nYM4-QAPG-G4rCJHyEx5gvF7KsiOUVvP0zUbOui3WYKk7doZncl2D8JJcmZHVK22DSh4Jfay53E3VFyLGLbH2Z3fvtW09h87AJRwcBR2KEupZ73JXq_c6s2GAfZs-MG3n2tQRMHwu5mTmFlxlkfdlpaAGd9gqGasyKrcKGtdec_kxG7lzg60CGxmZqtvKoZIfUH-Giflas0bLasBAroRHMeSLjtf6sm7D&cid=CAASEuRoeezHmrYuOyG-qyZ7BI321w&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:04:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame C5BE 8 KB
3 KB 24ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:05:07 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5BE 0
592 B 133ms
46ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_48OxyJ8blRiS5kIQal0z5mMHKtJUI3bo7sfIf_8kkaibxjyBOYG-FiX0CaN3fpgfazEDSHLfiVRUM-oC8TqQfr7lopggIkWdiFxj7LZ474mNfZAbG3kwYjmwqwmEC7s8qlyD--HK4CCmHIIrFHuTUeH511Yso1vA4PXHMfSoFbgrwVyjSJbN9ecfCeEu93gyK0gyVeCWt47b1fXSVVxOVJDYi5ZdPIwDdK8z_Ievgfd6jIqJOasX171hJ2aFyPdJWswH-kQrXZN-hfbTx5iEowA3aJEY6tPDdjwlF0OpvtDlwW5O3pbOU1fVhYF5Yz6d_7Iv7oOq2pzsRkMICKXKCZX1GIirxfI-iJTc87rPMGK05_hNRPoDBlCKB4SzRBA_cLrznHBEDJeGw5N4fXEkVIKZlqDpMEvsQSczv40qleamUjlloWtopcb9Ub3nqPvfFG3CWeM0d1PltZDG-Uv2suV8YYQZIFmBdd9UFeunmy3GeBZvsgr3lwelDGpiXhmy6i-hzzajJ8mP7Yk0RVCqMnQrmc8XJQX7t067agqeZ4ArBARAutsOYBVRM3vqJZonafPVeHzO_cZPWOaZV00Rt76zmx5fXOtxOn4I4AD7Fq4rxxvG4p1uJWN4jAex4yP1AC16RaOOH6_p-Ge3czFYLpswhOne434Xuq5GSSYvNtvoo0fgnqYuYvuBiDKXhHDKcpux-GStWESsuQc3EziCFTOxEnQSoH1X_i0F9Oe4WeNArU23GmppVm1kofxj2Jp1UgA-3xogH5y7Y97JNfX9DLLIY0DFtWGkEh5zcgWcGJIbIp4P5y8StiR_zVV192UsTNa5988j3o5gAqwGgIRhYkYmeCpe1M40dkpR7Rmn0NwSY7fa15MOdIkBGyVm7gORA0poZIMgtut3UL8Amh6Ntx5dp-qX3QvQOl3sLhKNHoYwVGhE7Om6XyKQ47PZa-NlkuvcF6Yhs2QzvE8DFepk4y_7gFqBreBenW7R4dk4C68YKGb24aMHHeN-iHeCrHPHg9O-Y6RHbmv96jrDSow1GZ51M_cYP0B5rKATPr0O5reDAK6Et5XMa0LU1ujPjkdK7A4oVtHz4uqC-Kd5dGz65YkAUdXqIyZ5_MXHSy2q-QS3RYcIfopQiaIsc4yLmqSGBxhYB89vxKJR3QlMVBsAL704eWjV1emrxiOgfJOfDFvnmiR1N3RAEsBQF9LHBxVrKV_kPh8y4U9FQN_NV0AbCaUD0lkSEFSKlOzE1wZ__OCiBCUf_FpcNYmBs0AE7YN0bNCu3FPk0cPUhI1GlmWMbZ3Hq7MrQymIG5Pa-tT0Q_nkLS0-&sai=AMfl-YQfcodHximVHDo5SuMjT47X6PpwVV_CuFu5l4Nx3Ksa5W6wNg3hWc0wO0fdt2araXgWK2TCR6DNT8GT-qgb8vrhys2wL5oOHXnVgHvnrC-E3vRL9lVeQmpjGeaLFm2YfsuWGIM11NzwGJOuZc_lWeqt5_Kssw&sig=Cg0ArKJSzNfu8_y2bbIDEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211011.55954&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 13 Oct 2021 04:13:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C5BE 41 KB
15 KB 34ms
30ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 11 Oct 2022 10:04:52 GMT

GET
H2 200 10112021-024442248-970x250px.png
s0.2mdn.net/10187774/ Frame C5BE 125 KB
126 KB 86ms
27ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10187774/10112021-024442248-970x250px.png

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

f963d7f8b37b4af6198b301528e0afb9f13719f9a18732827ddea23e16799a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:02:25 GMT
x-content-type-options: nosniff
age: 65440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128411
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 09:44:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 10:02:25 GMT

GET
H2 200 me.html Show response
connect.detik.com/token/ Frame A318 288 B
388 B 648ms
215ms Document
text/html 103.49.221.173
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.49.221.173 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-173-221-49-103.detik.com

Software

Tengine /

Resource Hash

4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: connect.detik.com
:scheme: https
:path: /token/me.html?autoLogin=1&clientId=10166
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

server: Tengine
date: Wed, 13 Oct 2021 04:13:06 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Cookie
serverloc: dc2
content-encoding: gzip

GET
H3 200 ad_ Show response
fundingchoicesmessages.google.com/f/AGSKWxW-nKnBANecMSJPlgPwRyuBoa0kqlOhdQiRqNIiz9HNVV4zXUeK-EosdOePvgaULsUdN2I8Pq-eZDkzunLaoZg5vgXiR1S6ntnfKyhFQzRkmg34RY9y9pCDppYRYu_x8RJ0o4Nvml57WOOlAJeCI4yEqf93z... 54 B
106 B 44ms
43ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-nKnBANecMSJPlgPwRyuBoa0kqlOhdQiRqNIiz9HNVV4zXUeK-EosdOePvgaULsUdN2I8Pq-eZDkzunLaoZg5vgXiR1S6ntnfKyhFQzRkmg34RY9y9pCDppYRYu_x8RJ0o4Nvml57WOOlAJeCI4yEqf93zP9B20CBMLWpJKmIcK6wFPTZAe-I1dR4kRqimEliKrtsHOfW_4JMiqDr15Ljw2sHjfuoEee2fiJgLjHcwFk=/_/jstextad./KalahariAds./getad./ads-300-.org/ad_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

0fce314cf22a309483ef76aabe3c515e7909b4051b5c6a90cad1ff3b478546cd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-+7Ou7xUH+3xsSUwJkcMXHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+7Ou7xUH+3xsSUwJkcMXHg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-+7Ou7xUH+3xsSUwJkcMXHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+7Ou7xUH+3xsSUwJkcMXHg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 76 KB
28 KB 28ms
28ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a471fc4a4fe0c78c6e8c66be713c066849a5b22bcc801d55d0ec562fd78496b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28336
x-xss-protection: 0
server: cafe
etag: 2614243256925753782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 04:29:56 GMT

POST
H3 204 AGSKWxV8puDnr2AMKMqbOLX8_W-GwyRGN-t0CiAx_tUpIxbO2YzTFBUBy37Zvb5aLcqjKQrfIh6Nk2PKuwfZVqD_u-CrAFujcUhjrQukr-MHAza_FQcKOfqsfCqyNO3odh3omvgamjHccDl7qb4MDxpJvqu-3iuAfqxkDCQD07WAExASxjvGukYyFsezxVZ5 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 39ms
38ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV8puDnr2AMKMqbOLX8_W-GwyRGN-t0CiAx_tUpIxbO2YzTFBUBy37Zvb5aLcqjKQrfIh6Nk2PKuwfZVqD_u-CrAFujcUhjrQukr-MHAza_FQcKOfqsfCqyNO3odh3omvgamjHccDl7qb4MDxpJvqu-3iuAfqxkDCQD07WAExASxjvGukYyFsezxVZ5

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Soo+qCMkvhvPMi+JUgABRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Soo+qCMkvhvPMi+JUgABRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Soo+qCMkvhvPMi+JUgABRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Soo+qCMkvhvPMi+JUgABRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B849 0
18 B 18ms
7ms Document
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2415
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.haibunda.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
cookie: fr=0mZNpylk9bipB5669..BhZlzR...1.0.BhZlzR.
Upgrade-Insecure-Requests: 1
Origin: https://www.haibunda.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 13 Oct 2021 04:13:05 GMT

GET
H2 200 montserrat-bold.ttf
cdn.haibunda.com/fonts/ 43 KB
44 KB 198ms
196ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-bold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-acac"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 44204
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 opensans-light.ttf
cdn.haibunda.com/fonts/ 36 KB
37 KB 197ms
196ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-light.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-91d8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 37336
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 ajax-loader.gif
cdn.haibunda.com/css/ 0
0 193ms
193ms Image
text/html 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.haibunda.com/css/ajax-loader.gif
Requested by: Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-172-221-49-103.detik.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 left-arrow-pink.png
cdn.haibunda.com/images/ 1 KB
1 KB 192ms
192ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/left-arrow-pink.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:32:33 GMT
server: static7
cache-status: HIT
etag: W/"5f72e311-451"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 right-arrow-pink.png
cdn.haibunda.com/images/ 1 KB
1 KB 191ms
191ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/right-arrow-pink.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:32:33 GMT
server: static7
cache-status: HIT
etag: W/"5f72e311-449"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
88 B 217ms
217ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: newsfeed1
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=2a14934de58f8c0f:T=1634098385:S=ALNI_MacukvWfQbLBTyFs96XMuaSmcb_mg
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: newsfeed1
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69d5bbc01f5121bd-DUS
x-xss-protection: '1;mode=block'

GET
H3 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 2AB6 114 KB
39 KB 50ms
21ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 11:05:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 2AB6 8 KB
3 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXrOxEziExrNHLTYOmcw_SSn6Q-aFvT-hTnqBMFlQsumNbbWXk&d=CnkAoCZ_4HFWlxtXx0yaBntziDBDBIBVruOSES52gIrhK30rdMVL3_Lanns6NpPBxUtYKNY3dRiZK1EeMoKCSPp5WcrvMOfcRWU7AubKEoflsgdZr6hkVtdaRUrnjA4JYi084yb2OemdYUIngkYQJZfpviSNj2A9cqroEtkRAKAmf-Bx1NrYx7gb2M7xBlMyjEdDMI2usYdpWr9lxoDBj-l2eIUuIUk1JqatF3NYHJwR5XMhPm-jDI5vvsW2_Dl7PqwFKXE6U1HFV_KTiWanJsnc1jWUnI8ixFgXnlm3tvoO2RwxjzG5EGIEJCCHAmoyy39odo9wp37oTgGeD_z4R-7TOZrarvqM0qw4NwM7WRcaYl5CJPGuFnGdZXatvHKxTNQshloEdwEu9D1kKSqer6tW761MGA_ISp9qWVQzjtx1FUMZSZEWuerfrPYuaoMqjFMwDlwev3qsJk3GX27O14TVTU7JlUQcKSL5-8sIUUS0X4kT5Tv3Kdi44QXEst1j628sKiAy0CQ0BtYmVMExZwXI8A5nXatjjBJY88Q9csu1WDRkAaQKef8zrY2yjaK1turlA1w-64t6DXgJWiXcW1rQ_Gc5x2RJRPKtSYjAHmQTSrSEsddzxP48DNc4CZ55u6oWu5n7xQ1hUhoTsOvdFnBDU-XoxAzFWH3aWlWs4hoxc0YC0oyukyUEc3df2wRYtPglMWlno2FKZzvQEjEOw5iO6BPfB8G4ehOu4NaJcpHlv91B0t9UXQ6nlpfwdDQ19Gh7GEXAQMMI4jAhu1Ye-kZ_eKOhwLglLE48GAGGCMWe4HDIptr5F74GJVxTWjcbcDKVsmlbRK4fH-MwStGPTo27QOQdIty8nIMmDAmSDNWrrL6gZc6M_l8DKg0s6D3xEz_Jpz59U6oK-YhtQ7HS7FMQZmYr660aNvUL4zH0PNH9LgPIHecWnOno6rplobM_glRXVy0IhJ8z1FF4EqbILjzUKiWXdYdSd9ozHsuSOBZzZwxgxaJ1wLk--b8zT0XUxIpWozb_hzV5MCrLzjsIz-AFiDvryq0nWEQRmzbWDiRAfME4iZuA6UwtLnP55doWbU1XCwnNgd7iLvxn91fDv-AnUdyL3vrjpnILDaKum09gFNRztMv8dgTg_obvPeB42YKU_JLci6Q9ICIHaus3lvyJW02kAwBjVcTWPjqcumZXqKtrkFuM0PaGDqtBy6E5lkcEFk8t8LOIH7c8-Tj2Xpv4XGq6DDSDJasD4LfjrateKN-cBRe9S86SKncs9LiM5wyOuxKhWn0TGGNv_3Lhr7SGoDVF7OrQVVnZrRN1bpQE5TFqty-cQlfYyKdbNE-z4l5tOiQPcxae9XG2wOBmsrGQ38UNPVWJSZvr3XrYQ6wapLLDAocUy0Go-gBaf79XzprQgib20Bph8giBaFouy4k0vp825ZeNpy15SjbNzboKI6kVVQLbNiAZ2cJTHs16O8x3QzJXL9UfUyenMlrM2RkHTPjh4wUZ0rcYISTuVN3InQNyRNlWMRGtUlAiwONl_AisSmSajsqu_P5kwfwqWC_0PTbLKUjVsiuWPCwqXI4EZwAYfOjVfvQJul_1_4IOZjv9P8bYlg1XqhvErfMgbPqziqFJawIPVEHG9rxeIWeAR5Sgle_ORY9IsBc3kSUYL8STPtW4m8Q5B6N1vpadAx1CGhYo6K9zQ-0mHz426nZ7KbOoXO0Vv9U5Gepqj513NSx7kgLO_rc9d8fEEoRyiFnqTZPs4BwIrhXirGhH8rH0_P7w2kBBcoczsFMDKkbJn5_6hzbifMBy4ITiWVRIN4xM5TWlNWPI5zSWIlSBy5lUH9zjkc64np9wAenQKhCGhpCsOLBDq1vnbEK8bc1HrHcazxkAHhQuWsqnVqDZ6cg1XV7ITadxXHh1xWqBfGjhZFUvo78BzEEG8baZx3O_NDBySGB91i7ihoPWqmVaKyEdOjdUPQg_GU--1HWnDh9Kpy37ec9u379_qTU1QYemUR3JyfLhEsLC3zhVreGEmqWchgc3XyQKboFbbGDIjLE7-dc22Odxn0dW4FZn5C-pJaroJKjLikb1Hy7E-4f1PaHgHPBpMRUnGpw0RQKGTMCcQ0h0QbrL0jD8UGuRkIxIoY2QlDBhE9cZgTnhnaGUSJRETOb39sv1LNpzQv6zLZ-UeWvoxPTAA80iMuIqm2BWX3hyDFECdUlQrmjn9-iJ-22l0gT5Z45X6zD66YwZSlXZmOQ3uwd8vREbuOSHGM2Yk8n0F7w6P5vKqoGj5Ow5snn2tar2KU65Wmojo0wMWma6Og-YW94cPA2JvWZ-kzXkqSH-vZMvULHEaoGmWxrOqbytWh8Cpw-HSE6PuVTNBPYk2uR005o4IPqswxoGrTiRx7QWvM-rZ19pB1EfDX_126zsk4nwYA0lw-jf0xHnLCjMtqNZzFCwtejbfv020pNh5jWaAveGjy4fbpOK2GBastyAy6bBbFxC4xQzHPNFdjnbOfdw6Y3EIZyrOrWIJ1ggOPrtLbLdQwABAR6x9hp9T5lklfWUZQHUu7gsuYlg6J7I8XBKsr9JdppmQeNaM8yaNudtf-FUVTEtz8BP2zp423CKtzWn3AN4i2gmCr2HYgzKO0eD5aQw3oj491qEQuYfUHoPkLoM5zb3FBHE3caJHCIeCjIL-I5W6naRxGolpa9xXEQckb0HPCk4UKoO8BMQU7Gnzo7SPIc8VjO7DRh8uUnFvfU7slRgnkYKL6BqrHdZgQM58M5a8JiGkEO1JfkTrEF2wdSQxhukLNgOISNcTe1zhopNYA5y1m6Lu8u1kuPqmjPbAwQrFoCTIx54t2otY_-A4IBNoLH20J1SIUiYHWblGVtwDJZVfM2BlQcwvhsIG781r1JSd2DOZqPpPD_c0pb7-nYDdt9lPgoCQB9DDy--UMNA8QC0N9VJYBM57yDt5VZfRGm85PSCqVTkrhEJz5w0QqHutoS7-KFwXxEdaB-smsHSLoktfdb-niPP4ju27OVOsPDG5HRSHK19T-76vR351MsWeYdPgk1NP8FMYVH4rkpv_j6rdwFadpa-SALAPhObezyBLySYiITILwtXuqoLMSSIH9EsA6o4iF1l_XY9UBXx00yhwe43Aa8R-4HbGBlKB5-KKxDAWVHKBLXTL3lgIqmy2wmsgzl3gbZK-Nwd185bGaLOGhYIABIS5Gj8L1mOmdzllcn34ZAI_OpFYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:05:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 2AB6 23 KB
9 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:04:06 GMT

GET
H2 200 montserrat-semibold.ttf
cdn.haibunda.com/fonts/ 44 KB
44 KB 194ms
193ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-semibold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-af50"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 44880
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 container.html Show response
6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8655 6 KB
3 KB 23ms
23ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 13 Oct 2021 04:13:05 GMT
expires: Thu, 13 Oct 2022 04:13:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 opensans-italic.ttf
cdn.haibunda.com/fonts/ 38 KB
38 KB 192ms
192ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-italic.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static7 /

Resource Hash

bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static7
cache-status: HIT
etag: "5db2a88f-960c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 38412
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 banner Show response
www.haibunda.com/api/ 222 B
236 B 201ms
200ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: newsfeed2
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w; __dtmids=undefined
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: newsfeed2
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69d5bbc0d80021bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 30 B
106 B 708ms
707ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: parallax1
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w; __dtmids=undefined
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: parallax1
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69d5bbc0d80121bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
88 B 199ms
199ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: promobox
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w; __dtmids=undefined
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: promobox
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 69d5bbc0d80221bd-DUS
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 132 B
182 B 205ms
205ms Fetch
application/json 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: newsfeed3
sec-fetch-dest: empty
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w; __dtmids=undefined
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: newsfeed3
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 69d5bbc0d80521bd-DUS
x-xss-protection: '1;mode=block'

GET
H2 200 icon_video.png
www.haibunda.com/images/ 231 B
460 B 17ms
17ms Image
image/png 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/images/icon_video.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

740ff21657f6ff1e389ad1fa52c059213e55297d1653888f767c043dfc2da1d5

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:path: /images/icon_video.png
pragma: no-cache
cookie: FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634098384844]]; _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w; __dtmids=undefined
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63888
strict-transport-security: "max-age=31536000; includeSubDomains" always max-age=31536000; includeSubDomains
content-length: 231
x-xss-protection: '1;mode=block'
last-modified: Wed, 08 Apr 2020 13:50:18 GMT
server: cloudflare
etag: "5e8dd69a-e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
s: fe-publish3
accept-ranges: bytes
cf-ray: 69d5bbc0e80d21bd-DUS
expires: Thu, 13 Oct 2022 04:13:06 GMT

GET
H2 200 settings Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/ 393 B
395 B 49ms
40ms XHR
application/json 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/settings

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 69d5bbc13d312181-DUS
date: Wed, 13 Oct 2021 04:13:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=300
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame B1BA 18 KB
8 KB 28ms
27ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:09:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B1BA 8 KB
1 KB 91ms
32ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 02:51:16 GMT
server: ESF
date: Wed, 13 Oct 2021 04:13:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 04:13:06 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/ Frame B1BA 14 KB
3 KB 89ms
23ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.css

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 12:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 10:47:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 06 Oct 2022 12:30:53 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/ Frame B1BA 352 KB
122 KB 89ms
24ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

62a1871e4b6628d8e7ec4af963840978e11484ed4b96c5798697f01061a526af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124967
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 10:47:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Mon, 10 Oct 2022 11:16:36 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame B1BA 14 KB
6 KB 27ms
27ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 03:19:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B1BA 0
0 29ms
29ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsvfv8xfZ9iTyfoFKrF8Og35_BvtYG1_-7pg4mUDvELKflbwREoFLv9OaJCNce3v7DPfpsQz-_d4ENhDc3lGWQOk0I_w
Requested by: Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1E23 22 KB
8 KB 26ms
26ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 11 Oct 2021 10:04:54 GMT
expires: Tue, 11 Oct 2022 10:04:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A6BD 22 KB
8 KB 28ms
27ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 11 Oct 2021 10:04:54 GMT
expires: Tue, 11 Oct 2022 10:04:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ilustrasi-ibu-hamil-minum-air-es_43.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 16 KB
16 KB 212ms
209ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/ilustrasi-ibu-hamil-minum-air-es_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

91ecf3433ea550594b627301ecb6e7f1ccdee8b861ab48ef48e2376e5ad85ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"ad344e763c4dc9967df254a449d9eb52897d06f0"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tanaman-buah-mangga_43.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 31 KB
31 KB 419ms
417ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/tanaman-buah-mangga_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

a370458a6ec2f3885c58376f5e59124af3982b9c3d875b2aea4599cee0260150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"5909851e45839ef4716f7889582eee496af45f5f"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nasi-goreng_43.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 38 KB
38 KB 626ms
625ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/nasi-goreng_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

86d66cf6883784160f5a95009995428eaa9d2898819ac5bf27dd7443e85cc788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static4
cache-status: HIT
etag: W/"07578814b89ee8e5757bd1e8126154632bdf4c2d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sAjEshWmleelSM0X+KzRXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sAjEshWmleelSM0X+KzRXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sAjEshWmleelSM0X+KzRXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sAjEshWmleelSM0X+KzRXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5BE 0
23 B 66ms
34ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 6bcadd65ddca5022b2642cee6f7144aa.jpg
images.detik.com/community/media/detikconnect/2021/5/10/ 7 KB
7 KB 571ms
198ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/5/10/6bcadd65ddca5022b2642cee6f7144aa.jpg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"52e5ac4aac19a050a0f46335ed4c216fc4416462"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6b9fd8d81a98f06906b9d2816204f542.jpeg
images.detik.com/community/media/detikconnect/2021/9/27/ 8 KB
9 KB 570ms
198ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/9/27/6b9fd8d81a98f06906b9d2816204f542.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"e37ec18e2fd7a184acbfaf2b30891b7f28038966"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 86b1e3261456913bd43af15c131becee.png
images.detik.com/community/media/detikconnect/2021/7/28/ 9 KB
9 KB 571ms
199ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/7/28/86b1e3261456913bd43af15c131becee.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"55b98ae6b531b04d3d48a89af72b82ee7bdfb38e"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a770264d95ec2894a075fe8d6ef92d13.jpeg
images.detik.com/community/media/detikconnect/2021/9/1/ 12 KB
12 KB 570ms
199ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/9/1/a770264d95ec2894a075fe8d6ef92d13.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"15915358813f060d7da914c8be5e093e829dd148"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 466dbe57f8e363aabd1a9b50a7c91dba.png
images.detik.com/community/media/detikconnect/2021/8/27/ 106 KB
106 KB 570ms
199ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/8/27/466dbe57f8e363aabd1a9b50a7c91dba.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"854d875fc634f18d21b52184cb9a221e5f744288"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 38a36b0c70b63b95a3647df21c9f1d7f.png
images.detik.com/community/media/detikconnect/2020/10/1/ 10 KB
11 KB 569ms
199ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2020/10/1/38a36b0c70b63b95a3647df21c9f1d7f.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"3fca812151aa290461d41b4eb4f8765c63874370"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ed9c1e05b1011a2d613daffe3881570a.jpg
images.detik.com/community/media/detikconnect/2020/9/3/ 8 KB
8 KB 531ms
530ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2020/9/3/ed9c1e05b1011a2d613daffe3881570a.jpg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"3d95b4a2e815081ac921a748f884904ef83e6c5d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 62c4fd5303d433a0c16c7cfc99710ad4.blob
images.detik.com/community/media/detikconnect/2021/8/13/ 6 KB
6 KB 531ms
530ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/8/13/62c4fd5303d433a0c16c7cfc99710ad4.blob
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 621ecfa8e99a39b4446b12466869dd1f7203d803b8a11b88fb588e0bddfeb0a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"cd19d9d478b9d0482c921df7a91e5e41836d0163"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5ad4b128bee190d5b762e7601bd40399.jpeg
images.detik.com/community/media/detikconnect/2019/6/10/ 7 KB
7 KB 531ms
530ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2019/6/10/5ad4b128bee190d5b762e7601bd40399.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"070214d212805fb8cc87ade1b019c490e1fb8cff"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b89e7a1fbe0b81ddbc520461da363466.png
images.detik.com/community/media/detikconnect/2021/6/14/ 8 KB
8 KB 532ms
531ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/6/14/b89e7a1fbe0b81ddbc520461da363466.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: d5651f8d6acec8fc8b6c54a58c71800dd618912b5b813d489dd8b6f3e3749294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"77ece11e8745a3b41c3c2c4a913547a7d98d6539"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chimy-wanita-ri-di-finlandia_11.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 59 KB
60 KB 610ms
610ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/chimy-wanita-ri-di-finlandia_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

78465e3fc2c77fc3fb54e488c5426bee5cbb5923f5448639a4db854a4b71ab4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static8
cache-status: HIT
etag: W/"a9b82a63c9afa509f6dc64806e601f7e6bb59c70"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mommy-tarigan_11.png
akcdn.detik.net.id/visual/2021/10/11/ 35 KB
35 KB 610ms
610ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/mommy-tarigan_11.png?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

d6eafe961efaf1d688fb152b090d4c09e3a7da8dcdb11a83f94acd6cda182cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"7e6753620c9552c66369b2b9657346832f2b5fe5"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 variasi-resep-sambal-terasi-bisa-dibikin-mentah-dan-digoreng_11.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 49 KB
48 KB 610ms
610ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/variasi-resep-sambal-terasi-bisa-dibikin-mentah-dan-digoreng_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

2096f9909f6f7c1edbf031b4ba9c477c4235b53b7824053a6ea92e9dc28d5745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"e0ac6092facc77f6b9a7efcd1274bc6c98e8e372"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 potongan-kue-pengantin-pangeran-charles-dan-putri-diana-ini-dilelang-rp-81-juta-1_11.jpeg
akcdn.detik.net.id/visual/2021/07/31/ 53 KB
54 KB 610ms
610ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/07/31/potongan-kue-pengantin-pangeran-charles-dan-putri-diana-ini-dilelang-rp-81-juta-1_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

6119aa7a69886441b7e146ca328ef98c47e6c7d0a0f0b1acdb0795c9f6885a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"117cd1639f819bce60cef92dfe410642a721c943"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1213621560-1_11.jpeg
akcdn.detik.net.id/visual/2021/04/02/ 36 KB
37 KB 610ms
610ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/04/02/1213621560-1_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

c76dba67b6f1b94c9022490036c5c212ac16ca312137daa0af9953de5dcdb8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"084031f18eefeee45f2846dcd46e431fdeb19ada"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6910 1 KB
749 B 24ms
23ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 08:58:57 GMT
expires: Wed, 13 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69249
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C5BE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec797cb04b53bebbf4ec0985c87d54815545a17a06bfaf6341fd0b54dd4ee233

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/10774078/1632247683405/ Frame 8184 13 KB
4 KB 48ms
21ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10774078/1632247683405/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d410b7a616257b3c3565614e9126f6e40307a1437cd8cf859fa04c1ee0be377a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10774078/1632247683405/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 3745
date: Tue, 12 Oct 2021 10:01:00 GMT
expires: Wed, 13 Oct 2021 10:01:00 GMT
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 65526
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2AB6 0
23 B 34ms
34ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPYFq5kCCzVp9EpCqoXC7ZJYA0R2j3kSc2ayJuKng6YNI4FTavw9Jizgc2LOO7Lcz-drhES5jf5VC3e1JfMTUTk1FpX-EOzlKMMIU1BJskviwktgHmOyMbsX9yCxT2RSVByIce5A_G5X4jfrZLjepJSs5S&sai=AMfl-YT3ES2Pl5nw2COAWUy5ZQ-SI3YWYJ19zO7TyrMZEa8Fsei0y-gFg3Xi3jgDVdPLIxVMx68jMXkV48BiDx2mzBtLxBT3ilrTVgo&sig=Cg0ArKJSzLJ58TTyL5TkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=342&cbvp=1&cstd=338&cisv=r20211011.72493&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 homepage Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 11 B
108 B 15ms
14ms XHR
application/json 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 341
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=1800
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69d5bbc28ed92181-DUS
content-length: 11

GET
H2 200 iframe.html Show response
static.vidy.com/0.38.5/ Frame 2A9C 170 B
451 B 14ms
14ms Document
text/html 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.vidy.com
:scheme: https
:path: /0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-type: text/html
x-guploader-uploadid: ADPycdvYWaFnAxe3Go3MjHYlm7IKBbvZ6BIyOk1Ln01hj3JYobwmX4QUfDmZ07uLpTdizB91KtM8FDCGcSeTCb87G3s
cache-control: public,max-age=31536000,immutable
expires: Tue, 20 Sep 2022 17:33:34 GMT
last-modified: Mon, 20 Sep 2021 15:27:28 GMT
x-goog-generation: 1632151648524711
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170
x-goog-hash: crc32c=L2PN0Q== md5=30+26Rimyfs6gQOLghFtrQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type *
cf-cache-status: HIT
age: 1928431
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69d5bbc28c0cfaf6-DUS
content-encoding: gzip

GET
H2 200 embed.min.css
static.vidy.com/0.38.5/ 159 KB
36 KB 17ms
17ms Stylesheet
text/css 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.min.css

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1932281
x-guploader-uploadid: ADPycduqPyFVIKfV6T2GZ1bIAPmDPlp2ZhweBT_GW16mAfK2oePo4NC7dH_-XFP8-SJ7VULDW8zmBhQbogoLo1L5Nno
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:27 GMT
server: cloudflare
etag: W/"d625cd0dcb9328385d986851871fcde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=LJbN1g==, md5=1iXNDcuTKDhdmGhRhx/N4w==
x-goog-generation: 1632151646968836
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 163315
cf-ray: 69d5bbc28c0efaf6-DUS
expires: Tue, 20 Sep 2022 16:39:55 GMT

GET
H2 200 alive Show response
api.vidy.com/ 2 B
62 B 15ms
15ms XHR
text/plain 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/alive

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 341
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69d5bbc2af002181-DUS
content-length: 2

GET
H2 200 indra-brasco-1_169.jpeg
akcdn.detik.net.id/visual/2020/06/04/ 21 KB
22 KB 551ms
550ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/06/04/indra-brasco-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

f4c662e288994c0f5be39f038859572824c8e2e44f319d17bb0df36837a77879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"024d6c42a7e8d2c698fad4ceb0299d2f2f3ec218"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 industri-k-pop_169.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 26 KB
26 KB 551ms
550ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/industri-k-pop_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

bb89c8942fcb6f60e64e1178b76792a89b549cb044ef282921c37117d2bb89e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"21578927aff30df84e8f6431c7fbc685e3571ed3"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chimy-wanita-ri-di-finlandia_169.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 20 KB
20 KB 551ms
550ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/chimy-wanita-ri-di-finlandia_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

001d81224ef63263b78bef8004b51e2f23453c0832e67955f1e8012e366a8a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"da794248743b5d73819dffd89535570139f6b915"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 variasi-resep-sambal-terasi-bisa-dibikin-mentah-dan-digoreng_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 20 KB
21 KB 551ms
550ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/variasi-resep-sambal-terasi-bisa-dibikin-mentah-dan-digoreng_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

3a744ac7ae91aaf58cd2e0a806f5eb2caa539fbef35514be5cf05fd87a4a62cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"d1f7e1f99f2eb9778ca3350b62cec59c3a95a334"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9cdc10b8-947a-4bb0-bb60-5e2a2826c6d6_169.jpeg
akcdn.detik.net.id/visual/2019/05/24/ 13 KB
13 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2019/05/24/9cdc10b8-947a-4bb0-bb60-5e2a2826c6d6_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

b05414f908cdffab3fbd3f03584c35ab0fbb59276655971e1467ba2479f4a18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"f26fd62f7f01ea82d00dab5ff3f44d3b720b6d80"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chimy-dan-suami-bule-finlandia-2_169.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 20 KB
21 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/chimy-dan-suami-bule-finlandia-2_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

c2ab53e7f7c47fa1a70f8cc0add134ea90ff153cd07cf32bdc85abb9a73124f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static6
cache-status: HIT
etag: W/"d10566272d22b1a04f7631840e26878f0559cf5b"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1213621560-1_169.jpeg
akcdn.detik.net.id/visual/2021/04/02/ 13 KB
13 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/04/02/1213621560-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

2b2d91fcca8a58b653c95398401e92271af5ac86aeb0f84a6878215107f98504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"68ef1ac0e66d424c7ba3afbc5abb0c3626416c5f"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mommy-tarigan_169.png
akcdn.detik.net.id/visual/2021/10/11/ 13 KB
13 KB 547ms
547ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/mommy-tarigan_169.png?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

46c050dcbc10df4efd77d77b95a0bb4678b0cef73871ff3545d2f626ec607abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"bec3313daab4bbaf9991c74577eaf03a788f7952"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 alblen-filindo-fabe-2_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 25 KB
26 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/alblen-filindo-fabe-2_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

1fa3871ce75ac125ca3433e4aa49b82593f5a7ff714e25f8bc024209d6dcdfc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"027951c8d08e2a13bcdab5b57132b6e7868320ed"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f2f5c3c8-2b3f-4c8e-bf71-6abbe769745c_169.jpeg
akcdn.detik.net.id/visual/2020/03/12/ 16 KB
17 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/03/12/f2f5c3c8-2b3f-4c8e-bf71-6abbe769745c_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

50087caeb96cf9fe0fdfaf69dc238239d279d218ce187a226a3a1a1ebfe75e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"aa8812409f1eb19e9e3b7b4e9b8bd50cbced4ff7"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-matahari-dan-bulan_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 10 KB
10 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/ilustrasi-matahari-dan-bulan_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

384f00915d742ab0886f52d8759c78f9463a0bc8da3dbff04516e480f0d14529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"d4cea4a22e434534828994d1aff49703dcd9a932"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mata-bayi-1_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 13 KB
13 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/mata-bayi-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

f5d974cc7abd474e71ebf34802cc4eb2d2bed3d5d5feac9fc54ef26295f502f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static6
cache-status: HIT
etag: W/"e5e1a2d6aa9fa1f49018402e98022bee964591cf"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-menabung-1_169.jpeg
akcdn.detik.net.id/visual/2021/05/19/ 16 KB
17 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/05/19/ilustrasi-menabung-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

bbad19ca3686c52ad9eec54ca1294d017e561b5a9e945cbcc434950169480cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"520b15d2a522f4788958365a2bc7adfd74523ff5"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 baim-wong_169.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 19 KB
19 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/baim-wong_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

6a9c9a5f3a2b792434bea24166ece81e37079eff5665e437a47ae54bf005c70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"796f0101e51be3a121914b3aa741e27cbe5e7921"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 potongan-kue-pengantin-pangeran-charles-dan-putri-diana-ini-dilelang-rp-81-juta-1_169.jpeg
akcdn.detik.net.id/visual/2021/07/31/ 23 KB
23 KB 547ms
547ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/07/31/potongan-kue-pengantin-pangeran-charles-dan-putri-diana-ini-dilelang-rp-81-juta-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

f68d76cccf9c08b759371b06a2c8502329adff94d5e8cafc28c9d566bd986eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"f616f5f2948046c047a2c409fc3f18db1849e6e3"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9p4mwE7B+5Lsk73xRrWQRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9p4mwE7B+5Lsk73xRrWQRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9p4mwE7B+5Lsk73xRrWQRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9p4mwE7B+5Lsk73xRrWQRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXG7PXWGgrRVr2mvAwciv8VGqlRG-NQ-hTHgz7K38tTPoY_-EHwpcbrXkE7qWvXkkMbQBiqSbUr5jxbT3Nzvnid-B9yJxn38usBRIcIHc5HhRswE6kRvia6KSyh4zoUmmbtgqjX_Xil3t-xBLV5OJO1KbkxaMmT_LC7FmAWnQVDfQ6TkmDwEKW1j8wh Show response
fundingchoicesmessages.google.com/f/ 44 KB
16 KB 52ms
51ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXG7PXWGgrRVr2mvAwciv8VGqlRG-NQ-hTHgz7K38tTPoY_-EHwpcbrXkE7qWvXkkMbQBiqSbUr5jxbT3Nzvnid-B9yJxn38usBRIcIHc5HhRswE6kRvia6KSyh4zoUmmbtgqjX_Xil3t-xBLV5OJO1KbkxaMmT_LC7FmAWnQVDfQ6TkmDwEKW1j8wh?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MDk4Mzg2LDQ3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

6ded256a0461e30a578ade0f02f04b9586f6604752a1e5e7fc049f565d34b3a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rd/UbaCHtX6h2eAZ5S/2cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rd/UbaCHtX6h2eAZ5S/2cg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-rd/UbaCHtX6h2eAZ5S/2cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rd/UbaCHtX6h2eAZ5S/2cg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Cf-BQCttwRs.es5.O/d=1/rs=AJlcJMwLuFu2qvIqyV3Nw_hrp3LH7iHNng/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gwl1bwzeDHsJqC7XO1NvWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Gwl1bwzeDHsJqC7XO1NvWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Gwl1bwzeDHsJqC7XO1NvWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Gwl1bwzeDHsJqC7XO1NvWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5bc71a71-7bf6-49d7-ab62-2aebfd62fe69_169.jpeg
akcdn.detik.net.id/visual/2019/04/28/ 19 KB
20 KB 538ms
537ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2019/04/28/5bc71a71-7bf6-49d7-ab62-2aebfd62fe69_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

e5137605e5262b89a4cc2befcf53165f1fd42bd9fa84fbad04af0abe2b1451f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static8
cache-status: HIT
etag: W/"f6de2301631bd02abc1e39148059f103b8a133a2"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1003977018_169.jpeg
akcdn.detik.net.id/visual/2021/10/05/ 15 KB
15 KB 537ms
537ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/05/1003977018_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

684a09b1d6b0cd7d88f89d43c29a26ab68a408cf11aabd37032c821ac214bf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static4
cache-status: HIT
etag: W/"c1552b59d0bbf65ba8486fca92a41e6eb7360fe3"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nasi-goreng_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 24 KB
24 KB 537ms
537ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/12/nasi-goreng_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-102-221-49-103.detik.com

Software

static1 /

Resource Hash

856da369b5760a486d9b07f839f498bec08ac2cbf160c9aaffce4be21b2372f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
iresizer: ir-static6
cache-status: HIT
etag: W/"e368c4fb42fbf899b63b4239a02f39987bea99e7"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E4E 640 B
316 B 62ms
32ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm1DAt9oY7tRrEkN41nsiRl0rLRzJVqo88JO7avofmynRhV6N_01O1nipg27oM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 13 Oct 2021 04:13:06 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8655 70 KB
28 KB 81ms
52ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIaS5H5Rexohs75FMaDjVJaVSjgbXYk3f0jnpwTBxCVcP683yxFVSQZ3PRfE06is-ZIUhF_znxtfpaMPTqe7T7SwTze6PRipXuvNnrcLD-sMOmE08Ad_sJ65AQ5p6kW9C88g-ZwVqahSUryuddeSmsJ4i4HQ&dbm_d=AKAmf-DTq_vpoh-WqHQikA69vxq9qpUzg26Fr9EvtVOkGtC898CH_em1a70au5jc05j6k57znKb2MItvXxqX52EH68r2dVzhrH74Z9jS29Q0vUMt4mrI7sQjeW2OU6yR5LDRXB1NJppX4Zb9iYikTHSYNEEbkpFAYegQWc3qGbu3yFfy7vnxb4Kkr8Z2X58RuunuxIN_jABrJvKdEn5GxqoOIbjS-NiMeCJ4Zp6h6YFxpC5YPVvqCHIvfXZ4eGa7JFLc64xFZrLkkvEbZuWISdGTsOpdp0d2HfYLFvwkVmS6clXTSmJF62js2_TPH0SmI_1WcZ3BYrdcSVr0KsUBmCm0qop3IJffb-oDpNChuRYWHoe2n0JtGPn99bbiTGSPwt3-hfmEYGxYzqri1smIRX3C8v6Rc0J3kBJpGKxsdRTdP0EEIHg4bwAE6fxg4yuGzs7P8fienbVjPf3CK--NWYJMjqExa7zQiHN0If6-oZaONHmLFYq2y_ZEpoHXPzcwYFCuVRQj8rBEpmJLbOYBWcGwy9sOQEvnParXIq65tKhBpBKWxTNZNOmX22IiNEmkeTgPN82Spc2V5k_KdgfLYG4DBQt6GtEpMBqbri7Iph8MslkXRgut8CvyDT028Mwl212104tNP5-ns4j8NhzcQeFBRfswWeIE4yLZA0TXYxurVq1E5qDiGrtr_36h70QP7LH03doU7iScX2MAl62degCzKgOk921UICKO1ytKdx1u_9M1A5wc7MN8qLePVtpwNV1APZj6dSznTU3OckxABlYu5-_eG7l2G51o9tSJYJNXSjkRj81UN9okm-Eg5nthhS8EohGfaR3PkuJMlDKLjE4VtAFGioJZad3cv7OqePYWiKjyXtcymAyAE3JjFNHndCtufaJCUvb6jTOyUtANph26NneVYLrjbLZzOhRgNc45WOAu2r25kEvhkq7nFFNsxjcoMXWXfwuD3ZInybR08rGqpTpaT5nPlGQID4WsMjqi__Ic3DSMrD_V2MIcA1xzMVsZSb-GBq_0qaS0vc_pI0Ua6tEZcnpk7fQHWPvIvGV62PxZy8CZMjFlTljFPMDwSFkFT1tJZiVtdoE3v7AXDXZNqL1P9my2AKLlxmWWGtrFHhJuomOL8ynLljPJKRw_ovc-ru9UVu046AVgdefOh2dLlhatI0X_9PO0q2OmSzWn3U3SF1VA26AsjUTzwcYirxHTFonVIJ-4aRT0jiYzlMnR_sQYaM8u9oziLyhqa4ZWi-FOefwlqPE0Ag8QASDlkTZoZZfgVBdunK507-VdAgWOHi5HWU8h5BRC13VI7cBXdCI5O-w9LHcX__zz7sIm6wFfEoxfr3bMuP7ISue5bIpbPKSWO-6ZZrffiNzfaXSHYxnuIhvmmJ4c4A1hOXRlYvOGeaRPdRUfciGdaXmJy0hhHGTnZ-0IuZmvzINBGTWnutC4SrumelrL-nn8ySed9rqRorY423bg-aQityx3rRuL_Jj0dGEsDR2udmNBvtakjEjGhI_GLRfd1-ai35rYLY-CFzDszGtAyFNhpd4CZil8c3VGjzIbEgRfXeVFQ5jz59q4p9_dqbQCygZH-UZdY4R2PIaBmWf_ttxQ0RzN1Sfxu5k4EN38fzwqrsHU6BaXSerd2kV3LEppJ7d1AOXrYGct3FNqu8v84q-rB29uqGkLSvx6LgKvJIJ0TsFUFLgsTurfgr6bgDB8Gkdsl_3OV-MgDoW2-ESUirF897fVTssqI9TL78XTmb1AyAQ93L9a843ae2Rksxy3mJFEoAJuV7Kt_C6QpEuNjKCSnM9Y9ptAWEPMC3ZqY_0lNUC2ryZ1DKts1gViJPuozXl6DPHZe8hTdHemg4Eh9HJa6jy2OpljZflTtrFRw-CMO6cj1B6E5l9-Pz9QDxENUvPYWJ6wEn25KVpsj-DZ2ObFYj9F5bCfPd_yy32DtJHDy7go62DIipeCAKVRN9RhH1g0Ntpf_pzzYO5IXCx4k28MgUR4zmM8KCtO_dgykw52_CfZEriF9lDynFhTz6aWLbC5LU0rIIWXKU81vJQz-Zhdy1npDEiKmo1q_DrLLNDJ8pLMJT9iavYaVqBfGpm5XzA8eWYNrQpvB4ue7bbVzQ5BCH6vRgumkWIBfENJQGPfp9Q2PQos9aQQ4ApSyO9QPYneN-qWM0D7psrxIohp2NydyX6OWF1xgYCfUpxDq7K6eOovIqmStYqkzlUKT_ur2Z8QG_2-INVboOhpTOjNnpTXrjSpYBwV_uhohANDQcMZiauH0x6oKhQYKhBc0KqtAkPUL9MjXUrUMOp4QuVfmtozSOZ1anD5gzQOnMa5Bhpc8HpA0gXbG1X5dTPx5XA7KZO4FOJbWqjq6N0A1qz7QUU6w5rGBzKdem4qyPQVKqTGhGJ02OxeMpeBqN2pQQ5X_CNwfcAWt8XTApCdVpuUZErlnp5LoySn9m2hEL-JtF1BmzJY0AJDSvdf5ZMRM1qO8eC8YWVvIG7qc_NgPWNEIW9U00D1TLtQltt8VU8yrKTdJc-yDPQDe-M-HL4BdmdofiS8_lrhzDtM_ECWe62635EyD2G0bPlEQ0w73MTnBdQbRL8_UIkOnhOEexJ5cCP5FR0arhTujnueYYywKszMjBOGjlgsxE6vUeTpX_C8QbyjclUEvRvYZOwAGKeoIw3IAc7grCtKNOv4vj9Fp27a5eMuNgLNMOvrRK4O6ezpnXl49mg09CukCfBsVfXrHWHozNUANza2Ysu-wI7n0Pb5rI9oKKhR8TRBP2zh6tFL2ad4x2-Uw5Vo9Tf8LoXLYtYxiUEc6Fzf_tcOuYGOhIH61iCp5XQKUEq0ywx__e-RHIQdpXMvHk8YPWrm1HgyEE914tGE3GoOEi68gF-QaOPEH0iNz_CnB0C0DKGOQ7Gh5sFTXltmU_VaStQH1_rv4_wKgQELvf2_29UnyQcwZc0GwvxPvhk2IpGBgnPusyTUQzqr6suaCAJAe21_HKgfj3Y&cid=CAASEuRobqJYYV374uGx1jT2VphUSA&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

88306f2686a5c243cf49c7d04099a6d719e931458a7129b9c55edba4859d1aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28623
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8655 42 B
63 B 44ms
43ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ae-8BRWs-0VSjZ6IX4jCOZM33octcSZqemsXK1pm1bbFGIL7yH5H3-NtlCLX54-PW1kbqDcvvBeN0rga6GHXJDn6XOshidNQvh3h4A3LXF1Cts6Tk

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 8655 3 KB
1 KB 26ms
25ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:08:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8655 123 KB
37 KB 68ms
37ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Oct 2021 04:13:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 8655 14 KB
6 KB 28ms
27ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 03:19:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8655 0
0 29ms
28ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQo2-tzjn-ZyPj4mNgPyIgQTilbGK4tAoKv8XHm82ldv341sZQOr3mGbjsdWDa1HeXd_BJ8XjQ6OHYK_hO66DimGOlfAw
Requested by: Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 77ms
22ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.vidy.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:59:02 GMT
x-content-type-options: nosniff
age: 134044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:59:02 GMT

GET
H2 200 montserrat-400.woff2
static.vidy.com/fonts/ 13 KB
13 KB 24ms
24ms Font
font/woff2 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-400.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ADPycduDMiJVe4dt9xqexd_uNll0V2J-6s2bFWDisCDrOm5Xj64fzL3phjc8WFFqezoSQxfwmIZf4PqzywT6ayveLoM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13248
last-modified: Fri, 16 Aug 2019 21:18:32 GMT
server: cloudflare
etag: "cdd5aad3fd6aaa1b80d5119924cd0d52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=QsfZfg==, md5=zdWq0/1qqhuA1RGZJM0NUg==
x-goog-generation: 1565990312626694
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age= 31536000
x-goog-stored-content-length: 13248
accept-ranges: bytes
cf-ray: 69d5bbc4082a2181-DUS
expires: Thu, 13 Oct 2022 03:47:59 GMT

GET
H2 200 montserrat-300.woff2
static.vidy.com/fonts/ 13 KB
13 KB 15ms
15ms Font
font/woff2 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-300.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 380086
x-guploader-uploadid: ADPycdtpu-47wlgDNNfzLwkYhCYtIWMAhcZDbGYHRXtihB22sPu9Nfk0k0jvMvVtBXpMfukBl1ubb3h9S4fXeaYUeog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13080
last-modified: Fri, 16 Aug 2019 21:18:32 GMT
server: cloudflare
etag: "de24050b75ebfbbd133cdc9b72c42f27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=Lybbjw==, md5=3iQFC3Xr+70TPNybcsQvJw==
x-goog-generation: 1565990312627687
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13080
accept-ranges: bytes
cf-ray: 69d5bbc4182e2181-DUS
expires: Tue, 13 Sep 2022 02:46:43 GMT

GET
H2 200 montserrat-500.woff2
static.vidy.com/fonts/ 13 KB
13 KB 14ms
14ms Font
font/woff2 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-500.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 380086
x-guploader-uploadid: ABg5-UzOqhLUP_9ur2htVQrfGt_O1AY2rqSezeyTDNOR-B3MvoBlkCmclWRkqYIUlnRH5-1HCYEbV1Mwi-FE9w48Zd8Mc_fMyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13248
last-modified: Fri, 16 Aug 2019 21:18:31 GMT
server: cloudflare
etag: "99b4803ab7e53e3d5c2db534a3828caa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=VvdztQ==, md5=mbSAOrflPj1cLbU0o4KMqg==
x-goog-generation: 1565990311428633
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13248
accept-ranges: bytes
cf-ray: 69d5bbc418342181-DUS
expires: Sat, 23 Apr 2022 05:19:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F0B5 1 KB
749 B 23ms
23ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 08:58:57 GMT
expires: Wed, 13 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69249
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2AB6 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6bade614128f0371a0d733500811142205735a457f49332e3b3feea84d395a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 1 KB
758 B 212ms
211ms XHR
application/json 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=3717%7C3718%7C1514&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

1801f4d6d54e936e5e50a353ae6cf677e6d61a14fd258db9c9477f380b35c067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive10
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
29ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 83ms
36ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
168 B 61ms
61ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1117915544795561&correlator=2546802266977032&output=ldjh&impl=fif&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=4905536%2CHaiBunda_desktop%2Cnewsfeed2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3Dnewsfeed2&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie=ID%3D5aae958e7da0d16d%3AT%3D1634098385%3AS%3DALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w&bc=31&abxe=1&lmt=1634098386&dt=1634098386628&dlt=1634098383743&idt=1372&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=2675&adks=3865697788&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x4675&msz=750x61&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1770791578.1634098385&ga_sid=1634098385&ga_hid=1520872178&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bf1e21b3df263a7e82d0847f4878fd4dd5bc54d2774457d1c52a38fba6b47440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 401 B
702 B 208ms
208ms XHR
application/json 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=%7C%7C%7C2679&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

f3a24d319609827c03f0ba4ec0aa3748bebf602632879d62ccfa90e32e56e296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive10
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame B1BA 0
348 B 138ms
41ms Ping
image/gif 142.251.36.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kuozzkrn&c=1832559179652&slotId=916279589826&qqid=CLu4se7CxvMCFUI-4AodUowIfA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.36.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: muc12s12-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B1BA 15 KB
15 KB 56ms
25ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 560481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 16:31:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B1BA 15 KB
15 KB 50ms
23ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 560485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 16:31:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1BA 0
20 B 45ms
45ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CXd1E0VxmYfuLIcL8gAfSmKLgB_yh2tFkrpXS5ZcOv-iivcABEAEg4P_mHGCV4pCCoAegAaH1-ZkByAEFqQLdyfu9QV2zPqgDAcgDmwSqBOsBT9C3jtJVVAWx0ogM6zzAWoQEyL5BBP30YvIZrSdqKrMsepNB2mXaiJcT3gKsQz5GQ8EcMCHBbmi5xkNrKS7iGQtUMPwurwMYoPV7R46hyc7dLuDmcbrgs25juAE8LvUvgaV0nl5GjuZGd5_gMR89jEZsiMzhDGj6J6LGijJ0SGASfoKa7NGD_x7nppedE5aYYYeRsY5E2m77ZGRlQs_sfYLTk50wXDwERB2Kqit4mymPvzQGrzagyyqZ28DCb2g0vS04IzOK76dkaKj0q--thZ3Sxs76BqdFUh-mOxxF5QWndItdSEupJlW8QMAEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDyAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUuQzYFAHQFQGAFwE&eventType=clickstring&clientTime=1634098386666&ai=CXd1E0VxmYfuLIcL8gAfSmKLgB_yh2tFkrpXS5ZcOv-iivcABEAEg4P_mHGCV4pCCoAegAaH1-ZkByAEFqQLdyfu9QV2zPqgDAcgDmwSqBOsBT9C3jtJVVAWx0ogM6zzAWoQEyL5BBP30YvIZrSdqKrMsepNB2mXaiJcT3gKsQz5GQ8EcMCHBbmi5xkNrKS7iGQtUMPwurwMYoPV7R46hyc7dLuDmcbrgs25juAE8LvUvgaV0nl5GjuZGd5_gMR89jEZsiMzhDGj6J6LGijJ0SGASfoKa7NGD_x7nppedE5aYYYeRsY5E2m77ZGRlQs_sfYLTk50wXDwERB2Kqit4mymPvzQGrzagyyqZ28DCb2g0vS04IzOK76dkaKj0q--thZ3Sxs76BqdFUh-mOxxF5QWndItdSEupJlW8QMAEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDyAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUuQzYFAHQFQGAFwE

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B1BA 28 KB
14 KB 51ms
50ms XHR
text/xml 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D7u9W1Kktdmg-IVq_PXl0pYRfQ-BH5xAesZ5WsxhvHVtyMMGnEFlp7bFughAm98RC0A1LaEEmyDPL500lQLxNXPYhqGA&cry=1&dbm_d=AKAmf-AA-VUlfiAl5PkJLLzouTb6xQPVVXj_I3aJ1PeGB2gfemn9lk2sg3eks1SGN3Jrqki_dwhT4zRoolb-WKnsk119-W9Ec_zuDcNBv5Ngy6XqZN8x2PxFCsDSk4LFA6SRjcgzdUs10bMPkCcAw7C8hMMIuaWZF3ei6mUh3iaekk_gsa8u-9RfZ-_7bC4U6m4X47q6YWkYezEQ-25Y5y8PDMxYPb3_ozl9-5NRJmVNH-i1GER_70y7GltvZGF9v5ZgQolxF0G_nwplzEZd_d_wS55MwVSu1IADOKUlekEGXEhxg2ZXbYr19Ok3RK93vKv9iK_37V5lTbL3pqEcJlv4RLwXdncTNVikBYU6jN-MdFL7G6zp7OxYKFpCDSqNT_4Kb4DCxql776kki_3-ffhpB9XZace6x63ze60jd9xGbaECGOBQH2ZqOy4sbge4Ds0q2OzNTFcsSpbLNsDgSPl2hbr4WHM88N2z1t5eKPb9hL8X5c4lLla8t7gZEUlUHEkpVw4yWbSYwGEdHBhpwp0TF5zcR5rARC89_dYXov_4he4nTeYG97k_AJ02iOoWZtQUcHPyQcQ-ufY6zL5I6hRuSdw8Eh9z3Xi8SMGkENai439rUfUkwaH8IkSRwkxk4-LFyblfb7Io-CdmW8KwMxT2pynXyOUaROsJCNW0cDZNfvh0ZfSKVT9m2lRy8bHH3eLmUjpRZPCFdCMoo--NKvOOKw-IXZeyQtWe6G6IZXKtc8XHUUlMXyQT-qF-6OsyKdTYooasY09OSSo-023lQyDmY5kXJ91b8mjj39dshEvi1RXrAtHKXVk2fyo8FxamYpFIgUETQXFCC9eAHwUTDfVZn8y9lkODhM2jS2M8G2M3u8rp6wgwI5NLPhpwRCWci2QJlLwy-dWCbxZbGtW0WCY24XilotKKGWaLPBEgszqOBRdMYqj7Inl1KF1g53mIwmWAPmnpJzk49kodmh7lXepwBcDQfclQiAByw1wuVt1PLSfjxf8ZMoZkIxm0WAMHo1yQRJ6T7H-ET62xkpa9iDYwzypdksseJBGejXBvNf0Ulu7hpwEA3G_XiqpU0j1srGkDvFyOFjg6-jIoiJNfOLUCokgmCvsnze4WohvCSxH6J6LHvUL10ZzFSKlSpp1FMmrslH6QEmFbcKxK9dxNridMNyQZU4RApYjDHUSzpIb_W_PavpWiOaOC1ycwNCVfEY877xGPUqZ7v3_3iB42oU_9HLOiyK7RBlJ2mjsSQyn0Im-GxKiMgLa4atQxUSpzzJkA04QnzspLXvqBnHsaU4TwwzqwiR0G6Lh_6nAPbDpfnTMFzggdPv4H7hRwDijETBFEOF4g6i8_rBLDgHfGVBUx0KtPqpqxMe_-tEd8oWg03h_gzL3-Rvj_CIFwDCic8IR5s5rQDKqvZouvplC9Y_eMQwcuZSwJl4tBsfCNGJNDvVsarjykOx4yy-3GkDTOBhHLO4awoodgvIgSz7ulJuiXPp8c-sYkeR67hfCMYR5llaUjycXvKLjQmvZeMe0wQrgr0sjYnUkdbwIG9a_dlj_kCPwU-T7NcusVk174zNG48SlmlN6aG5nhIUAgKIkIU3Rbmucp8eEom_FpjKcIaTdAa3YMEw4H5w1vFKFVx9zB4bXiLXkqKmrYbXcwpaw1_2wfHHiwVwCA29om6pYdJxEqmN520CXuYA4CKIkeFLw96egUjq928UbIuDjdpuVDqBeSlF_NzTfuCX2A10Z6ktPMLC3_VrHWNDW0zy3JubI_Wa_zrUclPQCd_7EUBsBpX578j81o7yJlgoMV2i_AE_RlQ4j36DaAXyVjJynZqSaSN8P_wEPYnGsio0ex8cqAb3UfMHEsNJHgqc8xL5Geh0oWDlkGU527dOTUZCKVVY2ipEBRdQpw-xmghOAtqNsSFT4bAh60H-PGF4v3Ax5KLcvT15RqFEMaRrbANWDLfs3hkihWKJufHnTwj-Uq6qG1r9A4qUEQ1pxfYNbt8SFKqhB-Os-vk6I5Hn31Vx148f_xrtgpmjz19syBxKRQXIoa5H54GHOATuX1itmrkjfy25IQaIAssbFrp9Bdnt2xLc_XPFJCPUAKctvi3SPevVn7EcKl5PZzaS4wNXRA2x4Io9FsRqG1JOP2dF82pLrVKT-s2AqFLGp6-o-P-cxOQtRPBilD0kmS_XdwhA5ESMKCK0viq5Fv4NKWa47tlNpmD0TQyQRSbJQ5V_oVkqITJFsYMxNcfB6fywr5n0osKs6yOT4k0Z3i6ZLcuJnc3vaYHZ4ItotWvesiyUH28uUeRKfXWdmQiO7rtHLy0KrAhSZBVyA2GWbFoVvhYJk0lpwpf25mZqqDgUb4mlgvrMxai3PsiDgJtc7B3L9BX-C3W9Jr6kx-nofAPkQe8G0GETlyFjfgHw_n0pEb3jDHuJ_lUjl-KlMpGyG0t03M4Qwfgog4g-VCl6o_C4NjgoaOuFHZ7Lg7Am6LdnN4z_szh5g0yRUFr1DOHFQAGUJFr22p_tcjc1RaKVF1e5gZWDJ7Dy9RuD7jfqQYch1BQaN7tjcUV6b9VnkP3oIjz65MyVjcxGHDymuutbDPxbYmBy4ZSXUgaQ5wI_2ZUJM-MOgfV-TaiG5u9asjySaUnacjzdbfI8TG5WFx9fgfLBBr8xS33RRDQk_M34KpFTQHcAVKnzkvOhHxyUMijvvv_Py27YkqAbiB-VbKfzJVOu6jnW9wc80rMo-qMen1XvNwt_anhybMt1Rxf9Z_6pD8taGE0m1G_6asJDuAeOtISLwudHROC6hW5bTfeFn4uMPSxt-5Q_NjX0w-2LNw3XnBPs1A_F92gzSG-Rze9VpbqYxoOI-IpOUL4o4-xYC5xLvJ2F70h_LY9nwrI6vreWnMkEk_726WyJ_DwZpjL846KQfheIXUTPwKQjwmw46ZNgqPn5R2N_Nm0E4KEzQ30CdKY-BGKbo6tyIFEzPYoSN4RwAC1800hXtk-1ek-B-lVTuNk9WnHIowia-Yh_WzQOuuW3Zj6QJ-CM7mtZ_du26G6BaBOO1cWdbQ4ufK-pWOcptC4Depz9pFLvrev09Iri0UQxzo3x96l6gam-SdSrdtDg2usqqnrZUc-DErV0Owxhugov3z5QIFQO-H3zg3JgVHwCl1Jgm1CoVyOKHxlx7lqpYnkXx9r-zTb28bfJFATo7ZC34IWQqZH5RGT4vSwRGCRAMaZdKRJEBtTKvbBZGLCMVVi0q5yQ5ahxn7FrYAhEtyU3N9dCLWgo0DOHaRq7l-SrabbAu0c1XXYSkwLBvmnBi-GTKuDWzc5NQODyly0V7wEQWxrr0ZWgmojRZ3gG4jgD_I2pNKyOug0PNzfQq2Q6GxMAKwPJ2Jj-XD3Te4XwtMj4U&cid=CAASEuRoegOPgeAwAos4ih23nxJ-RA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

6faf65337043138cdad2ec7598a514521c268ff08fcde3bcf304ca242cb2a5e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13823
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B1BA 0
0 35ms
35ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHUds0VxmYfuLIcL8gAfSmKLgB_yh2tFkrpXS5ZcOv-iivcABEAEg4P_mHGCV4pCCoAegAaH1-ZkByAEFqQLdyfu9QV2zPqgDAaoE6AFP0LeO0lVUBbHSiAzrPMBahATIvkEE_fRi8hmtJ2oqsyx6k0HaZdqIlxPeAqxDPkZDwRwwIcFuaLnGQ2spLuIZC1Qw_C6vAxig9XtHjqHJzt0u4OZxuuCzbmO4ATwu9S-BpXSeXkaO5kZ3n-AxHz2MRmyIzOEMaPonosaKMnRIYBJ-gprs0YP_Hueml50Tlphhh5GxjkTabvtkZGVCz-x9gtOTnTBcPAREHYqqK3jDKH0Rp_yypAsPzqU3JOTf-zINvgnR5rsdWnJxolehxrU2NVnAfkuztGtKm0v2LbcSsLRYk_S5t5XKwASWiJiu0QPgBAOIBazYtLc1kgUGCAMQARgBkgUGCBsQAhgBkgULCCIQAxgDSL6LkwGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB8eKhuYCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHChCZjBkYm_3YsgHSCAkIgOGAEBABGB2ACgPICwGwE5ubsgzIE4GLgN4D0BMA2BMKiBS5DNgUAdAVAYAXAbIXHgocCAASFHB1Yi0wNDI4NTE2MTY0MjI1MTcyGODPEQ&sigh=_6A5MohgM_g&cid=CAQSOwCNIrLM_h_V78MpIw2SVJrACwc6I54bO3T8hWt2bM7BeUDuSHjYWmWLwt3mGcLJb4QOrr-XQQ1xkmPv&vt=10
Requested by: Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0D9B 1 KB
749 B 23ms
23ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 08:58:57 GMT
expires: Wed, 13 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69249
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B1BA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b1e0cc343066e62b319fb4c56c28edc0da941b701ce4e6c8229c82cea40775

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 d7f1c17162b23a1997e2a6527b94d5e7.js Show response
s0.2mdn.net/10774078/1632247683405/ Frame 8184 65 KB
17 KB 26ms
25ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10774078/1632247683405/d7f1c17162b23a1997e2a6527b94d5e7.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247683405/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

89fcc0375149a3f29180c96159cca98bffe1e6bbb2ba93727628c90ccaa91db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10774078/1632247683405/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17207
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 09:00:29 GMT

GET
H2 200 embed.iframe.js Show response
static.vidy.com/0.38.5/ Frame 2A9C 23 KB
11 KB 16ms
16ms Script
application/javascript 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.iframe.js

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151636
age: 1932281
x-guploader-uploadid: ADPycdscVe-GmHSZ5yCKDOP4yy7whBGTSTGupTxY9hSFrdRchZ_gIk3MU5XJcFhN8TYKYtex7TvtL_awGidl9L5v3wI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"45a6ee3245fe51114660172b9c7f7876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=yhA8bg==, md5=RabuMkX+URFGYBcrnH94dg==
x-goog-generation: 1632151645266389
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 23957
cf-ray: 69d5bbc53e91faf6-DUS
expires: Tue, 20 Sep 2022 16:39:56 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 8655 114 KB
39 KB 21ms
21ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 11:05:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 8655 8 KB
3 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIaS5H5Rexohs75FMaDjVJaVSjgbXYk3f0jnpwTBxCVcP683yxFVSQZ3PRfE06is-ZIUhF_znxtfpaMPTqe7T7SwTze6PRipXuvNnrcLD-sMOmE08Ad_sJ65AQ5p6kW9C88g-ZwVqahSUryuddeSmsJ4i4HQ&dbm_d=AKAmf-DTq_vpoh-WqHQikA69vxq9qpUzg26Fr9EvtVOkGtC898CH_em1a70au5jc05j6k57znKb2MItvXxqX52EH68r2dVzhrH74Z9jS29Q0vUMt4mrI7sQjeW2OU6yR5LDRXB1NJppX4Zb9iYikTHSYNEEbkpFAYegQWc3qGbu3yFfy7vnxb4Kkr8Z2X58RuunuxIN_jABrJvKdEn5GxqoOIbjS-NiMeCJ4Zp6h6YFxpC5YPVvqCHIvfXZ4eGa7JFLc64xFZrLkkvEbZuWISdGTsOpdp0d2HfYLFvwkVmS6clXTSmJF62js2_TPH0SmI_1WcZ3BYrdcSVr0KsUBmCm0qop3IJffb-oDpNChuRYWHoe2n0JtGPn99bbiTGSPwt3-hfmEYGxYzqri1smIRX3C8v6Rc0J3kBJpGKxsdRTdP0EEIHg4bwAE6fxg4yuGzs7P8fienbVjPf3CK--NWYJMjqExa7zQiHN0If6-oZaONHmLFYq2y_ZEpoHXPzcwYFCuVRQj8rBEpmJLbOYBWcGwy9sOQEvnParXIq65tKhBpBKWxTNZNOmX22IiNEmkeTgPN82Spc2V5k_KdgfLYG4DBQt6GtEpMBqbri7Iph8MslkXRgut8CvyDT028Mwl212104tNP5-ns4j8NhzcQeFBRfswWeIE4yLZA0TXYxurVq1E5qDiGrtr_36h70QP7LH03doU7iScX2MAl62degCzKgOk921UICKO1ytKdx1u_9M1A5wc7MN8qLePVtpwNV1APZj6dSznTU3OckxABlYu5-_eG7l2G51o9tSJYJNXSjkRj81UN9okm-Eg5nthhS8EohGfaR3PkuJMlDKLjE4VtAFGioJZad3cv7OqePYWiKjyXtcymAyAE3JjFNHndCtufaJCUvb6jTOyUtANph26NneVYLrjbLZzOhRgNc45WOAu2r25kEvhkq7nFFNsxjcoMXWXfwuD3ZInybR08rGqpTpaT5nPlGQID4WsMjqi__Ic3DSMrD_V2MIcA1xzMVsZSb-GBq_0qaS0vc_pI0Ua6tEZcnpk7fQHWPvIvGV62PxZy8CZMjFlTljFPMDwSFkFT1tJZiVtdoE3v7AXDXZNqL1P9my2AKLlxmWWGtrFHhJuomOL8ynLljPJKRw_ovc-ru9UVu046AVgdefOh2dLlhatI0X_9PO0q2OmSzWn3U3SF1VA26AsjUTzwcYirxHTFonVIJ-4aRT0jiYzlMnR_sQYaM8u9oziLyhqa4ZWi-FOefwlqPE0Ag8QASDlkTZoZZfgVBdunK507-VdAgWOHi5HWU8h5BRC13VI7cBXdCI5O-w9LHcX__zz7sIm6wFfEoxfr3bMuP7ISue5bIpbPKSWO-6ZZrffiNzfaXSHYxnuIhvmmJ4c4A1hOXRlYvOGeaRPdRUfciGdaXmJy0hhHGTnZ-0IuZmvzINBGTWnutC4SrumelrL-nn8ySed9rqRorY423bg-aQityx3rRuL_Jj0dGEsDR2udmNBvtakjEjGhI_GLRfd1-ai35rYLY-CFzDszGtAyFNhpd4CZil8c3VGjzIbEgRfXeVFQ5jz59q4p9_dqbQCygZH-UZdY4R2PIaBmWf_ttxQ0RzN1Sfxu5k4EN38fzwqrsHU6BaXSerd2kV3LEppJ7d1AOXrYGct3FNqu8v84q-rB29uqGkLSvx6LgKvJIJ0TsFUFLgsTurfgr6bgDB8Gkdsl_3OV-MgDoW2-ESUirF897fVTssqI9TL78XTmb1AyAQ93L9a843ae2Rksxy3mJFEoAJuV7Kt_C6QpEuNjKCSnM9Y9ptAWEPMC3ZqY_0lNUC2ryZ1DKts1gViJPuozXl6DPHZe8hTdHemg4Eh9HJa6jy2OpljZflTtrFRw-CMO6cj1B6E5l9-Pz9QDxENUvPYWJ6wEn25KVpsj-DZ2ObFYj9F5bCfPd_yy32DtJHDy7go62DIipeCAKVRN9RhH1g0Ntpf_pzzYO5IXCx4k28MgUR4zmM8KCtO_dgykw52_CfZEriF9lDynFhTz6aWLbC5LU0rIIWXKU81vJQz-Zhdy1npDEiKmo1q_DrLLNDJ8pLMJT9iavYaVqBfGpm5XzA8eWYNrQpvB4ue7bbVzQ5BCH6vRgumkWIBfENJQGPfp9Q2PQos9aQQ4ApSyO9QPYneN-qWM0D7psrxIohp2NydyX6OWF1xgYCfUpxDq7K6eOovIqmStYqkzlUKT_ur2Z8QG_2-INVboOhpTOjNnpTXrjSpYBwV_uhohANDQcMZiauH0x6oKhQYKhBc0KqtAkPUL9MjXUrUMOp4QuVfmtozSOZ1anD5gzQOnMa5Bhpc8HpA0gXbG1X5dTPx5XA7KZO4FOJbWqjq6N0A1qz7QUU6w5rGBzKdem4qyPQVKqTGhGJ02OxeMpeBqN2pQQ5X_CNwfcAWt8XTApCdVpuUZErlnp5LoySn9m2hEL-JtF1BmzJY0AJDSvdf5ZMRM1qO8eC8YWVvIG7qc_NgPWNEIW9U00D1TLtQltt8VU8yrKTdJc-yDPQDe-M-HL4BdmdofiS8_lrhzDtM_ECWe62635EyD2G0bPlEQ0w73MTnBdQbRL8_UIkOnhOEexJ5cCP5FR0arhTujnueYYywKszMjBOGjlgsxE6vUeTpX_C8QbyjclUEvRvYZOwAGKeoIw3IAc7grCtKNOv4vj9Fp27a5eMuNgLNMOvrRK4O6ezpnXl49mg09CukCfBsVfXrHWHozNUANza2Ysu-wI7n0Pb5rI9oKKhR8TRBP2zh6tFL2ad4x2-Uw5Vo9Tf8LoXLYtYxiUEc6Fzf_tcOuYGOhIH61iCp5XQKUEq0ywx__e-RHIQdpXMvHk8YPWrm1HgyEE914tGE3GoOEi68gF-QaOPEH0iNz_CnB0C0DKGOQ7Gh5sFTXltmU_VaStQH1_rv4_wKgQELvf2_29UnyQcwZc0GwvxPvhk2IpGBgnPusyTUQzqr6suaCAJAe21_HKgfj3Y&cid=CAASEuRobqJYYV374uGx1jT2VphUSA&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:05:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 8655 23 KB
9 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 04:04:06 GMT

POST
H3 204 AGSKWxWtzpS5l2vEbrhUMB8CLWhhTxJawAwGG7lKI2oD_Q2thwEVoKdLnLdi9x2hnaIzgwUVcpGJwEgmTwJhGmLUdyvbacWCVrGbc1A5LJ9GiQ6qspd7p58ZnMg5Uppir_SIj_Xz0ZwFZ66vhBJNiHYGpWla-hv-nWuy_A19LwOxr0yCW2vYi8Ua-0Vf6SA5 Show response
fundingchoicesmessages.google.com/el/ 0
27 B 37ms
37ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWtzpS5l2vEbrhUMB8CLWhhTxJawAwGG7lKI2oD_Q2thwEVoKdLnLdi9x2hnaIzgwUVcpGJwEgmTwJhGmLUdyvbacWCVrGbc1A5LJ9GiQ6qspd7p58ZnMg5Uppir_SIj_Xz0ZwFZ66vhBJNiHYGpWla-hv-nWuy_A19LwOxr0yCW2vYi8Ua-0Vf6SA5

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.ELpJV9CKSZ0.es5.O/d=1/rs=AJlcJMzNFD4s4UzGmJC6Waq6ulkbf2IwpA/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-61pDcURm5ssmsL0Wq4AO0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-61pDcURm5ssmsL0Wq4AO0w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-61pDcURm5ssmsL0Wq4AO0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-61pDcURm5ssmsL0Wq4AO0w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OCfwOugcCDBUg62NSJKaWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OCfwOugcCDBUg62NSJKaWQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-OCfwOugcCDBUg62NSJKaWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OCfwOugcCDBUg62NSJKaWQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2dtS0xhVuQO7HlHUwlk5lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2dtS0xhVuQO7HlHUwlk5lQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2dtS0xhVuQO7HlHUwlk5lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2dtS0xhVuQO7HlHUwlk5lQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B1BA 41 KB
15 KB 27ms
26ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 00:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 09 Oct 2022 00:47:51 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B1BA
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,ita...
https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

91ms
18ms

Fetch
video/mp4

172.217.130.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60C08DCE9FAF8E212EACDF6758C7189F97729619.7A95F7FA220FB4AD8364B68D2000E7B5356364C0/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634098356/mv/m/mvi/1/pl/24/ir/1/rr/12/file/file.mp4

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.130.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:07 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 890172
Last-Modified: Fri, 20 Aug 2021 15:16:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 13 Oct 2021 04:13:07 GMT

Redirect headers

Date: Wed, 13 Oct 2021 04:13:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Location: https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60C08DCE9FAF8E212EACDF6758C7189F97729619.7A95F7FA220FB4AD8364B68D2000E7B5356364C0/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634098356/mv/m/mvi/1/pl/24/ir/1/rr/12/file/file.mp4
Vary: Origin
Content-Type: text/html
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Connection: close
Timing-Allow-Origin: null
Content-Length: 0
Expires: Wed, 13 Oct 2021 04:13:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6910
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLxkqtz91c4Ks5gGXTQgKpVMqDzP41ApX2Wp-egamNnnhUurA_6WxsQhjCywuY-t1RcjhKaljAQyQKaeeGdLxFuEaUN-Z6W

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLxkqtz91c4Ks5gGXTQgKpVMqDzP41ApX2Wp-egamNnnhUurA_6WxsQhjCywuY-t1RcjhKaljAQyQKaeeGdLxFuEaUN-Z6W
date: Wed, 13 Oct 2021 04:13:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6910
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJtKsn14unUZDfy1LUlfQac&google_cver=1&google_push=AYg5qPLIPYoPalKeU9SaLCqnBbS--GCCulBzSeZCJuBHq4EPzlq0HDeERn0hIJv3d-Uhfcy3iT1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLV1gtSS1EVFpZ&google_push=AYg5qPLIPYoPalKeU9SaLCqnBbS--GCCulBzSeZCJuBHq4EPzlq0HDeERn0hIJv3d-Uhfcy3iT1bWY6Blw_JO2yrQM_8Pj7kVtg

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLV1gtSS1EVFpZ&google_push=AYg5qPLIPYoPalKeU9SaLCqnBbS--GCCulBzSeZCJuBHq4EPzlq0HDeERn0hIJv3d-Uhfcy3iT1bWY6Blw_JO2yrQM_8Pj7kVtg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLV1gtSS1EVFpZ&google_push=AYg5qPLIPYoPalKeU9SaLCqnBbS--GCCulBzSeZCJuBHq4EPzlq0HDeERn0hIJv3d-Uhfcy3iT1bWY6Blw_JO2yrQM_8Pj7kVtg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6910 0
12 B 31ms
31ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOnd1EwKoTWU_WvyZcfK8JpchpONX41CWH3IQ

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMclIMMsvpE36OMOcPfBE3w&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMclIMMsvpE36OMOcPfBE3w&google_cver=1

43 B
172 B

31ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMclIMMsvpE36OMOcPfBE3w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
via: 1.1 google
server: OXGW/16.217.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMclIMMsvpE36OMOcPfBE3w&google_cver=1
date: Wed, 13 Oct 2021 04:13:06 GMT
via: 1.1 google
server: OXGW/16.217.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E4E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM0Y2Q3YmQtYWM1Ni0yZTBjLWNmMGQtNGM3NGIyZDY5NzJi

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM0Y2Q3YmQtYWM1Ni0yZTBjLWNmMGQtNGM3NGIyZDY5NzJi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Oct 2021 04:13:06 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM0Y2Q3YmQtYWM1Ni0yZTBjLWNmMGQtNGM3NGIyZDY5NzJi
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 3E4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIUXTImHm5cuHnIYk569DlA&google_cver=1

23 B
172 B

30ms
30ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIUXTImHm5cuHnIYk569DlA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 13 Oct 2021 04:13:06 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIUXTImHm5cuHnIYk569DlA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3E4E 23 B
172 B 74ms
30ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COau458CELe6odkCGKvK8LYBMAE&v=APEucNVZLI0HSR7ni5sRyJdTC9_GVcSV2pwPs0JAGISIn8pTYY0Ranhyvc3ieF57HYWd6xIXHY8HBwZ_6tpRiBiAZR-Hu1Ls4n2RCBBq4IW4VnJ4Wi21eUEMbtv5pPxBdIPVWEb6nxJkD2sYIgHhvI1IDiSJUSPyoEMfYmUO941LKyHf_Ww0vhc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 13 Oct 2021 04:13:06 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E23 35 KB
13 KB 24ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 12 Oct 2022 21:42:15 GMT

GET
H3 200 164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response
pagead2.googlesyndication.com/bg/ Frame A6BD 35 KB
13 KB 25ms
24ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 12 Oct 2022 21:42:15 GMT

GET
H3 200 a7820ef39aa45edd1b64f711b41a5420.png
s0.2mdn.net/10774078/1632247683405/media/ Frame 8184 76 KB
76 KB 23ms
22ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/1632247683405/media/a7820ef39aa45edd1b64f711b41a5420.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247683405/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

17ab9bff1a5d30e0baf0663d3f7da2691d0c23ab112d89df0f154db902398d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10774078/1632247683405/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:00:30 GMT
x-content-type-options: nosniff
age: 69156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77360
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 09:00:30 GMT

GET
H3 200 020c18acbfb89981b85c8d7af8a26899.svg
s0.2mdn.net/10774078/1632247683405/media/ Frame 8184 3 KB
856 B 22ms
21ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/1632247683405/media/020c18acbfb89981b85c8d7af8a26899.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247683405/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

78ade184ea09ec2b6fa1fbbe503999ad6d796c3257167f63fbf5975b2317284e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10774078/1632247683405/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 09:00:30 GMT

GET
H3 200 3a526622fd1c6f7bff56b30e79d6ff4e.svg
s0.2mdn.net/10774078/1632247683405/media/ Frame 8184 6 KB
2 KB 32ms
31ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/1632247683405/media/3a526622fd1c6f7bff56b30e79d6ff4e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247683405/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

a290f687ba5e560502b237787b8f76f3abaee5780a3818f10ca594fd943b788b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10774078/1632247683405/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 10:01:01 GMT

GET
H3 200 9a752d5924f995e62b961842c072823b.svg
s0.2mdn.net/10774078/1632247683405/media/ Frame 8184 858 B
487 B 33ms
32ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/1632247683405/media/9a752d5924f995e62b961842c072823b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247683405/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d150f405e6e8d15f193151a7a1ccaec84e2c3eea4a941044e60890b23016f8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10774078/1632247683405/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 461
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 09:00:30 GMT

GET
H3 200 3986f8998b9de996c13efdbf72a05970.svg
s0.2mdn.net/10774078/1632247683405/media/ Frame 8184 7 KB
3 KB 31ms
30ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/1632247683405/media/3986f8998b9de996c13efdbf72a05970.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247683405/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

0007d23baa268a1cd61074407a65f5d2850f4f78a77d0cf141a0c0fdf8fc403f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10774078/1632247683405/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 09:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3072
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 18:08:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 09:00:30 GMT

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 217ms
216ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3717&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=b716eb8a68

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
server: revive10
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 218ms
217ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3718&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=3ee3de888e

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
server: revive10
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 217ms
216ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=1514&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=e47ca65758

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
server: revive10
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
334 B 216ms
215ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2679&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=d4ce6c4928

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive10 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
server: revive10
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

POST
H2 201 events
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 0
0 1484ms
1482ms Ping
application/json 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/events?uid=5lgmmyidd.5cgp4iuoq
Requested by: Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H3 200 index.html Show response
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/ Frame 7F0B 6 KB
2 KB 21ms
20ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d21973eb9276afbec962eb9872ec360d1e4e09453a12c1e380d3a745b5b898c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1818
date: Tue, 12 Oct 2021 12:51:02 GMT
expires: Wed, 13 Oct 2021 12:51:02 GMT
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 55324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8655 0
24 B 40ms
39ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstga7AH9NV_1CX1nv6cV3wmEk2zW7C3npo1fE8QI9y174D3Q11KIvlMkC4tybZnNFPg7dsRkgkypP9BySiUiJBQNAiQ839_RL9W3JaNH9o0P7UzNVCf9XOEW3gbF3DNkf6CGljNlcvJYCDqy4-ke20I3z_D2cok97RK7N6I63ok2RxK-XfxqmMNoN1HOUxchZc38OzwnWa2lG9270YfW2Io7XYj2Sz5tgXxeEYd25txakp-UJ73t5hND461UOCFGESKO9bpIOflZHuT1dvAgJx52twBvRTfiwmAfjg0hfT8kYYjSlhggKzW5KSISe6d-PbYUfalm_2HNllRTULd9eMcOl9BO54drBx9md_ZvewYpAChw5XKBCS62hzNnJW3UPol-EbhzqgySpqwFyuv6ZtY1zJnDv3uQP60MiwAG40HdzxBmfdO_X9U4bVr1-GJHBaWz4-Wnpz7jLofjSeCifK-nWAdhiOv0ThYNnJUF2XZc6vcg6YOPt1jkbHOCM1Af71q_jaidnBpdYGzDE-mJax73v37zHjLTcbQ7XJUXUytG5avvqOMT4REW2D4-qgjXhEsHJWSqGL_vxyQaI4zRm1FE0ERJUg3vNQfKiSXhGJzRVqHBEtsJLdgTfCbUXsIPmeY9eTkJMpPjSjzGVwPy9MVTxrS_ZXXJYosqNglohygjXI49GZvZkuWA0aIjUdIV9iPpmIB9UwJJYJtcFMuYcQ_3S_ms6pf6eJxJx5UH0AXci_trul9I5D__-PA64EM_eswN9Niy090duu8HhQFmpOBVaLP6P3hJgbcohtiy4Pvx8dkH3CQmDcC9nHFxOBFP1x8tVxR6ys3MGiMX-u6LF_fvRorhJ2rx1166Ua-mPsLZQu1EOgAAdJrpe3rMzlhdXzPM04fQWivn4FAV5a8-s8hpdxGIrOk2XhvjGk0nzink689bqLG5kJ9XPFLzfkfMW1oS_wNJcvFUejvlSFaC_rioIhNl__x4xoTSArOo1Qc-uts6lwzCoMY7flLT4uSawEALc038oG70FOhKDy6gblFKcCY0ag-tEgEv5IAouDe0QSDtm6MLWhCdQUEMLtU_4jU3EMXc3VaJDo4m6-528GoE2Xzo8pmCJuCEC4ixd_SgLF3bQ57m8Pr-BaOp9Hb-uvkwvvLBXzljMwtCE9escGC1ClsJfVxM8nlRq76Gor8-3tIbzpKpB3w4c5zFNbr0A&sai=AMfl-YSgFxcPFJYaT0saMjAOxpFuHQlFDkLacPX7uY7jdwAlPNrdxTdrogp5LP3fMPlh84hUA4XibuYbNedHmETcuJrgXVMgLvnJSvBdij7N3NuuOfl2wdQVKTbwqE_I0VVnYmur5EK49W-IAU3xEKFiLTLdSkIOaA&sig=Cg0ArKJSzNlFXE786HCfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=131&cbvp=1&cstd=129&cisv=r20211011.39072&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 13 Oct 2021 04:13:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0B5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEClRFEHYs-Tb-dJuQLU1fEg&google_cver=1&google_push=AYg5qPI3Gd0H8jG0pPGba8sLfxNBfOA-alF3KDSg6dohrKQNRGQaAdHL9c9om7C_QJyCOWfZw5XFASYYoblqBwWc...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QJRhZlzQRACa7tx-CNd0dg&google_push=AYg5qPI3Gd0H8jG0pPGba8sLfxNBfOA-alF3KDSg6dohrKQNRGQaAdHL9c9om7C_QJyCOWfZw5XFASYYoblqBwWcBY_nPf_8...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QJRhZlzQRACa7tx-CNd0dg&google_push=AYg5qPI3Gd0H8jG0pPGba8sLfxNBfOA-alF3KDSg6dohrKQNRGQaAdHL9c9om7C_QJyCOWfZw5XFASYYoblqBwWcBY_nPf_8rIui

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 13 Oct 2021 04:13:06 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QJRhZlzQRACa7tx-CNd0dg&google_push=AYg5qPI3Gd0H8jG0pPGba8sLfxNBfOA-alF3KDSg6dohrKQNRGQaAdHL9c9om7C_QJyCOWfZw5XFASYYoblqBwWcBY_nPf_8rIui
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Oct 2021 04:13:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0B5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEVrbz3nZ2oTPLiixLr5wi8&google_push=AYg5qPLCIEjdG4XeoSSGWt17nCYmV3thY22HKRr60CoOfk4au23krTBn31...

170 B
188 B

36ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEVrbz3nZ2oTPLiixLr5wi8&google_push=AYg5qPLCIEjdG4XeoSSGWt17nCYmV3thY22HKRr60CoOfk4au23krTBn318BS8vz75rvUaX0gG08-e7NyhW4B5Ch6t9LP5EGJDwj

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1634098387.915429,VS0,VE94
x-served-by: cache-hhn4046-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEVrbz3nZ2oTPLiixLr5wi8&google_push=AYg5qPLCIEjdG4XeoSSGWt17nCYmV3thY22HKRr60CoOfk4au23krTBn318BS8vz75rvUaX0gG08-e7NyhW4B5Ch6t9LP5EGJDwj
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F0B5 70 B
264 B 33ms
32ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELqjbn1YtQZ_rK-q_Le-6P0&google_cver=1&google_push=AYg5qPJgPJ0ZvWUMBJL1xkKUrbbreupPUcJN_hXBUzK-x7szWrGe83jIwnJXbyKiat3QuAGQsAljMsSjfaH4A8azwxFheRg_qM6Naw
Requested by: Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0B5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAHWFYM8jQ_56rgiXx3G620&google_cver=1&google_push=AYg5qPJiaVl9n-53Lbpoe6Z_SsVY3t6I7VGiCvyHJUS415mmcRU9ib3TxqPKXy4TTbReaRPgVprNXOBaNfxXEGlstacVRjq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJiaVl9n-53Lbpoe6Z_SsVY3t6I7VGiCvyHJUS415mmcRU9ib3TxqPKXy4TTbReaRPgVprNXOBaNfxXEGlstacVRjqvvA1Zlw&google_hm=MTM4ODk0MTYzODYxMjYw...

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJiaVl9n-53Lbpoe6Z_SsVY3t6I7VGiCvyHJUS415mmcRU9ib3TxqPKXy4TTbReaRPgVprNXOBaNfxXEGlstacVRjqvvA1Zlw&google_hm=MTM4ODk0MTYzODYxMjYwNjAxNg%3D%3D

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Oct 2021 04:13:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJiaVl9n-53Lbpoe6Z_SsVY3t6I7VGiCvyHJUS415mmcRU9ib3TxqPKXy4TTbReaRPgVprNXOBaNfxXEGlstacVRjqvvA1Zlw&google_hm=MTM4ODk0MTYzODYxMjYwNjAxNg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame F0B5 43 B
65 B 30ms
29ms Image
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBAzkLuCx3Y7wxC1nIurwpw&google_cver=1&google_push=AYg5qPLIOCdjeoPC7wiHKErpgZAiw90t5044xw8mTLJOffD8X3kU5rVmA_0-hnspkr-hl4BAtSOw3O2sm0vP0fVCYxhvTc7Hjvwd9g

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Oct 2021 04:13:06 GMT

GET

pixel
cm.g.doubleclick.net/ Frame F0B5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOKCXrkAsfeKpUGtEWIiwqQ&google_cver=1&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2X...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOKCXrkAsfeKpUGtEWIiwqQ&google_cver=1&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNp...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmN...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0B5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELfb33iyDdWP0UyrbWduJs8&google_cver=1&google_push=AYg5qPKSONdWkqvcjrW0M5Ro5CTOVrhpp2WPSyOv0Yuu34YoBZI1YHlJ55ukZI0Yi8XR2kpAnc...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IcU15dnUxRTJ1Rkt0anBZUlg3bmFBMDY1aVVPVXFSZn5B&google_push=AYg5qPKSONdWkqvcjrW0M5Ro5CTOVrhpp2WPSyOv0Yuu34YoBZI1YHlJ5...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IcU15dnUxRTJ1Rkt0anBZUlg3bmFBMDY1aVVPVXFSZn5B&google_push=AYg5qPKSONdWkqvcjrW0M5Ro5CTOVrhpp2WPSyOv0Yuu34YoBZI1YHlJ55ukZI0Yi8XR2kpAncxICk_KuH0EXIvjHrg9gnmwOLW-l_o

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 13 Oct 2021 04:13:06 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IcU15dnUxRTJ1Rkt0anBZUlg3bmFBMDY1aVVPVXFSZn5B&google_push=AYg5qPKSONdWkqvcjrW0M5Ro5CTOVrhpp2WPSyOv0Yuu34YoBZI1YHlJ55ukZI0Yi8XR2kpAncxICk_KuH0EXIvjHrg9gnmwOLW-l_o
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F0B5 0
12 B 31ms
31ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqYCGwVKw1KH8ByVFpHE3dXFVF-5YyifOgQUY3xN6OzRMoz3L2R5ncWa9HMom-q2idmeyQ_g

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 texthash Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 39 B
108 B 37ms
37ms XHR
application/json 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/texthash

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e6386b722435ce99065f6ab409ebe9b4a61c708a602d8000bb62d990122508

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69d5bbc62a432181-DUS
content-length: 39

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C42F 23 KB
9 KB 26ms
26ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Tue, 12 Oct 2021 07:40:06 GMT
expires: Wed, 12 Oct 2022 07:40:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 73980
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIyFbw382Kd3vzPyY2R3e0ewjCp83qb-DZyRf5zdvDxIFDxqmquQQcpFt1A7bOEUCGRVKc3ME8gb7STDDz8eiSKq8RCUhKW

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIyFbw382Kd3vzPyY2R3e0ewjCp83qb-DZyRf5zdvDxIFDxqmquQQcpFt1A7bOEUCGRVKc3ME8gb7STDDz8eiSKq8RCUhKW
date: Wed, 13 Oct 2021 04:13:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJtKsn14unUZDfy1LUlfQac&google_cver=1&google_push=AYg5qPLxT_kJbnIMY7FS4ofU_GBU-TNXAvH9L7IfF0IfOntrURNPjoR7M7G7q4gGJL2VYS5pDPk...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLWjQtRy03SkUz&google_push=AYg5qPLxT_kJbnIMY7FS4ofU_GBU-TNXAvH9L7IfF0IfOntrURNPjoR7M7G7q4gGJL2VYS5pDPk7jYsRJpCsZDtuujnbVDY1oU8

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLWjQtRy03SkUz&google_push=AYg5qPLxT_kJbnIMY7FS4ofU_GBU-TNXAvH9L7IfF0IfOntrURNPjoR7M7G7q4gGJL2VYS5pDPk7jYsRJpCsZDtuujnbVDY1oU8

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpLWjQtRy03SkUz&google_push=AYg5qPLxT_kJbnIMY7FS4ofU_GBU-TNXAvH9L7IfF0IfOntrURNPjoR7M7G7q4gGJL2VYS5pDPk7jYsRJpCsZDtuujnbVDY1oU8
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0D9B 0
12 B 32ms
30ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KP2t0V-IbJZN3dbagzRAYGLQfwMADuKrATGWA

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8655 41 KB
15 KB 27ms
26ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 11 Oct 2022 10:04:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A46D 1 KB
749 B 24ms
23ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 08:58:57 GMT
expires: Wed, 13 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69249
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8655 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f3d788e10f68f663190de84a56059ad2e5633c1762ef05754d6331082108cc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 homepage
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ Frame 0
0 44ms
43ms Preflight 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=5lgmmyidd.5cgp4iuoq

Protocol

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://www.haibunda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 600
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69d5bbc6fb252181-DUS

PUT
H2 200 homepage Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 2 B
80 B 289ms
288ms XHR
text/plain 104.16.92.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=5lgmmyidd.5cgp4iuoq

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.18 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 69d5bbc74b582181-DUS
content-length: 2

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2AB6 0
23 B 34ms
34ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 styles.css
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/styles/ Frame 7F0B 3 KB
1 KB 22ms
21ms Stylesheet
text/css 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/styles/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

f592cb3a2c480c032437c529c8e93e3eb79aa0a5b083d6103cf98b614516326e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/ Frame 7F0B 27 KB
9 KB 39ms
15ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/TweenLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc6f6eef6a5856aeb3a6bd1e3e5d46c4c08e50d749d8c044f120f10bc2d63cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1270349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8823
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-6bb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HxuJKN2XfV3KsPeahAadofFbIxtANICOj709Ow4D2AwF5TjWU0%2BB8S8NwvHm%2BXvfQk3ZjexDpyc1qR15DrexkCkyDqAcSh7WNGpMCrl63JR%2F%2BZX8velg4s4kJ6WAY8j2XGNeu9e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69d5bbc7ba2e2175-DUS
expires: Mon, 03 Oct 2022 04:13:07 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/ Frame 7F0B 5 KB
2 KB 40ms
16ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/easing/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1160865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1807
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-155b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sthw7yO%2FQecxxdRibKFvFNozuwOip%2FmjCpOZ2mgvHk8yT%2FuR6kxmxDBhTQiIcydJyLz8xE6ECTRpD%2FKH%2BWr6O%2B4VY5AMxz%2FyrGBzXwLHEZPBn0IosbrChuVR8na5A6JdLfcufS9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69d5bbc7ba2f2175-DUS
expires: Mon, 03 Oct 2022 04:13:07 GMT

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/plugins/ Frame 7F0B 40 KB
15 KB 37ms
14ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/plugins/CSSPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ece61e45e94bcb16969dc25b12dd94cc0c4ef9a968bd524b36d1388141cb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 469986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14328
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-a170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlL5WMFcm4zzzYMg09MTAwNt45UKhtQuDxNconTSnluZyoYzFAvM9cytROMtKY993zLgO%2BTTM7MnnAk8jRx0%2Farp4VSeV66%2BZYc9aN2%2BMeiwkhq9yrVDEpN%2Bhs39n26fHUcSEy4P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69d5bbc7ba302175-DUS
expires: Mon, 03 Oct 2022 04:13:07 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/js/ Frame 7F0B 6 KB
1 KB 22ms
22ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

41499266d7752a476dcf1e01c501630c3b7054dab537942a92b37e245927e20b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 img_frame01.jpg
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 93 KB
93 KB 27ms
26ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/img_frame01.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

bae77c8690b9eb404e409f088d50e582bf720b3b6377acbec0cf52e4755ba5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95313
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 img_frame02.jpg
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 84 KB
84 KB 22ms
22ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/img_frame02.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

c5ba2d2ffe4b1f88b6f38fd482338ed6b493e6fd1b789c9ce932ed9aee33efab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86356
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 img_frame03.jpg
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 78 KB
78 KB 33ms
32ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/img_frame03.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

58d99ef34d9876dae1ab426dfd8e7ce3dbfa334e1ce566172a4b61fd9c721e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79421
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 img_frame04.jpg
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 83 KB
83 KB 37ms
36ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/img_frame04.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

a54a35c4ab3d184f01f1c38dc7aaf01255993f1e56195cb2586f3bf3aa636e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84808
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 noImage.png
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 95 B
119 B 35ms
34ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/noImage.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 Logo-Philips.png
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 7 KB
7 KB 36ms
35ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/Logo-Philips.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

0a6f956c63c806bdd6c63ebb0ae00714364485c7cbaa78e493f81f3d15e3011e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7494
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 review.png
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/ Frame 7F0B 5 KB
5 KB 38ms
38ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/images/review.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

c3e0ae16c974f739f985451943bbb1e78c5df09799377ca8298dfbfc0c125697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:02 GMT
x-content-type-options: nosniff
age: 55325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5332
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:02 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FFEB 22 KB
8 KB 26ms
26ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 11 Oct 2021 10:04:54 GMT
expires: Tue, 11 Oct 2022 10:04:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A46D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL6T6PJcr6qoeJP1Vi_xL9ETH_1Fvh8K_aGjTnMQ4Mhi2KJsQoJKCgQKpJPTcKjnSVRBVMKaeyf4HlvAN8kTeUlKyDpJ9Vs

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G-v2ElADRySdoVvEBW4itw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL6T6PJcr6qoeJP1Vi_xL9ETH_1Fvh8K_aGjTnMQ4Mhi2KJsQoJKCgQKpJPTcKjnSVRBVMKaeyf4HlvAN8kTeUlKyDpJ9Vs
date: Wed, 13 Oct 2021 04:13:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A46D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJtKsn14unUZDfy1LUlfQac&google_cver=1&google_push=AYg5qPKNQpYOw0wVop_ac0wgrcOeUaCf0_ZTW6Xs57HC0xZGHsHQ9N-gfPDnIH2Ihzk8KkgJa-F...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpMNlYtMVItSUFBVg==&google_push=AYg5qPKNQpYOw0wVop_ac0wgrcOeUaCf0_ZTW6Xs57HC0xZGHsHQ9N-gfPDnIH2Ihzk8KkgJa-F7JuL2qLN_CrtbxbkNrpuiUy6-

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpMNlYtMVItSUFBVg==&google_push=AYg5qPKNQpYOw0wVop_ac0wgrcOeUaCf0_ZTW6Xs57HC0xZGHsHQ9N-gfPDnIH2Ihzk8KkgJa-F7JuL2qLN_CrtbxbkNrpuiUy6-

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VPWlpMNlYtMVItSUFBVg==&google_push=AYg5qPKNQpYOw0wVop_ac0wgrcOeUaCf0_ZTW6Xs57HC0xZGHsHQ9N-gfPDnIH2Ihzk8KkgJa-F7JuL2qLN_CrtbxbkNrpuiUy6-
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A46D 0
12 B 32ms
31ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2OFSl4-pFkWvAn0xarwFEDKErsJ33N0YnWbI

Requested by

Host: 6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
URL: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response
pagead2.googlesyndication.com/bg/ Frame C42F 35 KB
13 KB 24ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 12 Oct 2022 21:42:15 GMT

GET
H3 200 centralesansbook-webfont_woff.woff
s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/fonts/ Frame 7F0B 20 KB
20 KB 23ms
22ms Font
font/woff 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/fonts/centralesansbook-webfont_woff.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

f22eedafe130c14c32e71a6227ffaef8b7e02fe2b46c0176b3e474a1b859f6ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10772947/1633593612059/DE_ESP_2021H2_Phoenix_Explore_V2_728x90/styles/styles.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 12:51:03 GMT
x-content-type-options: nosniff
age: 55324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20604
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:00:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 12:51:03 GMT

GET
H3 206 file.mp4
r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665634386/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B1BA 869 KB
869 KB 30ms
14ms Media
video/mp4 172.217.130.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.130.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

8222c0abfdeba53481fa3b2d61887bd1bfee871ba0deb41482d48f78bfe1cdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-890171/890172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 890172
expires: Wed, 13 Oct 2021 04:13:07 GMT
last-modified: Fri, 20 Aug 2021 15:16:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response
pagead2.googlesyndication.com/bg/ Frame FFEB 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 12 Oct 2022 21:42:15 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8655 0
23 B 34ms
34ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C5BE 42 B
64 B 69ms
39ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH0qwskvylrh1NJL1K0Me7E-BMjv9khq6VbBYQADC4oLeSU_4ycZhMecjk18ByLd4DJ-5aFc_m8Z_25181ay3LZY6vZWz827MmP8SnPSe4lVZBTgtedw&sai=AMfl-YRM_DAJ3slpAhiUG7JtfgKd7wip8qAzAITskl-4wa7lSaqD15a5-4Ea5oyDeFbIycvA1OebfMGKfnUAeltaDd3Tk_DqlQCNmLaRogDEbUyFnYJGL_lXOzd18Ok&sig=Cg0ArKJSzKA204Qd9bD4EAE&cid=CAASEuRoeezHmrYuOyG-qyZ7BI321w&id=lidar2&mcvt=1069&p=0,0,254,970&asp=268,315,522,1285&mtos=0,1069,1069,1069,1069&tos=0,1069,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3438090239&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634098385607&rpt=650&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 52ms
36ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2f7e54553e7624254502dd0f08a440d8b98abe4679d08222624a631da44ef968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 04:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0

POST
H2 200 rum Show response
www.haibunda.com/cdn-cgi/ 0
231 B 29ms
28ms XHR
text/plain 104.18.1.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634098384.1.0.1634098384.60; __asc=874efa0717c77da90b745fb6237; __auc=874efa0717c77da90b745fb6237; _ga=GA1.2.1770791578.1634098385; _gid=GA1.2.1303965659.1634098385; _gat_UA-891770-244=1; _fbp=fb.1.1634098385260.2098472105; __gads=ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w; __dtmids=undefined; dtklucx=gen_59574087-03a6-0801-809c-a686cf3cc198; FCNEC=[["AKsRol-YhxnANulIVuAHU5icdc6f7aN9A08y-TVQy-isny-Sw5rXyI8J7yNKyvsbUmmpbkk3CzLkpuDeFvCijXIiCGYBK_kzfxIkBNAuQm7NWD1lbEc-KeCJ8nZF3HmbC75UVpqCsRJHEA3HG22spKHxKrHKGXMM5w=="]]; FCCDCF=[["AKsRol-YhxnANulIVuAHU5icdc6f7aN9A08y-TVQy-isny-Sw5rXyI8J7yNKyvsbUmmpbkk3CzLkpuDeFvCijXIiCGYBK_kzfxIkBNAuQm7NWD1lbEc-KeCJ8nZF3HmbC75UVpqCsRJHEA3HG22spKHxKrHKGXMM5w=="],null,["[[],[],[],[],null,null,true]",1634098386790]]
content-length: 58118
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 69d5bbca496021bd-DUS
vary: Origin

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 04:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 13 Oct 2021 04:13:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6BD 0
20 B 46ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlaGy0VxmYfqcKurH7_UPvtiZqAkAAAAAOAHgBAI&bg=!q6ilqOzNAAbGFvHlxhY7ACkAdvg8WozdzJ3GhEcrSGM6mXI59oiklh6qDGM1pHar6dSsUs9s1NR9BwIAAAH5UgAAAEloAQeZAyeQFmzqeKd6jXivP_0wi_WIQkT-IZ8jYLVNmxnN8zekW7KMwWnkQfDf8Qo4DTqToinn-qM62Z1_Fjafqy_qlUnF0KTeuRpjE7w_oQa2GONV4GkZKMywbVJwd6KYDlabbLnkCwq_4kafqvZO73w3CyCTZ7ip8w-oXoaDfRv8EqeOOB2J8T1zsGK26LeVQAWOUrV5ceBldSVaWZkbfYigW67hUjBBDT4Zaty_8-HlTXhxj-ow1S7RNlwHhZvrKK8v0T1vXQTMAs2t8H_4FkfxHS2UGnRqAcRjPY5HjJggDI7WNRF3Ej7AN33bpkrnrZ6M-dcrGo5IVhwfplAlyb-6YRLmUv4nxCY2dfD7mVhRBwPNesVUnfyonvnYXxrRlIemy1bO-G6MgWf_8rTAU_qONQY6Aujgy6QoL3ADWDlzUB6P9hk6i85UNKqkhwZMkDTFc9RUFHVCKMju-un7Po0G3QqGcsVjb02JIGbOKH0OqCmb2k2kLI-7IbV5UV_rdYennROddbYvDFZgrI6TmncAEc1XYOslDZJ8H6UQ96BSawyQ5vZVG7AT7eqsecWhCfdef9YCl1r-lr4Eek_Rv5Axltq0tFAeGJNK0pCipFqzDrkSAYAYaSThIWp2T3xkeToje80Fi-vlBPf5T6YUaWuprc3HsfuaHSM_0RrYzO_KgRXDNqAk38AaC8xJ0nMNYLE4vSpErHEN5Loko1RMox4qECsKPaTxgT1lNJsS4Kdt06hf7rAzlI5-XOrUGufkH1FviT8r0sifrBvkMBxg3mCZVY3be1k8AiY-j9lkBk2n6fdLbpU611RpQn-5njpsIU3Oa-V8-urxcOjkivhqPA0MjwW2w1ExVHmrsY8EjLDwQJ_z2JPLCuZ7PMiBYh3BCLm382JJHyqNZXuZo7dinnd_Umz376ACgZlu-9IwP0bHPA1Adu7xKMQDng9atQxoID87lSkm6iRpe0f8tj_YxvDwG1hYZ9AJTSjtWuR0RmQC4FMVRKhaHwBJOLDyzllt8iN_6Vr1QQA4fByp3uP7DmTIEMX2BeAeQ3IcJHcJssyHLL4OuwdcBNUaI00

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E23 0
20 B 47ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byv1M0VxmYabKKqOR7_UP5ai-oAoAAAAAOAHgBAI&bg=!n5ylnNjNAAbGFvHlxhY7ACkAdvg8Wptb3cr4IxZlfRXW_eux3mDHwwfjvFhGXqpUZkxWqItX7k9iFwIAAAI9UgAAAEVoAQeZAvjLE9CmOFzG29sb3ioM3PxECVAw7rYcIEj0KeXxpGhZSsIyfok4nC429_-23U3ymmDSbS5RztZOz3bJ5t1fgvE-cWapF9B7guyIJkys5hLweLSOV7CFxkfnAAY21cVtgrOTFKONQQspS1iwq5zfv-Mi4Q1pDzWpcqGv_NdfeX3K9icf6AWx8RmeigMgwA1rbPhQhT5X22R7y-K99mk_9TxEH8qBieT8PfH8Hn8YzYMdQhR-jTwzpUUZnHWpy_IL1Qxrlcb9hmTQr88NFLlqvfxZarkeZ44d5eZAOp9vH0nNWNKRylLI5sOKWKjyYBR7mSvfMU_FjHpl7uguw0CKmD34qnYu8n-iO5NUlbfQyhiBbX_MJn8CmJhPgDKN9RYXKzNWn0wzRTlrfe8jMtbSE3i7KYj-gXsHYj4NDjkTl-FNWBcT0h1aRD-3Wtge93KXtecTrwo6_Tk8ZobMxNk7q0xE41dttYMAikLgpApwK0IqdbmZ0JWcSbfJFAgRjxBJHsWu2tD6ccJdaj0sJoTYfe1Y4XKfevvTDuHKMu89iHfiCQjSpDvZBxNRma_PjRylbytNV9M1q_liqBPmJUtZyLUScixGYGOpZ3ZSOQxQNkVkeXlicPvRlv5Xc-l7sbkL0MTf-bT-1J0vYCr9n0ypoIbzZkuzVs2jPw-JioKYo879EC0EAw4P4rphUBkCY1qdwfjzc5kX4KwiHKwQjvhbNJHtY2Kkk9XGzpnwJeYMng02LzxULi2WRj1bn4n_-Cf-Qezv9r7F-3vZk1HwSiB5q54ZknH3-HAxtkxJL3ht49rKc5H7XbWProecr_WgYzuYkOa1BHwlE1olzFEAut9CLhgGXjCGy-fVwvJpmgXuEDQywvorMWEK4e-sZpxLy_nbugiWwBCxQqeYO0J0G9VBoT-ju0AJc506qxPJnnuO6fLzRqFvqm6-FKdUZW3S7KtuWws3hnDFzolFo6YHd5J1CJJIZax2PjJFeTq2eQx_h9QkUvEWtYVGqpHQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 74C8 12 KB
5 KB 26ms
26ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 12 Oct 2021 16:52:01 GMT
expires: Wed, 12 Oct 2022 16:52:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 40866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2988 783 B
534 B 30ms
30ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

1758b668487aa4156e21e84c6d6f8075fb98b37e4cdea7af0753d928e63e7bb1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EvYCc9rzEEoHudf4bwTJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 13 Oct 2021 04:13:07 GMT
date: Wed, 13 Oct 2021 04:13:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EvYCc9rzEEoHudf4bwTJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2AB6 7 KB
3 KB 45ms
7ms Script
text/javascript 13.32.121.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=2&w=300&h=250&c=digitas01cont2&js=pmw1&base=te-clr1-f1b768d6-cbd2-49c9-a5f9-5b590db5eb32
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=2&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-29.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 10ead0b76ee35f15cacafa915ddcae36215f6d5f12a902f154d9dc85e8af817f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 09:03:55 GMT
content-encoding: gzip
server: nginx
age: 68952
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
content-length: 2467
x-amz-cf-id: cjh712VDboZIi_RGA1Dub2O5f_QWbxDCGAh3BjjbNi-rlJ0zWWeyXw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2AB6 38 KB
11 KB 45ms
8ms Script
text/javascript 13.32.121.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=2&w=300&h=250&c=digitas01cont2&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=2&c=digitas01cont2&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-29.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 09:09:17 GMT
content-encoding: gzip
server: nginx
age: 68630
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Q9qfYQsCXIS-MjPL-7h-t3zqXpK_b4ih86QVf_CwCel0hQhwifPneg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 2AB6 43 B
382 B 144ms
107ms Image
image/gif 13.32.121.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=2&w=300&h=250&c=a95b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-29.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: zof4efiDs4gjY9gzsh_ya6WYPAPmSaraRHAkASujK5X_ZX2mcc0iBA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2988 0
0 60ms
59ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100701&jk=1117915544795561&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response
pagead2.googlesyndication.com/bg/ Frame 74C8 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 12 Oct 2022 21:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C42F 0
20 B 46ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BtJ9n0lxmYa7qKrbgnsEP0vOS6A4AAAAAOAHgBAI&bg=!HxylHFjNAAbGFvHlxhY7ACkAdvg8WobHCkhy3NhNrYGcidL64mZjhISurzV78VT1-TtybjQLoMRXtQIAAAH2UgAAABpoAQeZAvdjiagqmMoHiReWo_tlomGqKx3M_YwKrIr-5YO5Xgt0g1UX_FDHjlVYSG4cKrnCCdGUwLH6WMHM6TjQzYM45r9DePXVZzzmZQSXSOHawd49nvPUo2nprfKNgF4qyiwNnLhsoHw68agPmgWQDT9R7hLQXjbmaVuwrE5KXxYAHb4-MMqDaf9-FYynuAWL7waNRtozpmbHdoP4Tm0neUj7sx3kaqTjTuvl-coR5IMRBb1NTYrIVwJrXBSYMeYcDVTuHSKZGgIZYiL43RU_uR8dDw0a5nCKCHwZr3596bK_i4VOPt97er0Z_fMrGztOMUYZij1ybQX7Fv4ktjyCBanbU_GKwN4rCFW-bVi6n_Z4XoWPcTva7Bz7yEDlffFdFPwb9rpvHftYy9Y8w846xeFwXXAVKWOWrBfL6oJoxV4SFCgV6jPmOIJV4n-XOukcAW87J4p9OzOPFEsVykrbnjWlxQc4rfu2mt8O7dMcma7PkO_au6o4EFIe3JK3HLj24k_VlMVyu9A6QNdw2ya54b_cqOzAtuagtiUe4lDJMTwP75tdiYLmb8QHfMFeEDgTwpjFqiWijh9mtkSEyrA7jiHO25esOsQCaCR0CWrOcPfSToLfNH2B9EIBTRPuSiPA78I9GZLI-HgvTxBjflG4bSVk_cpTwDtpe9ri58ubo9GcNlZHrs4KtfTB-P2um0abi2ScPd7orlqC-5HhtGOhSk-21vYpTJoNQiKvchdX5fMMO9q7nI0rTPjsTTPsqDymcZ2YNyyrlJ5RoZ_04ICnS5nGy76q9LrzI3dEZ9cPSnxIuO9LsfVNAdDJqxLS_0iYyWf5VNFowjY_a5jPufMCnPTCI_xgcao_vDf14lcLaxbjZmkL_EviFePmtkBxWaHqKw-_CmvyUs6214ZSfIKZ4S6q9FjNrFAICOXmebOXdLVTywud7Gc23A9sxJjpvc8WmaHQRNuhCWo1DoOLwE2KohCoBP_qxtYlOdZH1ILNM-l_UwhgsVVgoli49Yw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFEB 0
20 B 47ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjPm30lxmYf2rIIWulQeZh5uYAgAAAAA4AeAEAg&bg=!QEOlQwfNAAbGFvHlxhY7ACkAdvg8WoqgbTi9kNlbt8QdbeZhUwktYgGPIEzwyKqfs0APnkLeWrZhEQIAAAFwUgAAAA5oAQeZAx0pdBqKc9mwUGx0F1-NLuOyUI_OB3nqUNdDGbjkUxHNXSMUZ-8otfXDr6Ey0vtqW67d1E13TFyGB6n-QnmH2CpH8BB0suxcPfZEfSZWf89qzBX8cMvXEikAbomcz5tOzSi3NodUxj-KybHE1AelRIJStpHwKL8-grVhWcHqbrxT_nFQ_veDyrqZUQc9fUAFIQ7fCCFcck66GOHeJgp3WjC000YGZHdxOm08aZBluCfX1wuvdIADjg0QOg6twx1kBlk0YMGC1GDvGJ2jLwMrGRzaimlAw4_onw40n4gpZfiwGoPxzCp-tM5HENFeo9CRTixbdS8ZQXejvUQA3wUjsUrS2ctsygCM-eZ7asIiNE3CUVUVGRVen6tACHGeQ_3rfHCABIF2WWPpaQMHCyhHRwd-GLdzt5CV17vHh_HpqUBDaOwo9OIv-uHLs8r4UZafAoCIP5rVGSI59JkDaaij8aE99UMtc0KSo7tQP2--6XVLivVsVWk8_-mpP1jNYwQ7Oaq7ySRxwD2EVSkvTzWKhYJXlBBkZiCXDLRB6IqMD5WDDkFPLD04S-6WFPwCwhadB4bvqh2LGlAWGuTjP5dZ5OBmDKdX1Y2VlqCM6efWkVmrPRIEabi8WNkYKhxKD3zgKMTQ0rdFdNRhVZJIZRW7hMUpwre1BZZjMsRdu0dy5Mwgu_wzc7TR61kZkTDfAWKWECljYyux-SZe2FZTD-3plgYr4EsvAn-XTcFmHFeTfKqIPgNgcnWAIVIFmub4jiZVKcPKeZY7n-NHY6KKqJ2hJ1O8jgc0KyPpx6RVxGgBUH7N-HLbKuF5zRohXW2LZMMkLDfw5M9lgO4kw3GBUeCT9uiiF8FSEmDRON_rzbYMr6ApBA3wXnkGD7rfjINQReoL0evuff7hn2KWEmVxuW7jxKq-GTGmDH9acfyi8UW4KKI7Ou35ieFJC5s0CoMeIlDzA3WKQo8N42E8TiNRQZowC55yymgYqNcWeZmP-U_svuFqXauMvw094CyDMvDzVeNXInnspF8nLucIQ0q5Jyn-DvaeG0oZTescKzt3ZBpCig

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8655 42 B
64 B 40ms
39ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqhdhF-ptTTu2hHRjTKTY-dBjF2g6l5B5UuFOld6VKmdx7s-4LW8j2Jryw_IZsyKn-a_Vv0Qi3sXJ3RGAm6qbBV7FavwHu27SV-PRp3r-lFNC-ssR8kA&sai=AMfl-YQkNBtvK3kqK-mqNDmceM-MV-goednrJ8wVV3ACy9ZPkq_mLWNsPK4ohgCHaCxbj994xL6ssuQb_yq-CmWjOfmolwj-lPjz215P2VEhdzjUwnWB1XFuAdMr0xk&sig=Cg0ArKJSzOC3O0hP02CyEAE&cid=CAASEuRobqJYYV374uGx1jT2VphUSA&id=lidar2&mcvt=1009&p=0,0,90,728&asp=1110,436,1200,1164&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=528661791&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634098385960&rpt=1024&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100701&jk=1117915544795561&bg=!5eal5qLNAAbGFvHlxhY7ACkAdvg8WgIkBktNshGgAy_xaaf8Deu5YjyNlkaN6jWu-LsXH15mRO8Q_QIAAACqUgAAAA5oAQcKANrjNeEurG-EZHSJh7c5HhLgfmnKuyKthl1IMKfWxNW5LSWvLO7DJNV0mBMJyGyLerw0uy_uAusecCd6yG7bT-JWYUV8-bkFkJ4wvS_1rrI6-J_PGYv8ExyLcTZMGD6MGJXI4eLKYGMhCnaMoZ0bKz1x4xLk1O_yXWeDDOPEbqUwjlIzpFMGfkqJXAUGBV_XfEe8juCHfjXKguEk5xk94SnDvQbmSlaOJgi22n3XLl6-kzfpD4HhJVxKP5G-PHbHslERaxNWxCohx9xeaW746j1sOL-JcM12vNfK7JkCpuABS_ux3cpUgRCu78GxAoMAhqXaBoWd_dSGQhl7e8icuXXaJlZj925x5m9inv490TyXLLYMlTI30WRb2Zhdmj60DYdvwN3ZYA0AltcdVZiYuHEv_Zpomu1Kknc5sq4kQEBk81Xw5OS3JH1R-efIS-lWz4AhL6tfJLpb9KfQ0KuepEiLCDhn7CGUXppJxKpoW5vmd2UDXiSO4YV6Icprpr439k-bFarTW3NBEyvNqIxtQYJ9XdgJO-C2uULDusNIe1e5HJSu4ePJn8fWEuTSIA0YJV5nGOkYNr4TcJsRE-UPC_kZN6eIIDTnP8TqJpSs9iXZ4jbjymwGKUraTZcQufpgtb6vX-MhY3nksbfUHJ8O_RRf2vwo0TBitv1Av18GjK8dKDj98cqCVaE0pXDVDqrl-3aP3K0Rk3697RIVMNoVphN2hKp-X2oEaDWB4YH1xyLGTK7LpWNlryHNtziyUXV38pfeH95DdOnW55ByTBKfchBcH5x1QNF4xwYPcDfG6KgYnnjPHlVRYzUgvtvkxr3XTqKa4mkMx5873LK9T2FyZwdmUNP9wjD1PvUMYvat5fKXRs9OQ40qsVZml8PCjSxcFiIRwpjz94NZ_MWVCOQzFmNnhauuDn7PQTtyFFHJihqw5mL2rwM8GOe4M4P-B87ZZdJ-hN13rfgkUQABaquvOdn807_nVzb15bY_N8Z7WHo0r1ll4gf9Kw4Jy-SLQ1Ex5OkviaUGIS9ks60KhhdYxodANSbxcBXUaJjDS_YOUJvjkALexCv_1p4DH7SABrzpUO8Ymii5uYCKk7oQ8Dpwn-EvCabjzdIozYWvoyJ9qZuMvlEnWyXOKCBfj5OF_EouZq8uNEqPNqg78lz9GSBuPL0lg1P6Neo4YWLawcXTHuBDMSttCw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame B1BA 0
17 B 85ms
42ms Ping
image/gif 142.251.36.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kuozzkrv&c=1832559179652&slotId=916279589826&qqid=CLu4se7CxvMCFUI-4AodUowIfA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.36.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: muc12s12-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 1 KB
2 KB 15ms
15ms Script
application/javascript 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?e_rc=1&pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by: Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9d8b42fb4e5e192f29bdfd53e0674f1a5208a3a6de1e602b56052e008b37278f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:09 GMT
Content-Type: application/javascript
Content-Length: 1241
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 0
sync.1rx.io/usersync/eyeota/ 0
107 B 48ms
12ms Image
text/plain 213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/eyeota/0?dspret=1&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3D%5BRX_UUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17c77da8f57-512f0000010f5bb0&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=17c77da8f57-512f0000010f5bb0&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dm...
https://ps.eyeota.net/match?bid=6j5b2cv&uid=45031617621248762102642677213817780888&referrer_pid=mli4m40

70 B
440 B

16ms
15ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=6j5b2cv&uid=45031617621248762102642677213817780888&referrer_pid=mli4m40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:10 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

DCS: dcs-prod-irl1-1-v018-0c3d852aa.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: KL5FOdDcRj8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ps.eyeota.net/match?bid=6j5b2cv&uid=45031617621248762102642677213817780888&referrer_pid=mli4m40
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40
https://ps.eyeota.net/match?uid=YWZc0gAIqBhgmwAR&bid=0rijhbu&referrer_pid=mli4m40

70 B
440 B

10ms
10ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=YWZc0gAIqBhgmwAR&bid=0rijhbu&referrer_pid=mli4m40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:09 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 04:13:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634098390.842112,VS0,VE0
x-served-by: cache-hhn4046-HHN
x-cache: HIT
location: https://ps.eyeota.net/match?uid=YWZc0gAIqBhgmwAR&bid=0rijhbu&referrer_pid=mli4m40
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/123/ 43 B
1 KB 39ms
8ms Image
image/gif 141.95.34.105
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/123/9.gif?puid=17c77da8f57-512f0000010f5bb0&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.34.105 , France, ASN16276 (OVH, FR),

Reverse DNS

p34.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:09 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dmli4m40
https://ps.eyeota.net/match?uid=3177862950431366802&bid=2cr76e1&referrer_pid=mli4m40

70 B
440 B

9ms
9ms

Image
image/gif

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3177862950431366802&bid=2cr76e1&referrer_pid=mli4m40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 04:13:09 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 04:13:09 GMT
X-Proxy-Origin: 216.131.111.33; 216.131.111.33; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ca79fd39-4274-4e00-a022-0e021ab7a5bd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ps.eyeota.net/match?uid=3177862950431366802&bid=2cr76e1&referrer_pid=mli4m40
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kayumanis.detik.com
URL: https://kayumanis.detik.com/api/validation/

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eyeota.net/	1970-01-20 06:40:34	Name: mako_uid Value: 17c77da8f57-512f0000010f5bb0
.eyeota.net/	1970-01-19 21:54:58	Name: SERVERID Value: 23472~DM
.scorecardresearch.com/	1970-01-20 15:11:46	Name: UID Value: 1VFWQCUU9RQMLMURLUGLRWg1634098385
.mathtag.com/	1970-01-20 07:20:53	Name: uuid Value: 40946166-5cd0-4400-9aee-dc7e08d77476
.turn.com/	1970-01-20 02:14:10	Name: uid Value: 3294253373894634933
.adsrvr.org/	1970-01-20 06:40:34	Name: TDID Value: 1446771b-3d59-4fa4-b9f9-d08e00901569
.spotxchange.com/	1970-01-20 06:40:38	Name: audience Value: dd1e975f-2bdb-11ec-9baa-1384e0ef0306
.adsrvr.org/	1970-01-20 06:40:34	Name: TDCPM Value: CAEYBSABKAIyCwiQ0c7Gz4KHOhAFOAE.
.haibunda.com/	1970-01-20 15:26:10	Name: _ga_LW7SH9Y4G8 Value: GS1.1.1634098384.1.0.1634098384.60
.haibunda.com/	1970-01-19 21:55:00	Name: __asc Value: 874efa0717c77da90b745fb6237
.haibunda.com/	1970-01-20 06:42:00	Name: __auc Value: 874efa0717c77da90b745fb6237
.haibunda.com/	1970-01-20 15:26:10	Name: _ga Value: GA1.2.1770791578.1634098385
.haibunda.com/	1970-01-19 21:56:24	Name: _gid Value: GA1.2.1303965659.1634098385
.doubleclick.net/	1970-01-20 07:16:34	Name: IDE Value: AHWqTUm1DAt9oY7tRrEkN41nsiRl0rLRzJVqo88JO7avofmynRhV6N_01O1nipg27oM
.haibunda.com/	1970-01-19 21:54:58	Name: _gat_UA-891770-244 Value: 1
.haibunda.com/	1970-01-20 00:04:34	Name: _fbp Value: fb.1.1634098385260.2098472105
.facebook.com/	1970-01-20 00:04:34	Name: fr Value: 0mZNpylk9bipB5669..BhZlzR...1.0.BhZlzR.
.casalemedia.com/	1970-01-20 00:04:34	Name: CMPS Value: 3230
.casalemedia.com/	1970-01-20 06:40:34	Name: CMID Value: YWZc0YWH8DJ.LJEzcaHH3wAA
.casalemedia.com/	1970-01-20 00:04:34	Name: CMPRO Value: 1189
.adnxs.com/	1970-01-20 00:04:34	Name: uuid2 Value: 3177862950431366802
.haibunda.com/	1970-01-20 07:16:34	Name: __gads Value: ID=5aae958e7da0d16d:T=1634098385:S=ALNI_MaK1MQCh1iz1jdTmBlPJ6RYCjyh0w
.haibunda.com/	1970-01-19 21:56:24	Name: __dtmids Value: undefined
newrevive.detik.com/	1969-12-31 23:59:59	Name: OAGEO Value: US%7CTX%7CDallas%7C75201%7C32.7904%7C-96.8044%7C623%7C214%7C%7C%7C
.casalemedia.com/	1970-01-19 21:56:24	Name: CMST Value: YWZc0WFmXNIA
.casalemedia.com/	1970-01-20 06:40:34	Name: CMRUM3 Value: 2d61665cd22760CAESEI8b1M25DUGEcNGuv2Hg8qY
.haibunda.com/	1970-01-20 06:40:34	Name: dtklucx Value: gen_59574087-03a6-0801-809c-a686cf3cc198
.haibunda.com/	1970-01-20 06:40:34	Name: FCNEC Value: [["AKsRol-YhxnANulIVuAHU5icdc6f7aN9A08y-TVQy-isny-Sw5rXyI8J7yNKyvsbUmmpbkk3CzLkpuDeFvCijXIiCGYBK_kzfxIkBNAuQm7NWD1lbEc-KeCJ8nZF3HmbC75UVpqCsRJHEA3HG22spKHxKrHKGXMM5w=="]]
.haibunda.com/	1970-01-20 07:16:34	Name: FCCDCF Value: [["AKsRol-YhxnANulIVuAHU5icdc6f7aN9A08y-TVQy-isny-Sw5rXyI8J7yNKyvsbUmmpbkk3CzLkpuDeFvCijXIiCGYBK_kzfxIkBNAuQm7NWD1lbEc-KeCJ8nZF3HmbC75UVpqCsRJHEA3HG22spKHxKrHKGXMM5w=="],null,["[[],[],[],[],null,null,true]",1634098386790]]
.pubmatic.com/	1970-01-19 21:56:24	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 00:04:34	Name: KADUSERCOOKIE Value: 1BEBF612-5003-4724-9DA1-5BC4056E22B7
.mathtag.com/	1970-01-19 22:38:10	Name: mt_mop Value: 4:1634098386
.analytics.yahoo.com/	1970-01-20 06:42:00	Name: IDSYNC Value: 18yx~20xg
.openx.net/	1970-01-20 06:40:34	Name: i Value: a38f3b2e-cca6-4f5f-803b-de251c136ab6\|1634098386
.360yield.com/	1970-01-20 00:04:34	Name: tuuid Value: d2b932af-edd4-48b1-9183-88e6759c3e77
.360yield.com/	1970-01-20 00:04:34	Name: tuuid_lu Value: 1634098386
.everesttech.net/	1970-01-20 06:40:34	Name: everest_g_v2 Value: g_surferid~YWZc0gAIqBhgmwAR
.yahoo.com/	1970-01-20 06:40:55	Name: A3 Value: d=AQABBNBcZmECEDtAhMZEobxXGzY21lWC5O4&S=AQAAAqLRDy4CbljMEAPIqNEnvS4
newrevive.detik.com/	1970-01-20 06:40:34	Name: OAID Value: 346eba1574fd0c1bfbbe1c92da98cae0
.id5-sync.com/	1970-01-19 21:54:58	Name: cf Value:
.id5-sync.com/	1970-01-19 21:54:58	Name: cip Value:
.id5-sync.com/	1970-01-19 21:54:58	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:54:58	Name: car Value:
.id5-sync.com/	1970-01-19 21:54:58	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:54:58	Name: callback Value:
.demdex.net/	1970-01-20 02:14:10	Name: demdex Value: 45031617621248762102642677213817780888
.dpm.demdex.net/	1970-01-20 02:14:10	Name: dpm Value: 45031617621248762102642677213817780888

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.haibunda.com/ Message: Access to XMLHttpRequest at 'https://kayumanis.detik.com/api/validation/' from origin 'https://www.haibunda.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://kayumanis.detik.com/api/validation/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cdn.haibunda.com/css/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js(Line 344) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0rkyr-3USLGRg4jmdZw-dw&google_push=AYg5qPKXLypv_BiS6PKJGj8P90GSIzQlO0ikDY97FVxPy02oL1aDQ6FZFI5NXprpIBWveXTOD0tc87mEwrknKmNptPec2XHXwWz7iQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6901a09e505fc7b49d58f400805efb75.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
akcdn.detik.net.id
analytics.google.com
api.vidy.com
bid.g.doubleclick.net
cdn.detik.net.id
cdn.haibunda.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cdnstatic.detik.com
certify-js.alexametrics.com
certify.alexametrics.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.detik.com
connect.facebook.net
csi.gstatic.com
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.detik.com
imasdk.googleapis.com
kayumanis.detik.com
match.adsrvr.org
newrevive.detik.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
r1---sn-2gb7sn7r.c.2mdn.net
r5---sn-2gb7sn7r.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.vidy.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haibunda.com
cm.g.doubleclick.net
kayumanis.detik.com
103.49.221.102
103.49.221.172
103.49.221.173
103.49.221.244
104.111.242.245
104.16.18.94
104.16.85.20
104.16.92.18
104.16.95.65
104.18.1.84
108.177.15.154
13.248.242.197
13.32.121.100
13.32.121.21
13.32.121.29
141.95.34.105
142.250.181.225
142.250.181.226
142.250.184.195
142.250.184.226
142.250.185.110
142.250.185.130
142.250.185.134
142.250.185.226
142.250.185.232
142.250.185.66
142.250.185.78
142.250.186.106
142.250.186.170
142.250.186.174
142.250.186.34
142.250.186.36
142.250.186.66
142.250.74.193
142.251.36.195
151.101.129.44
151.101.66.49
172.217.130.70
172.217.130.74
18.66.112.122
18.66.139.116
185.29.134.248
185.33.221.53
185.60.216.19
185.60.216.35
185.64.189.115
185.94.180.126
2.18.234.21
203.190.242.172
212.82.100.176
212.82.100.182
213.19.147.44
216.58.212.131
3.121.27.153
3.126.56.137
34.248.156.174
35.244.159.8
46.228.164.13
54.186.64.106
69.173.144.165
0007d23baa268a1cd61074407a65f5d2850f4f78a77d0cf141a0c0fdf8fc403f
001d81224ef63263b78bef8004b51e2f23453c0832e67955f1e8012e366a8a26
00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089
0356c516f36efead47f3474b418ff234ec7fa9a714947e955d4916dc43a1d4d2
05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8
0a6f956c63c806bdd6c63ebb0ae00714364485c7cbaa78e493f81f3d15e3011e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c52f38ae08f56837fbe4789808263e485bfba6b52b35e29396fc721557c168c
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fce314cf22a309483ef76aabe3c515e7909b4051b5c6a90cad1ff3b478546cd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ead0b76ee35f15cacafa915ddcae36215f6d5f12a902f154d9dc85e8af817f
123d66a40ec08ab8aa36440f044b1f2adfeb2ed2542de1fc9657e8a094c96e46
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127b27fbf282217a4f9e0b9fce41432832253587d9ff86f4313b4d015f229acd
1758b668487aa4156e21e84c6d6f8075fb98b37e4cdea7af0753d928e63e7bb1
17ab9bff1a5d30e0baf0663d3f7da2691d0c23ab112d89df0f154db902398d28
1801f4d6d54e936e5e50a353ae6cf677e6d61a14fd258db9c9477f380b35c067
18b1e0cc343066e62b319fb4c56c28edc0da941b701ce4e6c8229c82cea40775
1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4
1b576c0bf0fa27ee3ffcb41fe56c8b6c718f14819cda3e7ae1b300b0b6251ec2
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0d978a09a9776d2cc6602d706e880504e526634b88ed33497bcde232fcc7d6
1f3d788e10f68f663190de84a56059ad2e5633c1762ef05754d6331082108cc5
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fa3871ce75ac125ca3433e4aa49b82593f5a7ff714e25f8bc024209d6dcdfc6
2096f9909f6f7c1edbf031b4ba9c477c4235b53b7824053a6ea92e9dc28d5745
21c6ef26a0f322e8d37c1c25f786e456f0f4018de8a9495bc49649428987926f
24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315
24ece61e45e94bcb16969dc25b12dd94cc0c4ef9a968bd524b36d1388141cb4a
281c6b2bbf23407c16636e044f2350695d54978dbd8d74cb706d5f9131f5dcdc
283b069e9ffec726e1b1132f6c8a2395d298305db72af2a0a4256779acdcd111
29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f
2b2d91fcca8a58b653c95398401e92271af5ac86aeb0f84a6878215107f98504
2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd
2f7e54553e7624254502dd0f08a440d8b98abe4679d08222624a631da44ef968
2fbc474ff63f1d794159089435f3852a6402469405ac4b9a5abb99b76a550b3b
300509d31cf36c8bd9dbac091aea8e57013715a4a7a6bf5153e263182479c399
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
384f00915d742ab0886f52d8759c78f9463a0bc8da3dbff04516e480f0d14529
38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3a744ac7ae91aaf58cd2e0a806f5eb2caa539fbef35514be5cf05fd87a4a62cc
3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7
3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080
41499266d7752a476dcf1e01c501630c3b7054dab537942a92b37e245927e20b
465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e
466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781
46c050dcbc10df4efd77d77b95a0bb4678b0cef73871ff3545d2f626ec607abb
4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632
4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640
4ea4bc5c4ef75dc66dda955e8126f9b5603f5b1d573b28f667e174d4dcd3db90
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50087caeb96cf9fe0fdfaf69dc238239d279d218ce187a226a3a1a1ebfe75e10
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
51fd273ed4539f69a3e685db6254c4e77983d40fe6627b9a72b37370b8830d1f
5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9
58d99ef34d9876dae1ab426dfd8e7ce3dbfa334e1ce566172a4b61fd9c721e60
591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
59d752dfa9d8b9ca85ffd56369e6954faf24194d833585aa53683523a69e534a
5c5512b016d834f10bac1a95026c6957f025c878c633f82e46962683acbc8874
5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6119aa7a69886441b7e146ca328ef98c47e6c7d0a0f0b1acdb0795c9f6885a33
621ecfa8e99a39b4446b12466869dd1f7203d803b8a11b88fb588e0bddfeb0a4
62a1871e4b6628d8e7ec4af963840978e11484ed4b96c5798697f01061a526af
630c7612386d9f639409ea0bb7aee66e122b4f73c15528b25596bd836dbbd5b6
67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
684a09b1d6b0cd7d88f89d43c29a26ab68a408cf11aabd37032c821ac214bf6a
6a9c9a5f3a2b792434bea24166ece81e37079eff5665e437a47ae54bf005c70e
6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039
6d87adf3fc109754ef514d82e3d4567866aae1fef3102b98d4e53ec51de3335e
6ded256a0461e30a578ade0f02f04b9586f6604752a1e5e7fc049f565d34b3a9
6faf65337043138cdad2ec7598a514521c268ff08fcde3bcf304ca242cb2a5e0
7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8
73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0
740ff21657f6ff1e389ad1fa52c059213e55297d1653888f767c043dfc2da1d5
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f
78465e3fc2c77fc3fb54e488c5426bee5cbb5923f5448639a4db854a4b71ab4e
78ade184ea09ec2b6fa1fbbe503999ad6d796c3257167f63fbf5975b2317284e
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
8222c0abfdeba53481fa3b2d61887bd1bfee871ba0deb41482d48f78bfe1cdea
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22
856da369b5760a486d9b07f839f498bec08ac2cbf160c9aaffce4be21b2372f7
86d66cf6883784160f5a95009995428eaa9d2898819ac5bf27dd7443e85cc788
880b95d819ddb563bd389dc8e85b00a402a2def535d9e5fd23f333e06464da5c
88306f2686a5c243cf49c7d04099a6d719e931458a7129b9c55edba4859d1aa2
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
89fcc0375149a3f29180c96159cca98bffe1e6bbb2ba93727628c90ccaa91db5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d
91ecf3433ea550594b627301ecb6e7f1ccdee8b861ab48ef48e2376e5ad85ea6
9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818
94c5c8b3ad3d42a16f7d354e09c0f497c8c9cdd25aff3ad0c8c61abb4180fe7c
95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4
9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0
9cc6f6eef6a5856aeb3a6bd1e3e5d46c4c08e50d749d8c044f120f10bc2d63cd
9d8b42fb4e5e192f29bdfd53e0674f1a5208a3a6de1e602b56052e008b37278f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a290f687ba5e560502b237787b8f76f3abaee5780a3818f10ca594fd943b788b
a370458a6ec2f3885c58376f5e59124af3982b9c3d875b2aea4599cee0260150
a471fc4a4fe0c78c6e8c66be713c066849a5b22bcc801d55d0ec562fd78496b1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50d16fb94114f97b8afe54fe017441606825bce1a6cb8fd2390ebd8130d64e3
a5403de584447c64021ad774ebc8fb49a14783e66afc4d41bbe83aa4ae6a181b
a54a35c4ab3d184f01f1c38dc7aaf01255993f1e56195cb2586f3bf3aa636e4b
a5e6386b722435ce99065f6ab409ebe9b4a61c708a602d8000bb62d990122508
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a688611ed55222a0349ff8bae8a7795dafb54f638b026cd835d3d38e5d36adf6
a6f564cf133cfc26e10d80a745642081f4999ce7881c86b84814f168c88a9023
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78803722296e42908804386f9ed6088e070ee311ad1768fda1e279b5fcecc75
a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b05414f908cdffab3fbd3f03584c35ab0fbb59276655971e1467ba2479f4a18b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652
b28ed0d85790996c5ba8b672133fdd131e72085d657da84842aaedfa049aa7aa
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b4dceb5f8276f9d8fc656f3828b2070ce06692584cf1b451ac8dccc479e88ce2
b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe
ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f
bae77c8690b9eb404e409f088d50e582bf720b3b6377acbec0cf52e4755ba5f7
bb89c8942fcb6f60e64e1178b76792a89b549cb044ef282921c37117d2bb89e1
bbad19ca3686c52ad9eec54ca1294d017e561b5a9e945cbcc434950169480cb3
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19
bf1e21b3df263a7e82d0847f4878fd4dd5bc54d2774457d1c52a38fba6b47440
c2ab53e7f7c47fa1a70f8cc0add134ea90ff153cd07cf32bdc85abb9a73124f3
c3e0ae16c974f739f985451943bbb1e78c5df09799377ca8298dfbfc0c125697
c5ba2d2ffe4b1f88b6f38fd482338ed6b493e6fd1b789c9ce932ed9aee33efab
c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d
c6bade614128f0371a0d733500811142205735a457f49332e3b3feea84d395a0
c76dba67b6f1b94c9022490036c5c212ac16ca312137daa0af9953de5dcdb8a8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d150f405e6e8d15f193151a7a1ccaec84e2c3eea4a941044e60890b23016f8ee
d21973eb9276afbec962eb9872ec360d1e4e09453a12c1e380d3a745b5b898c8
d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72
d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7
d410b7a616257b3c3565614e9126f6e40307a1437cd8cf859fa04c1ee0be377a
d49848a274a3bd57445bdabc97078e9171037caedb343365b9a3413a28e2b770
d5651f8d6acec8fc8b6c54a58c71800dd618912b5b813d489dd8b6f3e3749294
d6eafe961efaf1d688fb152b090d4c09e3a7da8dcdb11a83f94acd6cda182cfe
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6
d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f
d8d2c8b244c540582650d98767dea827869379aca052ef4d7e68b7ae204d0fb7
db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427
ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5137605e5262b89a4cc2befcf53165f1fd42bd9fa84fbad04af0abe2b1451f3
e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5
e857e1d16831ed7b4062e04ed3b0fe4a4fc19fd08247262f9606af84d427d404
eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555
eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472
ec797cb04b53bebbf4ec0985c87d54815545a17a06bfaf6341fd0b54dd4ee233
ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf
f22eedafe130c14c32e71a6227ffaef8b7e02fe2b46c0176b3e474a1b859f6ac
f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f
f29c45140020a3dc10efeb14dc914427794e2d1d04a8081a0d3df10b0955713a
f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf
f2e7ba7a712928ec228f4cd3d4e6b9b5f131440fa5e97c893ba77e71c2d1f402
f3a24d319609827c03f0ba4ec0aa3748bebf602632879d62ccfa90e32e56e296
f3e80ea15ded54afac6fd551e08c58b5babdccab07f79fef74cf31e44b490fc1
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f4c662e288994c0f5be39f038859572824c8e2e44f319d17bb0df36837a77879
f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350
f592cb3a2c480c032437c529c8e93e3eb79aa0a5b083d6103cf98b614516326e
f5d974cc7abd474e71ebf34802cc4eb2d2bed3d5d5feac9fc54ef26295f502f2
f68d76cccf9c08b759371b06a2c8502329adff94d5e8cafc28c9d566bd986eef
f844cfe134e708e745147c273bd8033f316f64527a55ecfb7e563c6e1f724777
f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b
f963d7f8b37b4af6198b301528e0afb9f13719f9a18732827ddea23e16799a2f
fa0c40b8c9a39d30c74fc7ff8bdad060369a3ad7f006057c6dc64fa2f32c8a5b
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
feec3e8ee2f7d38c22a9993f2adc734216201c9423f1182abfa351f887e7c118
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.haibunda.com Open in urlscan Pro 104.18.1.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

332 Requests

99 %HTTPS

0 %IPv6

41 Domains

68 Subdomains

50 IPs

8 Countries

5330 kBTransfer

10934 kBSize

47 Cookies

20 Outgoing links

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.haibunda.com Open in urlscan Pro
104.18.1.84 Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

99 %
HTTPS

0 %
IPv6

41
Domains

68
Subdomains

50
IPs

8
Countries

5330 kB
Transfer

10934 kB
Size

47
Cookies

332 HTTP transactions
4 data transactions