www.infonebanten.my.id Open in urlscan Pro
2a00:1450:400e:810::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Effective URL:
https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Submission: On September 09 via manual (September 9th 2022, 4:52:26 pm UTC) from SG — Scanned from DE

Summary HTTP 101 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 26 domains to perform 101 HTTP transactions. The main IP is 2a00:1450:400e:810::2013, located in Ireland and belongs to GOOGLE, US. The main domain is www.infonebanten.my.id.
TLS certificate: Issued by GTS CA 1D4 on September 9th 2022. Valid for: 3 months.

This is the only time www.infonebanten.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:400e:810::2013	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2009	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::393	54113 (FASTLY) (FASTLY)
1	23.48.23.22 23.48.23.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	185.66.201.8 185.66.201.8	201702 (SKHOSTING-EU) (SKHOSTING-EU)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10e... 2a02:26f0:10e::6860:5bb2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
101	28

1 216.239.36.21 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

antihoax.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:810::2013 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.antihoax.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.infonebanten.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-22.deploy.static.akamaitechnologies.com

cdn0-production-images-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.makintahu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

makintahu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.66.200.220 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

vdbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
udbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.42 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

o-oo.ooo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.66.200.127 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.8 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu

ebaaa.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

ljii.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10e::6860:5bb2 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	blogger.com www.blogger.com — Cisco Umbrella Rank: 6949	899 KB
13	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12613	164 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	272 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	389 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	11 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 142 play.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 19	25 KB
4	udbaa.com udbaa.com — Cisco Umbrella Rank: 253584	6 KB
4	eu.org 2 redirects antihoax.eu.org www.antihoax.eu.org	68 KB
3	typekit.net p.typekit.net — Cisco Umbrella Rank: 1273 use.typekit.net — Cisco Umbrella Rank: 1044	37 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 10760	273 KB
3	advertica-cdn2.com ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 127442	27 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5202	914 B
2	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 11427	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	infonebanten.my.id www.infonebanten.my.id	41 KB
2	ebaaa.xyz ebaaa.xyz — Cisco Umbrella Rank: 114877	73 KB
2	makintahu.com 1 redirects www.makintahu.com makintahu.com	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	476 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	28 KB
1	github.io ljii.github.io — Cisco Umbrella Rank: 151474	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	41 KB
1	o-oo.ooo o-oo.ooo — Cisco Umbrella Rank: 729575	31 KB
1	vdbaa.com vdbaa.com — Cisco Umbrella Rank: 252819	2 KB
1	akamaized.net cdn0-production-images-kly.akamaized.net — Cisco Umbrella Rank: 74978	39 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3896	861 B
0	geoplugin.net Failed www.geoplugin.net Failed
101	26

	Domain	Requested by
18	www.blogger.com	www.antihoax.eu.org www.infonebanten.my.id www.blogger.com cdnjs.cloudflare.com
13	blogger.googleusercontent.com	www.antihoax.eu.org www.infonebanten.my.id
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	www.infonebanten.my.id pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.blogger.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	fonts.gstatic.com	www.infonebanten.my.id www.google.com
4	udbaa.com	www.antihoax.eu.org udbaa.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	pro.fontawesome.com	www.infonebanten.my.id pro.fontawesome.com
3	ylx-i.advertica-cdn2.com	www.antihoax.eu.org udbaa.com
3	www.antihoax.eu.org	1 redirects www.antihoax.eu.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	4.bp.blogspot.com	www.infonebanten.my.id
2	use.typekit.net	www.infonebanten.my.id
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.infonebanten.my.id	www.infonebanten.my.id
2	ebaaa.xyz	udbaa.com ebaaa.xyz
1	play.google.com	www.blogger.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	www.infonebanten.my.id
1	ljii.github.io	www.infonebanten.my.id
1	p.typekit.net	client
1	www.googletagmanager.com	www.infonebanten.my.id
1	o-oo.ooo	vdbaa.com
1	vdbaa.com	www.antihoax.eu.org
1	makintahu.com	www.antihoax.eu.org
1	www.makintahu.com	1 redirects
1	cdn0-production-images-kly.akamaized.net	www.antihoax.eu.org
1	res.cloudinary.com	www.antihoax.eu.org
1	antihoax.eu.org	1 redirects
0	www.geoplugin.net Failed	ljii.github.io
101	33

This site contains links to these domains. Also see Links.

Domain
www.am2z.com
www.mrjaz.com
sohanisharma.com
blogger.googleusercontent.com
www.janda-cari-jodoh.eu.org
www.blogger.com
twitter.com

Subject Issuer	Validity	Valid
www.antihoax.eu.org GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
vdbaa.com R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
udbaa.com R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
o-oo.ooo R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
ebaaa.xyz R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
www.infonebanten.my.id GTS CA 1D4	`2022-09-09` - `2022-12-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Frame ID: 659FA9ABE8E0B723F5F74A9E3021E89D
Requests: 60 HTTP requests in this frame

Frame: https://udbaa.com/banner_show.php?section=R&pub=737457&format=120x600&ga=g&slider=91c33f742989f55a23329affe622ed66
Frame ID: B607B4BD3051BDBF19AF1168D5A34C6F
Requests: 1 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Frame ID: E336951939A6CD07AEEC7214D8826627
Requests: 5 HTTP requests in this frame

Frame: https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCpkripZCACZrGNrrpNZrjNZxCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_26542&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=808797072143&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0=
Frame ID: 4C466553AB3F538197C8BDE18BE08CE1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: BD15FDEEECB8C6179EB0802920335917
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039
Frame ID: 8AD22D0706E8672891C7A7DE1D660947
Requests: 3 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039
Frame ID: 54338BDA95ECB57913BA98A10D08B91A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&adk=1812271804&adf=3025194257&lmt=1662741214&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343526&bpp=33&bdt=210&idt=312&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5421294340376&frm=20&pv=2&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: 93427E539708FC7060F60B52AD19C5E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=8969363499&adk=2761282531&adf=1983417940&pi=t.ma~as.8969363499&w=1058&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=1058x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343559&bpp=9&bdt=243&idt=305&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NY3zPmhou6&p=https%3A//www.infonebanten.my.id&dtd=310
Frame ID: 6332379FD9AF07890DB6CA6025E82693
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=1411217929&adk=188241918&adf=2773139456&pi=t.ma~as.1411217929&w=728&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343601&bpp=5&bdt=285&idt=272&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZJ8ZudB7L3&p=https%3A//www.infonebanten.my.id&dtd=274
Frame ID: A9BBF54228218D3FF6A1807D61D176D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=182&slotname=6304721807&adk=1151473238&adf=2319056852&pi=t.ma~as.6304721807&w=728&fwrn=4&lmt=1662741214&rafmt=11&psa=0&format=728x182&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343606&bpp=2&bdt=290&idt=272&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280&nras=1&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=4606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=txHyWGn822&p=https%3A//www.infonebanten.my.id&dtd=275
Frame ID: CD843300E71A5E3D22A212AFAB078755
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=1041204077&pi=t.aa~a.1381849204~i.7~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=0&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742344073&bpp=1&bdt=756&idt=-M&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182&nras=2&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Imi4Y7pmYk&p=https%3A//www.infonebanten.my.id&dtd=13
Frame ID: AD153803BDC8BD327CAD110735EFBC8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=3131877929&pi=t.aa~a.1381849204~i.11~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=0&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742344073&bpp=1&bdt=757&idt=-M&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x280&nras=3&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=zCFLDBMYMr&p=https%3A//www.infonebanten.my.id&dtd=17
Frame ID: 911B78161FBF54E129F83F34DF645DA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=90&adk=1064055001&adf=3179669750&pi=t.aa~a.1381849204~i.17~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=0&ad_type=text_image&format=728x90&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742344073&bpp=1&bdt=756&idt=1&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x280%2C728x280&nras=4&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=eXtj67PspD&p=https%3A//www.infonebanten.my.id&dtd=21
Frame ID: 8FE1F913210DFBACFF9966981CB07A97
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=emtc2apfyu81
Frame ID: D072E2B74D174539FE2ECBA9783A39C1
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: E5054CFCDC3C96089C7053D317FE1E1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 68438CDC4473B1DFA23B59EE4E55807D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0A4A8642B4DCE04161478B4AC1D2EE0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Asuransi Cigna Penipuan

Page URL History Show full URLs

http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html Page URL
https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

101
Requests

96 %
HTTPS

79 %
IPv6

26
Domains

33
Subdomains

28
IPs

5
Countries

2450 kB
Transfer

4690 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.am2z.com/
Title: Am2z News

Search URL Search Domain Scan URL

URL: https://www.mrjaz.com/
Title: MrJaz

Search URL Search Domain Scan URL

URL: https://sohanisharma.com/
Title: SohaniSharma

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0ngglwZYODU6WOcE_53TIkZ6ZCX2jk7ivH6Zkf_yV/s1476/Fbw5CvJUsAAWEMp.jpg

Search URL Search Domain Scan URL

URL: https://www.janda-cari-jodoh.eu.org/2022/09/cara-membuat-template-halaman-website_5.html
Title: Visit Download Video : Click Here

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039

Search URL Search Domain Scan URL

URL: https://twitter.com/Chiccaa98

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html Page URL
https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Request Chain 6

https://www.makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg HTTP 301
https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg

101 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

cara-bangunin-ayang-yang-sadang-tidur.html Show response
www.antihoax.eu.org/2022/07/
Redirect Chain

http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

204 KB
65 KB

242ms
178ms

Document
text/html

2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d63f3758eebeaba0dd4675178267fbfa47a2398ca687fca6f96f9c7d55cc07ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 65767
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:52:14 GMT
etag: W/"142427e63fea7642df95e2ccf604b9760cbfbb6e4dd80aee5699ba7446fd7bd2"
expires: Fri, 09 Sep 2022 16:52:14 GMT
last-modified: Fri, 09 Sep 2022 16:40:25 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 210
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Sep 2022 16:52:13 GMT
Expires: Fri, 09 Sep 2022 16:52:13 GMT
Location: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 238ms
121ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8540763992246928234&zx=ef2e66ad-1dbf-482c-918e-5e60b7a34e6e

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
server: GSE
date: Fri, 09 Sep 2022 16:52:14 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcR... 327 B
396 B 549ms
416ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w1/10.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8aa807435d2930ada74e3d8ee6ad0a61080e3d5db69906fe4f603890c548d7eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 400 10.jpg
res.cloudinary.com/practicaldev/image/fetch/s--DIr6g6vv--/f_auto,fl_progressive,q_auto,w_10/https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcM... 0
861 B 301ms
208ms Image
image/gif 2a04:4e42:200::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/practicaldev/image/fetch/s--DIr6g6vv--/f_auto,fl_progressive,q_auto,w_10/https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
vary: Save-Data
x-cld-error: public_id (https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg) is too long
server-timing: fastly;dur=185;cpu=1;start=2022-09-09T16:52:14.452Z;desc=miss,rtt;dur=21,cloudinary;dur=93;start=2022-09-09T16:52:14.498Z,cld-error;desc="public_id (https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg) is too long"
content-length: 0
last-modified: Thu, 08 Sep 2022 18:10:22 GMT
server: Cloudinary
etag: "d41d8cd98f00b204e9800998ecf8427e"
strict-transport-security: max-age=604800
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Cld-Error,Vary
cache-control: private, no-transform, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 18:10:21 GMT

GET
H2 200 10.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcR... 21 KB
21 KB 519ms
401ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e21a02db9aeb3422f7196956e7ac513ce6cb6d65e9ea370f7a2a16b5f34f5388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21776
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 042015100_1576584434-Doa_HL1.jpg
cdn0-production-images-kly.akamaized.net/qFF8jsJb_2ZLs2vAgtfbTilYuhM=/6x0:1186x665/640x360/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/2998955/original/ 38 KB
39 KB 140ms
23ms Image
image/jpeg 23.48.23.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/qFF8jsJb_2ZLs2vAgtfbTilYuhM=/6x0:1186x665/640x360/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/2998955/original/042015100_1576584434-Doa_HL1.jpg
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-22.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a9099ab8b1851f4f073b6f50d3abd2c1010343c68642847219603cb3c4e82c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 09 Sep 2022 16:52:14 GMT
x-ttl: 300.000
etag: "58c0148930b08b78b6d40be3d22bc27590ee24c7"
x-varnish: 1704233
server-node: production-thumbor-web-ig-4j68
cache-control: public, max-age=30089507
accept-ranges: bytes
content-type: image/jpeg
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 39227
server: nginx
expires: Wed, 23 Aug 2023 23:04:01 GMT

GET
H2

200

Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
makintahu.com/wp-content/uploads/2020/06/
Redirect Chain

https://www.makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg

0
0

506ms
254ms

Image
text/html

2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date: Fri, 09 Sep 2022 16:52:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sufK3uQeXU2JSA47f0OEQMGzCnKQUOqp%2B6THyDc%2Ff9WldxJ8wSeB2bCQN4G07KeSQQxCpk%2F3NhJAX311ypuvx7q6Bj0gJgIl2PrH%2FqPioJy%2BiiLYPPO9pvKc%2B%2BbnLXiA0b17uEyBV8TEWnq6i6dkZA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
cache-control: max-age=3600
cf-ray: 74816ee77bea9bf8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Sep 2022 17:52:14 GMT

GET
H2 200 pun.php Show response
vdbaa.com/ 1 KB
2 KB 207ms
37ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vdbaa.com/pun.php?section=General&pt=6&pub=737457&ga=g
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 2c25ce1ea0c582e2ff7d4760f3500c1bf9988b6c8a58a2c3aba715189befb76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:52:14 GMT
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Fri, 09 Sep 2022 16:52:14 GMT

GET
H2 200 slider.php Show response
udbaa.com/ 2 KB
2 KB 133ms
40ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/slider.php?section=R&pub=737457&ga=g&side=random
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 31494a6134eeec56957934645f6d5636eb2d689250d29d541b9c75e8ad1240ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:52:14 GMT
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Fri, 09 Sep 2022 16:52:14 GMT

GET
H2 200 8.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzi_fB-WlX-T0apyEKIDqugnXIEi6XxKaUAXN6xlJSr-gjn3XJu5hnYEHpP70xAopwB9vQAg7Cgxe8L7c5y4SY_nETLFq0pA26fkHASToX_fA-IUm2FCZdXTlaPTJ0UYuJEN82iLFdQp1QbHda... 16 KB
16 KB 540ms
429ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzi_fB-WlX-T0apyEKIDqugnXIEi6XxKaUAXN6xlJSr-gjn3XJu5hnYEHpP70xAopwB9vQAg7Cgxe8L7c5y4SY_nETLFq0pA26fkHASToX_fA-IUm2FCZdXTlaPTJ0UYuJEN82iLFdQp1QbHdaTdd_8RCY9lifaXVVMDE_Njsrs1fZoJeFBJrEYntG/w300/8.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da5bf7ece2deb365b2588d498fbda7e3bd194cc4d486719f09e220dc07a90241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16694
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 10.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcR... 12 KB
12 KB 528ms
417ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99068357b8c8884b73d76f8554ae6a03af947e8c35d46fcddf1b1036d9ab737e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12650
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 11.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ_6QZRqtBWKMG0TUe-uymW6M7LQkD1hYx5KV8ReuGPSOWFd0ORAdYI0kHOIRohu6_X3_1iOh-ChVKQw9h0txtc8GiHT9oD5RlyQ1ZHNy3_LrMbhirBZXzfzRt2jZ8zWNAkKaVOETnmde-PVE7... 13 KB
13 KB 522ms
411ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ_6QZRqtBWKMG0TUe-uymW6M7LQkD1hYx5KV8ReuGPSOWFd0ORAdYI0kHOIRohu6_X3_1iOh-ChVKQw9h0txtc8GiHT9oD5RlyQ1ZHNy3_LrMbhirBZXzfzRt2jZ8zWNAkKaVOETnmde-PVE7-nkucoh5eFmKABLrkM-I5y2AFxhNkk4319NENjmF/w300/11.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9329247d7579fbe9c42373eaa6b664b6832a14c8ed3556f31913e0d556d7401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13116
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 7.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhayQAxJcfH7w_poSVkdtXwHSaz1XM0q3D9ULSmuLcdS70CDcjWcUiwEGLB3DFPIWkWxk18hOIr4t0jDqIK7tjKu6dx6yMxbmf-iEg6ZLvb12ZGLigmTBwswZBvm92F2cPTwYvvMZ54nAH_OvE1... 9 KB
10 KB 533ms
422ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhayQAxJcfH7w_poSVkdtXwHSaz1XM0q3D9ULSmuLcdS70CDcjWcUiwEGLB3DFPIWkWxk18hOIr4t0jDqIK7tjKu6dx6yMxbmf-iEg6ZLvb12ZGLigmTBwswZBvm92F2cPTwYvvMZ54nAH_OvE160_5slMKtvBTn0ZGkIqXvw7T6LVcCYE-bYusAjh2/w300/7.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fcf69aac3dffa69e958c409a7c3572efab488fa404e70acc312d647728d3eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9715
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 1.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj07qv1XS1yXOxw610UNi5TqsJ1mGGyWMb3mZ9yCXLo2RAj6tcKGW22I5pWK01JHZbbhVV5BtJBvCP87QGyRGy68pN98qCMO_Xm-pKlUrbqrgAG4VA1YMLg_NIBwYIuImuTK6tG9seYQ_tLsOVX... 11 KB
11 KB 403ms
401ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj07qv1XS1yXOxw610UNi5TqsJ1mGGyWMb3mZ9yCXLo2RAj6tcKGW22I5pWK01JHZbbhVV5BtJBvCP87QGyRGy68pN98qCMO_Xm-pKlUrbqrgAG4VA1YMLg_NIBwYIuImuTK6tG9seYQ_tLsOVXkwp5fytq37KJOj4nXYh1lhyWGxY-6kDqMrKWBudp/w300/1.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

edbe2344be729226132e108cb538f4d34b1db8090504a666f911fdc457461026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5a7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11310
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 9.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHUv6iT46GNBjlhxyb9flDPlvx7UUCU-XiICFTZdnJyx6in4qo-oGvePgN-iFQNIVtfz0i5fxfrlQOC9IrFDEWpO9osQT_8gio77y0C-SC6Iby5DCvYtf0LK816zoB_sljzpp64RFqv1BmWxVz... 9 KB
9 KB 414ms
413ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHUv6iT46GNBjlhxyb9flDPlvx7UUCU-XiICFTZdnJyx6in4qo-oGvePgN-iFQNIVtfz0i5fxfrlQOC9IrFDEWpO9osQT_8gio77y0C-SC6Iby5DCvYtf0LK816zoB_sljzpp64RFqv1BmWxVzITtNtrsDixyR9S94cHVLOKKHw2HkXlxMU9UCqszr/w300/9.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b3da44d857203f85057f23eb25629c3c39344d3486fef9c66b6ee96b4e7667d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="9.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9085
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 12.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUgk9d_VirTU3HDoDAANLoGK46zVqIDBzZ9Ldglv9Xu3i1YHROSv2ck8LddIcbieollTOy70wN7X7s8dHO5kzPs1UTnIaitYQ-zFaeukqp6oWCCb8SMSkxRGcZT3whSt45TJJj3gQyfr5cu6C9... 10 KB
10 KB 362ms
361ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUgk9d_VirTU3HDoDAANLoGK46zVqIDBzZ9Ldglv9Xu3i1YHROSv2ck8LddIcbieollTOy70wN7X7s8dHO5kzPs1UTnIaitYQ-zFaeukqp6oWCCb8SMSkxRGcZT3whSt45TJJj3gQyfr5cu6C9AmPzZriRDzO0hRzbg0ZiGZWXfnoCPQwtPvtw9WXA/w300/12.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4aa828e822318e761f27fd9a9ad4d5379f4db1f018a2a3974b19097a4106439d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bc"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="12.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10619
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 6.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhBJftc9ZiQKZ7g5n4VSK0NrJoZN8IMKR_fzZX6L4CR3j-l7pc832RhfE51CD2klV7lnhNc7iw7AzuTRJC3ozwag5xTQ-MbopcHkaJuuJIxNit_8RJqEhC33vbt_-0y67aWq2-u6DuD9xryTZ9... 12 KB
13 KB 355ms
354ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhBJftc9ZiQKZ7g5n4VSK0NrJoZN8IMKR_fzZX6L4CR3j-l7pc832RhfE51CD2klV7lnhNc7iw7AzuTRJC3ozwag5xTQ-MbopcHkaJuuJIxNit_8RJqEhC33vbt_-0y67aWq2-u6DuD9xryTZ9_Va4FcyPjhIN949CKVwIMg9-HefbyE_yGUpIzX2r/w300/6.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

136b905622a1b3eb6896ccc85b31fd621d8241d9700955c10fd350fe0b4d31d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12725
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjghEK2RpWabiGJGB5zszVmEmBnyrDKzBH07BIhwaFYVY8u20zW3_JISfYbEnGXtd3zQzIVr9P3fTBWbCdXuiCmACSDqFHPMn64pN2GqtSQLgUZBi1Vqi8Yx0RCBhYoCHkKjdg10p0kZNwkMBXy... 11 KB
11 KB 410ms
409ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjghEK2RpWabiGJGB5zszVmEmBnyrDKzBH07BIhwaFYVY8u20zW3_JISfYbEnGXtd3zQzIVr9P3fTBWbCdXuiCmACSDqFHPMn64pN2GqtSQLgUZBi1Vqi8Yx0RCBhYoCHkKjdg10p0kZNwkMBXyt9U4HaO9pS2D2CJHqNMHs1y7HJumcK4PhzRnGrYG/w300/2.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6be41599b415300e4e5dfdb3c50d390c6acf888f2373860e2c8e555ff542941f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v5a9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:14 GMT

GET
H2 200 cookienotice.js Show response
www.antihoax.eu.org/js/ 6 KB
2 KB 34ms
33ms Script
text/javascript 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.antihoax.eu.org/js/cookienotice.js

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 15:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Sep 2022 16:52:14 GMT

GET
H2 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
155 KB 114ms
23ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:26:08 GMT
x-content-type-options: nosniff
age: 1566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157917
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Sep 2023 16:26:08 GMT

GET
H2 200 yxpup.js Show response
o-oo.ooo/js/ 86 KB
31 KB 120ms
34ms Script
application/javascript 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://o-oo.ooo/js/yxpup.js
Requested by: Host: vdbaa.com
URL: https://vdbaa.com/pun.php?section=General&pt=6&pub=737457&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 0a0e8af7418e275aa4ff02da453731a8d58c2e453f615f5e46d97d2a1c4b6aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 07:40:48 GMT
server: nginx
etag: W/"62d7b180-15963"
content-type: application/javascript

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
88 B 458ms
458ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8540763992246928234&zx=ef2e66ad-1dbf-482c-918e-5e60b7a34e6e

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
server: GSE
date: Fri, 09 Sep 2022 16:52:14 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner_show.php Show response
udbaa.com/ Frame B607 1 KB
2 KB 87ms
86ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/banner_show.php?section=R&pub=737457&format=120x600&ga=g&slider=91c33f742989f55a23329affe622ed66
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: f2cc6c2c9b9c29af21039c6511184a7d8aec7fb359c9b98a1bf828545881a8e2

Request headers

Referer: https://www.antihoax.eu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:52:14 GMT
expires: Fri, 09 Sep 2022 16:52:14 GMT
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 but_close.png
ylx-i.advertica-cdn2.com/ 664 B
922 B 234ms
36ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/but_close.png?1360094895
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
content-encoding: gzip
last-modified: Tue, 05 Feb 2013 20:08:15 GMT
server: nginx
etag: W/"511166af-298"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sun, 09 Oct 2022 16:52:14 GMT

GET
H2 200 show.php Show response
udbaa.com/ Frame E336 2 KB
2 KB 44ms
44ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Requested by: Host: udbaa.com
URL: https://udbaa.com/banner_show.php?section=R&pub=737457&format=120x600&ga=g&slider=91c33f742989f55a23329affe622ed66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: d5de5c177c17e0528d5d9a450a30cfd19ef118e415a63004d204b91139c868b4

Request headers

Referer: https://udbaa.com/banner_show.php?section=R&pub=737457&format=120x600&ga=g&slider=91c33f742989f55a23329affe622ed66
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:52:14 GMT
expires: Fri, 09 Sep 2022 16:52:14 GMT
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
ebaaa.xyz/1ccf616e0b/c3706a2c96/ Frame E336 1 KB
950 B 126ms
36ms Script
application/javascript 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCpkripZCACZrGNrrpNZrjNZxCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_26542&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.8 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.8.skhosting.eu
Software: nginx /
Resource Hash: d26f6bb805a4f156e9cdb85c76336d57a36e6006ae91dc8a967ac5e3d7f032eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:52:14 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_93xzfo.png
ylx-i.advertica-cdn2.com/aff/ Frame E336 25 KB
25 KB 89ms
72ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_93xzfo.png?1480419357
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:35:57 GMT
server: nginx
etag: W/"583d681d-6389"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sun, 09 Oct 2022 16:52:14 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame E336 2 KB
1 KB 91ms
74ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sun, 09 Oct 2022 16:52:14 GMT

GET
H2 200 /
udbaa.com/trk/ Frame E336 43 B
268 B 49ms
49ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?bd50eba394496687f85a4c0c8863326b
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u88591662742334=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGUxMTM0MWVhNTFkYzVmOWRkMzM3YTY3NWEzNzMyZGU=&u=737457&si=464641917&di=45557528&ci=16&h=bd50eba394496687f85a4c0c8863326b&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:52:14 GMT
last-modified: Fri, 09 Sep 2022 16:52:14 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
ebaaa.xyz/1ccf616e0b/c3706a2c96/ Frame 4C46 112 KB
72 KB 88ms
88ms Document
text/html 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCpkripZCACZrGNrrpNZrjNZxCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_26542&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=808797072143&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0=
Requested by: Host: ebaaa.xyz
URL: https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCpkripZCACZrGNrrpNZrjNZxCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_26542&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_87224353b124b86548fb75dfdf25e85f00a0c_2633176_1662742334.6564_99462&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.8 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.8.skhosting.eu
Software: nginx /
Resource Hash: e96fddc5de2820688367c278ed492042d8d279216c80d8e105cf88d057ec7c01

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:52:14 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex,nofollow

GET
DATA 200
OK truncated
/ Frame 4C46 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4C46 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Primary Request asuransi-cigna-penipuan.html Show response
www.infonebanten.my.id/2022/09/ 182 KB
39 KB 896ms
176ms Document
text/html 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e174c29106250d2e1a7af2cc2c8f2f97d88356032682228e669d04750a0aaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.antihoax.eu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 39684
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:52:15 GMT
etag: W/"f59dd8d6e354b49f3dc26dea92520ceeb1fb29673ca704d8029d8ede6a2df015"
expires: Fri, 09 Sep 2022 16:52:15 GMT
last-modified: Fri, 09 Sep 2022 16:33:34 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 154ms
73ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4202890101473870

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c24932e08fcf036d873e8c1051b29c37b8f0678a0e4310561542b133c9e57140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57512
x-xss-protection: 0
server: cafe
etag: 3230959025299197902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 16:52:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 91ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237981127-1

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16b9972304c9e2af2d703376c4e1d9e377bcad1b5a0939b2641158230b236ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41971
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Sep 2022 16:52:16 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ 170 KB
32 KB 111ms
41ms Stylesheet
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
age: 16082647
etag: W/"a28e912c1a41becec7f68848d739d5c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 74816ef0fb369b95-FRA
x-amz-request-id: 690K1YJKZW3E92X1
x-amz-id-2: JDWnCILr6aToREGjQmSiOog6xdlmNOhd1ReMP/6txS+7Ba0cOLuCFkeFnGcIGhl1Sz6Q7tNPzfc=

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 131ms
21ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=byr0bra&ht=tk&f=6846.15528.15529.15530&a=4009364&app=typekit&e=css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 09 Sep 2022 16:52:16 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 154ms
103ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

030a6dcf814854e32ee142bbd4eae9c47b4ee623eb0e31185b3ec4ce1bf43762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57531
x-xss-protection: 0
server: cafe
etag: 2309737332159459894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 16:52:16 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 123ms
121ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4645151496582844783&zx=a8e39b32-b2ae-4b91-9fdd-c9bdb71a4bcc

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:52:16 GMT
server: GSE
date: Fri, 09 Sep 2022 16:52:16 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m.js Show response
ljii.github.io/m/ 1 KB
1 KB 129ms
40ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ljii.github.io/m/m.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

c0d9fd1bfddc007e2f2bc3d190d17d142a600a6f963ef4ff6e26cc50c5df4bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-fastly-request-id: 8ad211fb86b5c9fdf1352b8a4bb3f08157ed52b4
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"63186898-45d"
age: 472
x-cache: HIT
content-length: 609
x-served-by: cache-ams21030-AMS
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 09:47:04 GMT
server: GitHub.com
x-github-request-id: 7E86:E949:CA8FF:CFC51:631868BA
x-timer: S1662742336.292718,VS0,VE1
date: Fri, 09 Sep 2022 16:52:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 07 Sep 2022 09:57:36 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 3

GET
H3 200 Fbw5CvJUsAAWEMp.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0... 32 KB
32 KB 415ms
366ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0ngglwZYODU6WOcE_53TIkZ6ZCX2jk7ivH6Zkf_yV/w301-h400/Fbw5CvJUsAAWEMp.jpg

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bd5bdfa8634ec0d60a77535f55cb94db515dcb3f5c9c89747ae90182d2ed736e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Fbw5CvJUsAAWEMp.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33221
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:16 GMT

GET
H3 200 3262169375-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28fdda1121b007f5a8046e069c155aea681e7a77be87ead36bb46f5f518584a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6499
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Sep 2023 16:26:08 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 84ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3185162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sO0YIC8JRMbWLk2osSgC1O4DWwpNd24P6XBh%2FLkSTfeJl%2BFcyAbo6OJmXlNEEbvrKC2uwesI2g3QAw5uwODG2hUSFaCkPEKJs1WHIzkndsBvZyukohwoYvxLGWRkB%2BV30oO5L%2FxQ8ZhtCOtdFzhEC6E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74816ef25e815c62-FRA
expires: Wed, 30 Aug 2023 16:52:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 92ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237981127-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6616
date: Fri, 09 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 09 Sep 2022 17:02:00 GMT

GET
H2 200 cookienotice.js Show response
www.infonebanten.my.id/js/ 6 KB
2 KB 34ms
31ms Script
text/javascript 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infonebanten.my.id/js/cookienotice.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 15:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Sep 2022 16:52:16 GMT

GET
H3 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:26:08 GMT
x-content-type-options: nosniff
age: 1568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157917
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Sep 2023 16:26:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ 345 KB
121 KB 130ms
81ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4202890101473870&plah=www.infonebanten.my.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4202890101473870

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6b44f20836bb0cc7a629d225348730be0b603b1da1764d6d361fb657d98e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124232
x-xss-protection: 0
server: cafe
etag: 2742981689124652378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 16:52:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame BD15 10 KB
5 KB 77ms
23ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4202890101473870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 17:55:07 GMT
etag: 8616628553774171045
expires: Thu, 22 Sep 2022 17:55:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKudSxYI9__J9CYLUv0BnYASA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 82ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0BnYASA.woff2

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 09:00:29 GMT
x-content-type-options: nosniff
age: 201107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:38:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 09:00:29 GMT

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 165 KB
165 KB 573ms
524ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: EKJ6NKZR9RYTP4SV
content-length: 168768
x-amz-id-2: 60+d0LmQtNxblOYzVj4N66EZzRhcpHJwzxJmA747CM6Ky0DHBSJTXqbzkp8VbHfndkZVLqSj84E=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "d8689b99dce7c881d3130f3c91cfefdf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 74816ef25c449975-FRA

GET
H2 200 6xKjdSxYI9_3nPWNAGn5LA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 65ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:38:21 GMT
x-content-type-options: nosniff
age: 33235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10108
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 09 Sep 2023 07:38:21 GMT

GET json.gp
www.geoplugin.net/ 0
0

GET
H2 200 l
use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/ 18 KB
18 KB 308ms
59ms Font
application/font-woff2 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
server: nginx
etag: "e2418760f00448874f89ae40256bf9d1d180c197"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18512

GET
H3 200 4645151496582844783
www.blogger.com/comment/frame/ Frame 8AD2 45 KB
0 58ms
57ms Document
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-ZlS6h4U2TpM5IybQQOcwdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-ZlS6h4U2TpM5IybQQOcwdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 75 KB
75 KB 397ms
397ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: EKJ98HT0ENGMY9NZ
content-length: 76740
x-amz-id-2: flYQ8eGYfbyW4lltvYF9b7kFLKd9Qlh3vruu4ic72EpS0vn6PZpbjdWrXBYOle/q9fzGtWlW/6Y=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "0511670fe2f5405105a6760294c5c51d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 74816ef26c649975-FRA

GET
H2 200 l
use.typekit.net/af/4eabcf/00000000000000003b9b12fd/27/ 18 KB
18 KB 223ms
65ms Font
application/font-woff2 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4eabcf/00000000000000003b9b12fd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 562d57eeeab997966c8fbcdeddabca46c21bad20ee3091b39990923a4d434398

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
server: nginx
etag: "6a1b2c6b2a7103117fa02281727f5fc20dc57661"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18424

POST cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 8AD2 0
0

GET m=_b,_tp,_r
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=6gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP1MmdJVso1NX3PA2PwIFtecvZme5A/ Frame 8AD2 0
0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 77ms
29ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=800972838&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&dr=https%3A%2F%2Fwww.antihoax.eu.org%2F&ul=en-us&de=UTF-8&dt=Asuransi%20Cigna%20Penipuan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1608211101&gjid=80662761&cid=47743913.1662742344&tid=UA-237981127-1&_gid=1046895163.1662742344&_r=1&gtm=2ou970&z=822183956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infonebanten.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:52:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.infonebanten.my.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 439ms
438ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4645151496582844783&zx=a8e39b32-b2ae-4b91-9fdd-c9bdb71a4bcc

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:52:16 GMT
server: GSE
date: Fri, 09 Sep 2022 16:52:16 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4645151496582844783 Show response
www.blogger.com/comment/frame/ Frame 5433 73 KB
18 KB 71ms
71ms Document
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57c0dcb732f5d3f9ec5d257aa6fe88808b26d38bb63592064d3de2379875d469

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-y2HBgpsDOs2uF1CxEy1eLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-y2HBgpsDOs2uF1CxEy1eLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 avatar.jpg
4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w29-h29-p-k-no-nu/ 586 B
714 B 78ms
24ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w29-h29-p-k-no-nu/avatar.jpg

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00346c05e34ea5f5b3f4f14f2b7788c0e7edc734a77b9b98d8c53db8f66e8513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:40:14 GMT
x-content-type-options: nosniff
age: 722
content-disposition: inline;filename="avatar.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 0
server: fife
etag: "v85e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:00:05 GMT

GET
H3 200 Fbw5CvJUsAAWEMp.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0... 4 KB
4 KB 399ms
398ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8cf8916ecba2ef756099d2940f30210ed53e63ae1a885130683e75909d7c3e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Fbw5CvJUsAAWEMp.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3873
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:52:16 GMT

GET
H2 200 nth-ify.png
4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w108-h72-p-k-no-nu/ 858 B
1 KB 77ms
23ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w108-h72-p-k-no-nu/nth-ify.png

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

78b93b31063c4d239c9139bd0ad0e3ef7a700c12ba47e9fe60db64f373c4aae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 14:15:50 GMT
x-content-type-options: nosniff
age: 9386
content-disposition: inline;filename="nth-ify.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 858
x-xss-protection: 0
server: fife
etag: "v638"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 11:22:07 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 5433 0
27 B 53ms
52ms Other
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ev3OP9xchVmBnWiYE2OPag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
x-frame-options: SAMEORIGIN
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-Ev3OP9xchVmBnWiYE2OPag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=4gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3fEDhndGAnlSOuRpNv58qKWJDeAw/ Frame 5433 175 KB
62 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=4gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3fEDhndGAnlSOuRpNv58qKWJDeAw/m=_b,_tp,_r

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=4790039

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee30b423c05ac44731e79e56374c431cea58e08ed7afb1fb7960488120a4322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63158
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 05:30:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 85ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.infonebanten.my.id&callback=_gfp_s_&client=ca-pub-4202890101473870

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4202890101473870&plah=www.infonebanten.my.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 83ms
30ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 88ms
33ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9342 20 KB
5 KB 167ms
122ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&adk=1812271804&adf=3025194257&lmt=1662741214&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343526&bpp=33&bdt=210&idt=312&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5421294340376&frm=20&pv=2&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a82f39ec531c7249ec70d89eada8f144b39bf85ede540031ad9875774cf3821a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Fri, 09 Sep 2022 16:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6332 436 B
236 B 394ms
361ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=8969363499&adk=2761282531&adf=1983417940&pi=t.ma~as.8969363499&w=1058&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=1058x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343559&bpp=9&bdt=243&idt=305&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NY3zPmhou6&p=https%3A//www.infonebanten.my.id&dtd=310

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1216df04db44909629f45254befb5d4ba487a8414e2569cb548ce0399e057e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Fri, 09 Sep 2022 16:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9BB 436 B
235 B 369ms
342ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=1411217929&adk=188241918&adf=2773139456&pi=t.ma~as.1411217929&w=728&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343601&bpp=5&bdt=285&idt=272&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZJ8ZudB7L3&p=https%3A//www.infonebanten.my.id&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d5e594272184ec97042986dd611050c9cd6bb7a828f4643103504d74c0c749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Fri, 09 Sep 2022 16:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD84 436 B
235 B 248ms
226ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=182&slotname=6304721807&adk=1151473238&adf=2319056852&pi=t.ma~as.6304721807&w=728&fwrn=4&lmt=1662741214&rafmt=11&psa=0&format=728x182&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742343606&bpp=2&bdt=290&idt=272&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280&nras=1&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=4606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=txHyWGn822&p=https%3A//www.infonebanten.my.id&dtd=275

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab75fcd76961dfb3546af348e6f5b22a520f9bb901678f4b09a535574191551c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Fri, 09 Sep 2022 16:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformif... Frame 5433 282 KB
100 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0fTNonw2IecYg0qPy_DB7tVuoP2g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,Mpq4Ee,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=4gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3fEDhndGAnlSOuRpNv58qKWJDeAw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36ec61974a9615a02983bc6003de6a93f0ba3d665c99c99320db10fab577902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102323
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:58 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRi... Frame 5433 6 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0fTNonw2IecYg0qPy_DB7tVuoP2g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e01199aab38fbfbf8d44284e7973f8789d99faa40bf00d47ef6be2bfe2ee79d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2801
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:13:38 GMT

GET
H3 200 m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame 5433 74 KB
25 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0fTNonw2IecYg0qPy_DB7tVuoP2g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4aa53396a5b9ef1fe7f7b5089984225b76cc25f6352a0efb488cb385ce1e971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25871
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 81ms
34ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 74ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD15 436 B
237 B 533ms
532ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=1041204077&pi=t.aa~a.1381849204~i.7~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=0&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742344073&bpp=1&bdt=756&idt=-M&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182&nras=2&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Imi4Y7pmYk&p=https%3A//www.infonebanten.my.id&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6135f8b9a7fb52f9e4891847a8ed59d1559feab8ea8e40eea2cf5aa4705ec65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:17 GMT
expires: Fri, 09 Sep 2022 16:52:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 911B 436 B
236 B 158ms
157ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=3131877929&pi=t.aa~a.1381849204~i.11~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=0&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742344073&bpp=1&bdt=757&idt=-M&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x280&nras=3&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=zCFLDBMYMr&p=https%3A//www.infonebanten.my.id&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85db65c55330fe7affce39c6884f30cb10b5845de3cf78fa7da318ce1b32c917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:16 GMT
expires: Fri, 09 Sep 2022 16:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FE1 436 B
236 B 253ms
253ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=90&adk=1064055001&adf=3179669750&pi=t.aa~a.1381849204~i.17~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=0&ad_type=text_image&format=728x90&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742344073&bpp=1&bdt=756&idt=1&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x280%2C728x280&nras=4&correlator=5421294340376&frm=20&pv=1&ga_vid=47743913.1662742344&ga_sid=1662742344&ga_hid=800972838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3855503869508183&tmod=970314553&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=eXtj67PspD&p=https%3A//www.infonebanten.my.id&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b84a21c0d52a1daf2c0b98f70dbecf70dad030b8aa8d46a433e33578a381dbc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:17 GMT
expires: Fri, 09 Sep 2022 16:52:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 5433 1 KB
702 B 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0fTNonw2IecYg0qPy_DB7tVuoP2g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13147fbd2f77826f658f3a10622f0e15d0cf8420ee9579d2afeb103182591b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 673
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:50 GMT

POST
H2 200 log Show response
play.google.com/ Frame 5433 131 B
672 B 264ms
58ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 09 Sep 2022 16:52:17 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 09 Sep 2022 16:52:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 5433 1 KB
1 KB 225ms
31ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=4gAEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0fTNonw2IecYg0qPy_DB7tVuoP2g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,Mpq4Ee,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b12abad86f96e2ffe9a00a1ca10f94999cc6f9abb4344d9c16af259e465aedc9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 1; mode=block
expires: Fri, 09 Sep 2022 16:52:17 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame 5433 392 KB
157 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 16:19:38 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D072 42 KB
22 KB 94ms
44ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=emtc2apfyu81

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

179af1f7bb4ff8596a4bcefdc4de9456ad42f2b43b59377692643190d367268a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1RmulPufov_WHmwhVIdFQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21992
content-security-policy: script-src 'report-sample' 'nonce-1RmulPufov_WHmwhVIdFQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame D072 52 KB
24 KB 66ms
21ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=emtc2apfyu81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 14:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 14:38:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame D072 392 KB
156 KB 77ms
33ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 16:19:38 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D072 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 76328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 15 Sep 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D072 15 KB
15 KB 71ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 279252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D072 15 KB
15 KB 67ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 251549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D072 102 B
134 B 32ms
32ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=emtc2apfyu81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 09 Sep 2022 16:52:17 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame E505 0
28 B 45ms
44ms Other
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dXYVPpiuC2S2slFLwW35SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 09 Sep 2022 16:52:17 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-dXYVPpiuC2S2slFLwW35SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3523451998-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3523451998-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 23:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 01:13:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 23:19:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 118ms
71ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51f76304db20759bff34dcdfe0e8aad0ebc2da2cdb4f1f24ea0cea4d396bb2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11052
x-xss-protection: 0

GET
H3 200 3304157118-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 367 KB
368 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3304157118-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7662448ba6067f51224370d99ef4bc77addbfa0e4539f3ba74cc60ed090d027e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 01:52:54 GMT
x-content-type-options: nosniff
age: 140363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376269
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 01:52:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 93ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Sep 2022 16:52:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6843 13 KB
5 KB 230ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 14:57:52 GMT
expires: Sat, 09 Sep 2023 14:57:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0A4 783 B
534 B 33ms
32ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6feb6a494c2793e31a6314b5b5152e6a9ab11421318ebadc600748e9977e78a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b9oeTO5o_C4yXXhw6Lzobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-b9oeTO5o_C4yXXhw6Lzobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:52:17 GMT
expires: Fri, 09 Sep 2022 16:52:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0A4 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=3855503869508183&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6843 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 09:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 09:39:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6843 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tj9epA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:52:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=3855503869508183&bg=!YGOlYyfNAAZTikH4c4o7ACkAdvg8WrmDq1F3p8-I3Tx0x-8JwebzywUKyi02D4yojYcLxX716eAHPAIAAACOUgAAAAJoAQeZAuX5AlruAaNsDPx5WWwo4t6Rinzp31Kz0SJSJdh6__ieWYz8uvZiuM6U-KF_lxntwL9_GjlQAk9y3zhZBBxu1NDL8TpKYKq5qz0npq96L4_i6kB8Liq9QImNAeRni-_D-XHwP5HhWAO5LakGFLj0HEO2cKe-sjx7Sf1mxqkxhorL9ya4Wqs60nm9LeEVWM97V_csoDgKAmITQ5D3pbVg72zY3-4N330C_oL64BLuB866pJonkkEdK4QVcHiFUs8ci4xMLNPqOgLbDQJJFPPlvRwb1AJcjZjyBSSOj5wJ183sfE_CXFOkJ3xMEz0oG2X1joFC4aS4We7NMRHIo00-YjTnJAtO1SB_rOZw9IRYfuJE-Wzos9njv3VYokV0IpxwThysdY525ANoY9HSUS03hM16_2_riA5ZKUEfS_QMgpRJjvdctCiywjX-xOjwi21cAIJ3Si5-2SGpsydBSQt51Lwt8QvBubEc_s3dflJE7DmEvlPgHzNkW_033YbbjWdvpt1SypuALqKfbSWm4-vOXA-cxAbhkR_IqxpZ5knLH72EzOwG7IIyLXQeWgTijYj9EjYMuRyyPcnzGZjTfqM0XH0os3jJdct5Q_yYTLsxI_rGV3P754Y3zV1SGU65Ca9pvSIjFb00j5Gw2n0Tp63zxtsX0tVMWYl7aTs82yhbQ1MI_2QaQqaY8K0AKYVfdsMBFOJMJxBDgmNVWHuNTecxV08loYAZnrCh68LYLcfNoRqaiaIk3Uo91zxkhtZ92ongJvbeVEMN0QaS9yw7bJevZNwRnU-oqekZy5D7bDM7w3KLVkjlMcMNDhP887aBmazFshREyCLPDXbRV_uwm6hU1EcaEii63lWiCwTi8AJCMTvzHVZ760zHW28Hyda5FzNKdAcav1eozRDuIJZjeOPqFooRC3gN9JBTE9c-dHv3wKT4jSimMNc3iYuhnmBPvRPgTjTkLYhEj7e8yf13x-CnfsEGrP2mjfc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.geoplugin.net
URL: http://www.geoplugin.net/json.gp

Domain: www.blogger.com
URL: https://www.blogger.com/_/BloggerCommentUi/cspreport

Domain: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=6gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP1MmdJVso1NX3PA2PwIFtecvZme5A/m=_b,_tp,_r

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.udbaa.com/	1970-01-20 05:53:02	Name: used_ad2633176 Value: 1
.udbaa.com/	1970-01-20 05:53:02	Name: total_impressions Value: 1
.udbaa.com/	1970-01-20 06:35:34	Name: cpa_673873 Value: 120x600_464641917_5
.infonebanten.my.id/	1970-01-20 15:28:22	Name: _ga Value: GA1.3.47743913.1662742344
.infonebanten.my.id/	1970-01-20 05:53:48	Name: _gid Value: GA1.3.1046895163.1662742344
.infonebanten.my.id/	1970-01-20 05:52:22	Name: _gat_gtag_UA_237981127_1 Value: 1
.doubleclick.net/	1970-01-20 15:13:58	Name: IDE Value: AHWqTUkLVHVXZWy3YEylqSaToCz2tsYK4-ej_XdLq-wWnzCG5awAeKbWVmmzYWuWbDI

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://res.cloudinary.com/practicaldev/image/fetch/s--DIr6g6vv--/f_auto,fl_progressive,q_auto,w_10/https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://ljii.github.io/m/m.js(Line 4) Message: Mixed Content: The page at 'https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html' was loaded over HTTPS, but requested an insecure resource 'http://www.geoplugin.net/json.gp'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
adservice.google.com
adservice.google.de
antihoax.eu.org
blogger.googleusercontent.com
cdn0-production-images-kly.akamaized.net
cdnjs.cloudflare.com
ebaaa.xyz
fonts.gstatic.com
googleads.g.doubleclick.net
ljii.github.io
makintahu.com
o-oo.ooo
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
pro.fontawesome.com
res.cloudinary.com
tpc.googlesyndication.com
udbaa.com
use.typekit.net
vdbaa.com
www.antihoax.eu.org
www.blogger.com
www.geoplugin.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.infonebanten.my.id
www.makintahu.com
ylx-i.advertica-cdn2.com
www.blogger.com
www.geoplugin.net
185.66.200.127
185.66.200.220
185.66.201.42
185.66.201.8
216.239.36.21
23.48.23.22
2606:4700::6811:190e
2606:4700::6812:1734
2606:50c0:8000::153
2a00:1450:4001:800::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:806::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2009
2a00:1450:400e:810::2013
2a02:26f0:10e::6860:5bb2
2a02:26f0:3500:16::215:1495
2a04:4e42:200::393
2a06:98c1:3121::3
2a06:98c1:3121::c
00346c05e34ea5f5b3f4f14f2b7788c0e7edc734a77b9b98d8c53db8f66e8513
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
030a6dcf814854e32ee142bbd4eae9c47b4ee623eb0e31185b3ec4ce1bf43762
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0a0e8af7418e275aa4ff02da453731a8d58c2e453f615f5e46d97d2a1c4b6aa6
1216df04db44909629f45254befb5d4ba487a8414e2569cb548ce0399e057e1b
136b905622a1b3eb6896ccc85b31fd621d8241d9700955c10fd350fe0b4d31d6
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
16b9972304c9e2af2d703376c4e1d9e377bcad1b5a0939b2641158230b236ed3
179af1f7bb4ff8596a4bcefdc4de9456ad42f2b43b59377692643190d367268a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e
23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c
28fdda1121b007f5a8046e069c155aea681e7a77be87ead36bb46f5f518584a8
2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881
2c25ce1ea0c582e2ff7d4760f3500c1bf9988b6c8a58a2c3aba715189befb76f
2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479
31494a6134eeec56957934645f6d5636eb2d689250d29d541b9c75e8ad1240ad
3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
4aa828e822318e761f27fd9a9ad4d5379f4db1f018a2a3974b19097a4106439d
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e174c29106250d2e1a7af2cc2c8f2f97d88356032682228e669d04750a0aaa5
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51f76304db20759bff34dcdfe0e8aad0ebc2da2cdb4f1f24ea0cea4d396bb2ea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562d57eeeab997966c8fbcdeddabca46c21bad20ee3091b39990923a4d434398
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
57c0dcb732f5d3f9ec5d257aa6fe88808b26d38bb63592064d3de2379875d469
5a6b44f20836bb0cc7a629d225348730be0b603b1da1764d6d361fb657d98e02
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6135f8b9a7fb52f9e4891847a8ed59d1559feab8ea8e40eea2cf5aa4705ec65a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69d5e594272184ec97042986dd611050c9cd6bb7a828f4643103504d74c0c749
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be41599b415300e4e5dfdb3c50d390c6acf888f2373860e2c8e555ff542941f
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6feb6a494c2793e31a6314b5b5152e6a9ab11421318ebadc600748e9977e78a8
7662448ba6067f51224370d99ef4bc77addbfa0e4539f3ba74cc60ed090d027e
78b93b31063c4d239c9139bd0ad0e3ef7a700c12ba47e9fe60db64f373c4aae2
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
85db65c55330fe7affce39c6884f30cb10b5845de3cf78fa7da318ce1b32c917
8aa807435d2930ada74e3d8ee6ad0a61080e3d5db69906fe4f603890c548d7eb
8cf8916ecba2ef756099d2940f30210ed53e63ae1a885130683e75909d7c3e2c
99068357b8c8884b73d76f8554ae6a03af947e8c35d46fcddf1b1036d9ab737e
9b3da44d857203f85057f23eb25629c3c39344d3486fef9c66b6ee96b4e7667d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a36ec61974a9615a02983bc6003de6a93f0ba3d665c99c99320db10fab577902
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a82f39ec531c7249ec70d89eada8f144b39bf85ede540031ad9875774cf3821a
a9099ab8b1851f4f073b6f50d3abd2c1010343c68642847219603cb3c4e82c43
a9329247d7579fbe9c42373eaa6b664b6832a14c8ed3556f31913e0d556d7401
ab75fcd76961dfb3546af348e6f5b22a520f9bb901678f4b09a535574191551c
aee30b423c05ac44731e79e56374c431cea58e08ed7afb1fb7960488120a4322
b12abad86f96e2ffe9a00a1ca10f94999cc6f9abb4344d9c16af259e465aedc9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4aa53396a5b9ef1fe7f7b5089984225b76cc25f6352a0efb488cb385ce1e971
b84a21c0d52a1daf2c0b98f70dbecf70dad030b8aa8d46a433e33578a381dbc8
bd5bdfa8634ec0d60a77535f55cb94db515dcb3f5c9c89747ae90182d2ed736e
c0d9fd1bfddc007e2f2bc3d190d17d142a600a6f963ef4ff6e26cc50c5df4bc0
c24932e08fcf036d873e8c1051b29c37b8f0678a0e4310561542b133c9e57140
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
d26f6bb805a4f156e9cdb85c76336d57a36e6006ae91dc8a967ac5e3d7f032eb
d5de5c177c17e0528d5d9a450a30cfd19ef118e415a63004d204b91139c868b4
d63f3758eebeaba0dd4675178267fbfa47a2398ca687fca6f96f9c7d55cc07ee
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415
da5bf7ece2deb365b2588d498fbda7e3bd194cc4d486719f09e220dc07a90241
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e01199aab38fbfbf8d44284e7973f8789d99faa40bf00d47ef6be2bfe2ee79d3
e13147fbd2f77826f658f3a10622f0e15d0cf8420ee9579d2afeb103182591b1
e21a02db9aeb3422f7196956e7ac513ce6cb6d65e9ea370f7a2a16b5f34f5388
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96fddc5de2820688367c278ed492042d8d279216c80d8e105cf88d057ec7c01
edbe2344be729226132e108cb538f4d34b1db8090504a666f911fdc457461026
f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b
f2cc6c2c9b9c29af21039c6511184a7d8aec7fb359c9b98a1bf828545881a8e2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcf69aac3dffa69e958c409a7c3572efab488fa404e70acc312d647728d3eed0

www.infonebanten.my.id Open in urlscan Pro 2a00:1450:400e:810::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

96 %HTTPS

79 %IPv6

26 Domains

33 Subdomains

28 IPs

5 Countries

2450 kBTransfer

4690 kBSize

7 Cookies

8 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.infonebanten.my.id Open in urlscan Pro
2a00:1450:400e:810::2013 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

96 %
HTTPS

79 %
IPv6

26
Domains

33
Subdomains

28
IPs

5
Countries

2450 kB
Transfer

4690 kB
Size

7
Cookies

101 HTTP transactions
2 data transactions