urlscan.io logo urlscan.io
SecurityTrails logo

tekno.kompas.com Open in urlscan Pro
13.226.145.117  Public Scan

Go To Rescan Add Verdict Report
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Submission: On September 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 12 countries across 70 domains to perform 368 HTTP transactions. The main IP is 13.226.145.117, located in United States and belongs to AMAZON-02, US. The main domain is tekno.kompas.com.
TLS certificate: Issued by Amazon on May 3rd 2021. Valid for: a year.
This is the only time tekno.kompas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.226.145.117 16509 (AMAZON-02)
4 142.250.185.170 15169 (GOOGLE)
7 34.96.102.137 15169 (GOOGLE)
53 13.226.145.91 16509 (AMAZON-02)
2 79.133.177.226 24429 (TAOBAO Zh...)
7 12 142.250.186.162 15169 (GOOGLE)
3 13.226.145.44 16509 (AMAZON-02)
1 195.181.174.7 60068 (CDN77 ^_^)
3 172.67.25.151 13335 (CLOUDFLAR...)
3 142.250.186.168 15169 (GOOGLE)
5 184.25.51.11 20940 (AKAMAI-ASN1)
11 104.19.132.78 13335 (CLOUDFLAR...)
2 142.250.181.227 15169 (GOOGLE)
10 142.250.185.227 15169 (GOOGLE)
1 13.226.145.116 16509 (AMAZON-02)
8 178.250.2.131 44788 (ASN-CRITE...)
1 3.123.149.62 16509 (AMAZON-02)
1 3 34.98.64.218 15169 (GOOGLE)
1 184.31.84.150 16625 (AKAMAI-AS)
5 185.94.180.124 35220 (SPOTX-AMS)
1 20.44.221.77 8075 (MICROSOFT...)
6 185.86.137.32 201081 (SMARTADSE...)
1 184.30.21.51 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 178.250.2.130 44788 (ASN-CRITE...)
18 37.157.6.245 198622 (ADFORM)
6 185.86.139.59 201081 (SMARTADSE...)
12 185.33.220.100 29990 (ASN-APPNEX)
6 185.64.190.76 62713 (AS-PUBMATIC)
6 69.173.144.140 26667 (RUBICONPR...)
6 18.184.140.218 16509 (AMAZON-02)
1 2 96.46.186.57 7979 (SERVERS-COM)
1 13.226.145.93 16509 (AMAZON-02)
2 13.226.145.5 16509 (AMAZON-02)
3 142.250.185.174 15169 (GOOGLE)
1 13.226.145.114 16509 (AMAZON-02)
2 13.226.158.134 16509 (AMAZON-02)
1 104.16.125.175 13335 (CLOUDFLAR...)
1 2 13.226.145.29 16509 (AMAZON-02)
3 13.226.145.59 16509 (AMAZON-02)
2 13.226.145.128 16509 (AMAZON-02)
1 13.226.156.92 16509 (AMAZON-02)
2 142.250.185.138 15169 (GOOGLE)
1 13.226.145.115 16509 (AMAZON-02)
1 104.26.5.103 13335 (CLOUDFLAR...)
3 151.101.1.229 54113 (FASTLY)
1 13.226.145.129 16509 (AMAZON-02)
1 185.94.180.125 35220 (SPOTX-AMS)
1 13.226.145.101 16509 (AMAZON-02)
1 52.43.139.3 16509 (AMAZON-02)
2 142.250.186.173 15169 (GOOGLE)
1 216.58.212.142 15169 (GOOGLE)
3 142.250.185.142 15169 (GOOGLE)
3 74.125.206.157 15169 (GOOGLE)
1 13.226.145.109 16509 (AMAZON-02)
2 178.250.0.157 44788 (ASN-CRITE...)
2 5 76.223.111.131 16509 (AMAZON-02)
2 13.226.145.56 16509 (AMAZON-02)
1 18.139.121.89 16509 (AMAZON-02)
1 34.199.28.94 14618 (AMAZON-AES)
4 20.44.221.56 8075 (MICROSOFT...)
1 3 142.250.185.68 15169 (GOOGLE)
1 142.250.186.70 15169 (GOOGLE)
3 8 87.250.251.119 13238 (YANDEX)
2 104.16.18.94 13335 (CLOUDFLAR...)
6 13.226.145.32 16509 (AMAZON-02)
2 184.25.51.72 20940 (AKAMAI-ASN1)
1 2 154.47.36.118 174 (COGENT-174)
10 13.226.132.199 16509 (AMAZON-02)
1 13.226.145.99 16509 (AMAZON-02)
8 184.25.51.19 20940 (AKAMAI-ASN1)
1 142.250.186.170 15169 (GOOGLE)
22 40 213.19.147.45 26120 (RHYTHMONE)
1 142.250.186.34 15169 (GOOGLE)
1 172.217.23.97 15169 (GOOGLE)
2 213.19.147.42 3356 (LEVEL3)
1 1 162.55.6.211 24940 (HETZNER-AS)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 185.33.221.53 29990 (ASN-APPNEX)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 151.101.194.49 54113 (FASTLY)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.89.20.125 16625 (AKAMAI-AS)
1 52.18.246.238 16509 (AMAZON-02)
2 5 23.218.208.246 16625 (AKAMAI-AS)
1 2 52.215.68.151 16509 (AMAZON-02)
1 1 91.228.74.226 16509 (AMAZON-02)
6 104.19.135.78 13335 (CLOUDFLAR...)
1 185.59.208.177 43541 (VSHOSTING)
1 104.26.10.209 13335 (CLOUDFLAR...)
2 3 37.157.4.28 198622 (ADFORM)
5 172.217.18.97 15169 (GOOGLE)
3 142.250.184.193 15169 (GOOGLE)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
3 3 52.57.222.152 16509 (AMAZON-02)
1 104.16.221.74 13335 (CLOUDFLAR...)
1 104.19.217.61 13335 (CLOUDFLAR...)
2 2 18.184.201.8 16509 (AMAZON-02)
1 18.156.0.31 16509 (AMAZON-02)
2 142.250.185.98 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
2 2 76.223.111.18 16509 (AMAZON-02)
368 93
1    13.226.145.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-117.dus51.r.cloudfront.net
tekno.kompas.com
4    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
7    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
53    13.226.145.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-91.dus51.r.cloudfront.net
asset.kompas.com
api-cengine.forkcdn.com
2    79.133.177.226 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
scripts.jixie.io
12    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
3    13.226.145.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-44.dus51.r.cloudfront.net
adsimg.kompas.com
1    195.181.174.7 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-1.cdn77.com
delivery.r2b2.io
3    172.67.25.151 (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
3    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
5    184.25.51.11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-51-11.deploy.static.akamaitechnologies.com
player.ivideosmart.com
11    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
10    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    13.226.145.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-116.dus51.r.cloudfront.net
pubs.contextads.live
8    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    3.123.149.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-149-62.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kompascybermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    20.44.221.77 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hb.jixie.io
6    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
18    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
6    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
12    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    185.64.190.76 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
openbid.pubmatic.com
6    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    18.184.140.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
hb.adscale.de
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    13.226.145.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-93.dus51.r.cloudfront.net
widget.kompas.com
2    13.226.145.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-5.dus51.r.cloudfront.net
apis.kompas.com
3    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
1    13.226.145.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-114.dus51.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
2    13.226.158.134 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-134.dus51.r.cloudfront.net
static.chartbeat.com
1    104.16.125.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    13.226.145.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-29.dus51.r.cloudfront.net
sb.scorecardresearch.com
3    13.226.145.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-59.dus51.r.cloudfront.net
vibecdn.contextads.live
delivery.contextads.live
2    13.226.145.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-128.dus51.r.cloudfront.net
impulse.contextads.live
1    13.226.156.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-92.dus51.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
imasdk.googleapis.com
1    13.226.145.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-115.dus51.r.cloudfront.net
hdrbd.ivstracker.net
1    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    13.226.145.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-129.dus51.r.cloudfront.net
ivxplayer.ivideosmart.com
1    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    13.226.145.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-101.dus51.r.cloudfront.net
certify.alexametrics.com
1    52.43.139.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-139-3.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
2    142.250.186.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f13.1e100.net
accounts.google.com
1    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f142.1e100.net
ampcid.google.com
3    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
analytics.google.com
3    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
1    13.226.145.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-109.dus51.r.cloudfront.net
analytics-vibe.contextads.live
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    13.226.145.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-56.dus51.r.cloudfront.net
dac.contextads.live
1    18.139.121.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-121-89.ap-southeast-1.compute.amazonaws.com
ad.jixie.io
1    34.199.28.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-28-94.compute-1.amazonaws.com
ping.chartbeat.net
4    20.44.221.56 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
traid.jixie.io
3    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
s0.2mdn.net
8    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
2    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    13.226.145.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-32.dus51.r.cloudfront.net
3000451-kompas-com.cf.ivideosmart.com
2    184.25.51.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-51-72.deploy.static.akamaitechnologies.com
p-events.ivideosmart.com
2    154.47.36.118 (United States)

ASN174 (COGENT-174, US)
mc.webvisor.org
10    13.226.132.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-199.dus51.r.cloudfront.net
video.unrulymedia.com
1    13.226.145.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-99.dus51.r.cloudfront.net
a.ivstracker.net
8    184.25.51.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-51-19.deploy.static.akamaitechnologies.com
ivx-image.ivideosmart.com
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
ajax.googleapis.com
40    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
rx-stats3.unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.com
1    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f97.1e100.net
73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com
2    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
rx.targeting.unrulymedia.com
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
1    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.18.246.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-246-238.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
5    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    52.215.68.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
6    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
1    104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f97.1e100.net
cdn.ampproject.org
3    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
3    52.57.222.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-222-152.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    18.184.201.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-201-8.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
59 kompas.com
tekno.kompas.com
asset.kompas.com
adsimg.kompas.com
widget.kompas.com
apis.kompas.com
546 KB
37 unrulymedia.com
video.unrulymedia.com
rx-stats3.unrulymedia.com
rx.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
92 KB
22 ivideosmart.com
player.ivideosmart.com
ivxplayer.ivideosmart.com
3000451-kompas-com.cf.ivideosmart.com
p-events.ivideosmart.com
ivx-image.ivideosmart.com
409 KB
21 adform.net
adx.adform.net
c1.adform.net
9 KB
17 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
179 KB
16 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
186 KB
15 1rx.io
sync.1rx.io
5 KB
13 adnxs.com
ib.adnxs.com
secure.adnxs.com
32 KB
12 smartadserver.com
prg8.smartadserver.com
prg.smartadserver.com
13 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
193 KB
11 pubmatic.com
hbopenbid.pubmatic.com
openbid.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
ads.pubmatic.com Failed
3 KB
10 google.com
accounts.google.com
ampcid.google.com
analytics.google.com
www.google.com
adservice.google.com
75 KB
10 criteo.com
bidder.criteo.com
gum.criteo.com
7 KB
9 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
18 KB
9 contextads.live
pubs.contextads.live
vibecdn.contextads.live
impulse.contextads.live
analytics-vibe.contextads.live
dac.contextads.live
delivery.contextads.live
audience.contextads.live Failed
52 KB
8 yandex.ru
mc.yandex.ru
3 KB
8 jixie.io
scripts.jixie.io
hb.jixie.io
ad.jixie.io
traid.jixie.io
29 KB
7 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
89 KB
7 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
343 KB
6 googlesyndication.com
73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
115 KB
6 adscale.de
hb.adscale.de
js.adscale.de Failed
6 KB
6 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
7 KB
6 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 adsrvr.org
match.adsrvr.org
2 KB
4 criteo.net
static.criteo.net
csm.fr.eu.criteo.net Failed
85 KB
3 bidswitch.net
x.bidswitch.net
636 B
3 jsdelivr.net
cdn.jsdelivr.net
132 KB
3 google-analytics.com
www.google-analytics.com
56 KB
3 openx.net
kompascybermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
1014 B
3 3lift.com
tlx.3lift.com
eb2.3lift.com
1 KB
3 googletagmanager.com
www.googletagmanager.com
185 KB
3 pbstck.com
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
51 KB
2 advertising.com
pixel.advertising.com
728 B
2 creativecdn.com
creativecdn.com
687 B
2 bidr.io
match.prod.bidr.io
980 B
2 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
643 B
2 webvisor.org
mc.webvisor.org
713 B
2 cloudflare.com
cdnjs.cloudflare.com
13 KB
2 ivstracker.net
hdrbd.ivstracker.net
a.ivstracker.net
87 KB
2 scorecardresearch.com
sb.scorecardresearch.com
905 B
2 chartbeat.com
static.chartbeat.com
mab.chartbeat.com Failed
24 KB
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
15 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 r2b2.io
delivery.r2b2.io
log.r2b2.io
117 KB
1 lentainform.com
cm.lentainform.com
495 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 ad4m.at
ad4m.at
1 quantserve.com
cms.quantserve.com
492 B
1 mathtag.com
sync.mathtag.com
627 B
1 ctnsnet.com
cm.ctnsnet.com
390 B
1 loopme.me
csync.loopme.me
220 B
1 forkcdn.com
api-cengine.forkcdn.com
1 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 chartbeat.net
ping.chartbeat.net
201 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
585 B
1 aralego.net
cdn.aralego.net
1 KB
1 unpkg.com
unpkg.com
2 KB
1 teads.tv
a.teads.tv
248 B
0 e-volution.ai Failed
sync.e-volution.ai Failed
0 googletagservices.com Failed
www.googletagservices.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 crwdcntrl.net Failed
bcp.crwdcntrl.net Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 clientgear.com Failed
event.clientgear.com Failed
0 aralego.com Failed
sync.aralego.com Failed
0 appier.net Failed
ad2.apx.appier.net Failed
368 70
Domain Requested by
52 asset.kompas.com tekno.kompas.com
widget.kompas.com
18 adx.adform.net delivery.r2b2.io
15 sync.1rx.io 14 redirects video.unrulymedia.com
12 ib.adnxs.com delivery.r2b2.io
10 video.unrulymedia.com tekno.kompas.com
video.unrulymedia.com
ajax.googleapis.com
10 fonts.gstatic.com fonts.googleapis.com
9 usermatch.targeting.unrulymedia.com 8 redirects video.unrulymedia.com
8 sync.targeting.unrulymedia.com video.unrulymedia.com
ssum-sec.casalemedia.com
8 rx-stats3.unrulymedia.com tekno.kompas.com
8 ivx-image.ivideosmart.com tekno.kompas.com
8 mc.yandex.ru 3 redirects tekno.kompas.com
cdn.jsdelivr.net
8 bidder.criteo.com adsimg.kompas.com
delivery.r2b2.io
7 cm.g.doubleclick.net 7 redirects
7 dev.visualwebsiteoptimizer.com tekno.kompas.com
dev.visualwebsiteoptimizer.com
6 s-img.mgid.com tekno.kompas.com
6 3000451-kompas-com.cf.ivideosmart.com cdn.jsdelivr.net
6 hb.adscale.de delivery.r2b2.io
6 fastlane.rubiconproject.com delivery.r2b2.io
6 openbid.pubmatic.com delivery.r2b2.io
6 prg.smartadserver.com delivery.r2b2.io
6 prg8.smartadserver.com adsimg.kompas.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cm.mgid.com jsc.mgid.com
tekno.kompas.com
5 match.adsrvr.org 2 redirects scripts.jixie.io
ssum-sec.casalemedia.com
tekno.kompas.com
5 search.spotxchange.com adsimg.kompas.com
5 player.ivideosmart.com tekno.kompas.com
player.ivideosmart.com
client
5 securepubads.g.doubleclick.net tekno.kompas.com
securepubads.g.doubleclick.net
4 traid.jixie.io scripts.jixie.io
4 static.criteo.net delivery.r2b2.io
adsimg.kompas.com
static.criteo.net
4 fonts.googleapis.com tekno.kompas.com
widget.kompas.com
client
3 image8.pubmatic.com 2 redirects tekno.kompas.com
3 x.bidswitch.net 3 redirects
3 tpc.googlesyndication.com tekno.kompas.com
securepubads.g.doubleclick.net
3 c1.adform.net 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects video.unrulymedia.com
ssum-sec.casalemedia.com
3 www.google.com 1 redirects tekno.kompas.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 analytics.google.com www.googletagmanager.com
3 cdn.jsdelivr.net player.ivideosmart.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
tekno.kompas.com
3 www.googletagmanager.com tekno.kompas.com
www.googletagmanager.com
3 adsimg.kompas.com tekno.kompas.com
2 eb2.3lift.com 2 redirects
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tekno.kompas.com
2 pixel.advertising.com 2 redirects
2 creativecdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 match.prod.bidr.io 1 redirects video.unrulymedia.com
2 eus.rubiconproject.com video.unrulymedia.com
eus.rubiconproject.com
2 sync-tm.everesttech.net 2 redirects
2 rx.targeting.unrulymedia.com video.unrulymedia.com
2 cdn.mgid.com tekno.kompas.com
2 mc.webvisor.org 1 redirects tekno.kompas.com
2 p-events.ivideosmart.com player.ivideosmart.com
2 cdnjs.cloudflare.com player.ivideosmart.com
2 delivery.contextads.live vibecdn.contextads.live
impulse.contextads.live
2 dac.contextads.live impulse.contextads.live
dac.contextads.live
2 gum.criteo.com tekno.kompas.com
gum.criteo.com
2 accounts.google.com asset.kompas.com
2 imasdk.googleapis.com player.ivideosmart.com
imasdk.googleapis.com
2 impulse.contextads.live pubs.contextads.live
impulse.contextads.live
2 sb.scorecardresearch.com 1 redirects tekno.kompas.com
jsc.mgid.com
2 static.chartbeat.com tekno.kompas.com
www.googletagmanager.com
2 apis.kompas.com asset.kompas.com
tekno.kompas.com
2 ads.betweendigital.com 1 redirects tekno.kompas.com
2 www.gstatic.com tekno.kompas.com
2 jsc.mgid.com tekno.kompas.com
jsc.mgid.com
2 scripts.jixie.io tekno.kompas.com
1 us-u.openx.net tekno.kompas.com
1 eu-u.openx.net 1 redirects
1 image2.pubmatic.com 1 redirects
1 googleads.g.doubleclick.net tekno.kompas.com
1 ups.analytics.yahoo.com tekno.kompas.com
1 cm.lentainform.com tekno.kompas.com
1 cm.idealmedia.io tekno.kompas.com
1 intake.pbstck.com tekno.kompas.com
1 ad4m.at ssum-sec.casalemedia.com
1 log.r2b2.io delivery.r2b2.io
1 cms.quantserve.com 1 redirects
1 pr-bh.ybp.yahoo.com video.unrulymedia.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync.mathtag.com 1 redirects
1 secure.adnxs.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 csync.loopme.me 1 redirects
1 servicer.mgid.com jsc.mgid.com
1 73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 c.mgid.com jsc.mgid.com
1 ajax.googleapis.com video.unrulymedia.com
1 a.ivstracker.net player.ivideosmart.com
1 api-cengine.forkcdn.com dac.contextads.live
1 s0.2mdn.net imasdk.googleapis.com
1 ping.chartbeat.net tekno.kompas.com
1 ad.jixie.io scripts.jixie.io
1 analytics-vibe.contextads.live vibecdn.contextads.live
1 ampcid.google.com www.google-analytics.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com tekno.kompas.com
1 certify.alexametrics.com tekno.kompas.com
1 sync.search.spotxchange.com tekno.kompas.com
1 ivxplayer.ivideosmart.com player.ivideosmart.com
1 cdn.aralego.net player.ivideosmart.com
1 hdrbd.ivstracker.net player.ivideosmart.com
1 d2wy8f7a9ursnm.cloudfront.net player.ivideosmart.com
1 vibecdn.contextads.live pubs.contextads.live
1 unpkg.com www.googletagmanager.com
1 d31qbv1cthcecs.cloudfront.net tekno.kompas.com
1 widget.kompas.com tekno.kompas.com
1 hbopenbid.pubmatic.com adsimg.kompas.com
1 a.teads.tv adsimg.kompas.com
1 hb.jixie.io adsimg.kompas.com
1 htlb.casalemedia.com adsimg.kompas.com
1 kompascybermedia-d.openx.net adsimg.kompas.com
1 tlx.3lift.com adsimg.kompas.com
1 cdn.pbstck.com boot.pbstck.com
1 pubs.contextads.live tekno.kompas.com
1 boot.pbstck.com tekno.kompas.com
1 delivery.r2b2.io tekno.kompas.com
1 tekno.kompas.com
0 js.adscale.de Failed delivery.r2b2.io
0 ads.pubmatic.com Failed delivery.r2b2.io
0 sync.e-volution.ai Failed tekno.kompas.com
0 www.googletagservices.com Failed securepubads.g.doubleclick.net
0 csm.fr.eu.criteo.net Failed gum.criteo.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 bcp.crwdcntrl.net Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 sync.srv.stackadapt.com Failed video.unrulymedia.com
0 event.clientgear.com Failed video.unrulymedia.com
0 audience.contextads.live Failed dac.contextads.live
0 sync.aralego.com Failed cdn.aralego.net
0 mab.chartbeat.com Failed static.chartbeat.com
0 ad2.apx.appier.net Failed tekno.kompas.com
368 134

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
kompas.com
Amazon		 2021-05-03 -
2022-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
scripts.jixie.io
Encryption Everywhere DV TLS CA - G1		 2021-08-05 -
2022-08-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
1838731126.rsc.cdn77.org
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2021-08-04 -
2022-08-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
player-objects.ivideosmart.com
R3		 2021-08-18 -
2021-11-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
delivery.contextads.live
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
hb.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-17 -
2021-12-16		 6 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adscale.de
Amazon		 2021-05-09 -
2022-06-07		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.ivstracker.net
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.ivideosmart.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
jixie.io
Amazon		 2021-05-08 -
2022-06-06		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
traid.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-18 -
2021-11-17		 6 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.forkcdn.com
Amazon		 2021-08-22 -
2022-09-20		 a year crt.sh
*.cf.ivideosmart.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
mc.webvisor.com
Yandex CA		 2021-08-20 -
2022-02-11		 6 months crt.sh
*.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-16 -
2021-11-16		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2020-10-20 -
2021-10-20		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh

This page contains 24 frames:

Primary Page: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Frame ID: 4D142F2675B65D75729DA266EED4B1A9
Requests: 316 HTTP requests in this frame

Frame: https://widget.kompas.com/kompasiana_widget_read/
Frame ID: EBD8F073B80B0B3CCE5D02914620986D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 07365CED20D5CD992A597918636720EE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tekno.kompas.com
Frame ID: E24B0031EED4991BCFDA76E5E325D57C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Frame ID: FEABD77DF9626D58CBFAF5C8A35A8291
Requests: 1 HTTP requests in this frame

Frame: https://dac.contextads.live/blank.html?url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&amp=false
Frame ID: C3E55F6462A2107D01ECA77D13BCAAA5
Requests: 3 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/native-loader.js
Frame ID: 235E1576403FEFCF99125B930DB8FA96
Requests: 3 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1725-0-g1e62d93.js
Frame ID: C0F369155E01DC94E6FCABD10A1D0DB2
Requests: 15 HTTP requests in this frame

Frame: https://73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 90650850105B347F7C7FFC0900717C9D
Requests: 1 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Frame ID: D3F6859E5F94EE2D8FD311ACAA243634
Requests: 6 HTTP requests in this frame

Frame: https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=unrulyx&bsw_custom_parameter=a7f8a09b-5362-4b3a-a020-813a3e5c17a1
Frame ID: 63DCBD72CB1B5602552C0316687264E9
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
Frame ID: 351CF3EA66C345DBFB8BD9C727301204
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Frame ID: F7ED3087BD57A28A145D0555591BD4A1
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Frame ID: 73B73B6376E945A6F4B485D08A321200
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Frame ID: D043677B71F480C041FFBDB7628EF016
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Frame ID: 52459B3A5470A15779A0D8D33AE1895F
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Frame ID: 567BE768795A0941C8B704142790F211
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
Frame ID: 3C7BDC84D36C4C81E6718C3A98605069
Requests: 3 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=41&siteId=218003
Frame ID: D953DA19427A16F68A1C9D8595B3375E
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/unruly/?siteId=218003
Frame ID: 304FEEEA73AA7996A285F33406B2724E
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync/pulse/OZDgFO3iLEqe
Frame ID: 34C31E0716DBDE25DD7A9F1B79F4BCB1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Frame ID: 45C4252AB640E6B3AB16BA5F6C360A07
Requests: 10 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/unr?siteId=218003&_bee_ppp=1
Frame ID: 79101F81E278812BBA573CFD388C239B
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1633008090207745386392
Frame ID: 7D983D347D145DBB06814C90E839A47E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

368
Requests

92 %
HTTPS

0 %
IPv6

70
Domains

134
Subdomains

93
IPs

12
Countries

3297 kB
Transfer

8535 kB
Size

120
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=De6RX5SUBn2CS9kC2blVYQ
Request Chain 147
  • https://ads.betweendigital.com/adjson?sizes=300x250%2C250x250%2C200x200%2C240x133%2C300x100%2C180x150&jst=hb&s=4412640&cur=USD&ord=991155991636953.9&tz=0&fl=0&rr=direct&bidid=utreb1r3pspgqr&transactionid=jjatf8mzrrnjws&auctionid=ofwsmmx6msbvyg HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x250%2C250x250%2C200x200%2C240x133%2C300x100%2C180x150&jst=hb&s=4412640&cur=USD&ord=991155991636953.9&tz=0&fl=0&rr=direct&bidid=utreb1r3pspgqr&transactionid=jjatf8mzrrnjws&auctionid=ofwsmmx6msbvyg&crf=1
Request Chain 182
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1633008088366&ns_c=UTF-8&c8=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&c7=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1633008088366&ns_c=UTF-8&c8=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&c7=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&c9=
Request Chain 230
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/27790edb-8427-3e87-8c1b-e43cb07ba4e5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-INfBIXNE2oVDyhgl57GWYNVvjmurx094ZlAArpU-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=bae09a2c-caaf-412a-aa09-7bfd359f3189
Request Chain 233
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A307008219590%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A1046176129%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Ati%3A2%3Ast%3A1633008089 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A307008219590%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A1046176129%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Ati%3A2%3Ast%3A1633008089
Request Chain 234
  • https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A957815708914%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A690819154%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633008089%3At%3AMalware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android HTTP 302
  • https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A957815708914%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A690819154%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633008089%3At%3AMalware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android
Request Chain 253
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9412.VEk6M8NwXSzyaNiOGVF7WIVmCpgJhHmwyurliufN2Igc-_MLx1gKPN44EkqeEKzi.ME7aY_k8ksHdyZuxBGjFkozPcyc%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9412.lpO5ofy8OGUGNzu7cJ4OfmQrfEezNhmqh2pWV34ixWLU07Zc_mj_c-jofJ4MXO-OyZjZI1IB27DWbFeGuOvipfc7Wb1-OvVRPLaS7LPZ760%2C.tSGQziH0yFGb5cM95flNg_JOIpw%2C
Request Chain 301
  • https://x.bidswitch.net/sync?ssp=unrulyx&siteId=218003 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=unrulyx&siteId=218003 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=unrulyx&bsw_custom_parameter=a7f8a09b-5362-4b3a-a020-813a3e5c17a1
Request Chain 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D&siteId=218003 HTTP 307
  • https://usermatch.targeting.unrulymedia.com/usermatch/loopme/e3d3a84a-38a2-4d1f-b3cc-bda396505603?siteId=218003 HTTP 302
  • https://sync.1rx.io/usersync/loopme/e3d3a84a-38a2-4d1f-b3cc-bda396505603?siteId=218003 HTTP 302
  • https://sync.1rx.io/usersync/loopme/e3d3a84a-38a2-4d1f-b3cc-bda396505603?zcc=1&dspret=0&cb=1633008089980 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
Request Chain 303
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D&siteId=218003 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/809b5827ed6b4da38e2a63d6e733fe2e HTTP 302
  • https://sync.1rx.io/usersync/crimtan/809b5827ed6b4da38e2a63d6e733fe2e HTTP 302
  • https://sync.1rx.io/usersync/crimtan/809b5827ed6b4da38e2a63d6e733fe2e?zcc=1&dspret=0&cb=1633008089988 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Request Chain 304
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/2233821730145653958 HTTP 302
  • https://sync.1rx.io/usersync/appnexus/2233821730145653958 HTTP 302
  • https://sync.1rx.io/usersync/appnexus/2233821730145653958?zcc=1&dspret=0&cb=1633008089977 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Request Chain 305
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D&siteId=218003 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/2acc6155-b9d9-4f00-8b82-54efb9736122 HTTP 302
  • https://sync.1rx.io/usersync/mediamathtest/2acc6155-b9d9-4f00-8b82-54efb9736122 HTTP 302
  • https://sync.1rx.io/usersync/mediamathtest/2acc6155-b9d9-4f00-8b82-54efb9736122?zcc=1&dspret=0&cb=1633008089978 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Request Chain 306
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=218003 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=218003&_test=YVW52QAFhMYMRQAT HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YVW52QAFhMYMRQAT?&siteId=218003&_test=YVW52QAFhMYMRQAT HTTP 302
  • https://sync.1rx.io/usersync/adobe/YVW52QAFhMYMRQAT?&siteId=218003&_test=YVW52QAFhMYMRQAT HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Request Chain 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1&siteId=218003 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/bae09a2c-caaf-412a-aa09-7bfd359f3189 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/bae09a2c-caaf-412a-aa09-7bfd359f3189 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/bae09a2c-caaf-412a-aa09-7bfd359f3189?zcc=1&dspret=0&cb=1633008089977 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Request Chain 308
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east&siteId=218003 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
Request Chain 311
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25&siteId=218003 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/OZDgFO3iLEqe HTTP 302
  • https://sync.1rx.io/usersync/pulse/OZDgFO3iLEqe
Request Chain 312
  • https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&siteId=218003 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Request Chain 313
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=218003 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=218003&_bee_ppp=1
Request Chain 314
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=218003 HTTP 302
  • https://sync.1rx.io/usersync/quantcast/GMxh2kzEMNYDmGHfTZx5ihvFYtkDmDWJTZs2YQ-q?gdpr=1
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc&siteId=218003 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm=&google_sc=&siteId=218003&google_tc= HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEC9GcP1o-IZiZUe7rW0BKlU?siteId=218003&google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/google/CAESEC9GcP1o-IZiZUe7rW0BKlU?siteId=218003&google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/google/CAESEC9GcP1o-IZiZUe7rW0BKlU?zcc=1&dspret=0&cb=1633008089978 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Request Chain 330
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVW52St3tjXD6w0TxlUtZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENK7J1AHQo8CRylqOhYanrA&google_cver=1&gdpr=1
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVW52St3tjXD6w0TxlUtZwAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFUuFgV1L6a-61A1r6W3Z10&google_cver=1
Request Chain 336
  • https://usermatch.targeting.unrulymedia.com/usermatch/casale/YVW52St3tjXD6w0TxlUtZwAA%261175 HTTP 302
  • https://sync.1rx.io/usersync/index/YVW52St3tjXD6w0TxlUtZwAA&1175 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Request Chain 355
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=SSzCCc9zWLpAAAZp0024&pi=mgid&tc=1
Request Chain 356
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5023935537043937&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 359
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l8utYhj3TEl6 HTTP 302
  • https://pixel.advertising.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=&apid=UP52eef6f6-21f1-11ec-94a3-0662f291b022
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDh1dFloajNURWw2&muidn=l8utYhj3TEl6 HTTP 302
  • https://cm.mgid.com/google?muidn=l8utYhj3TEl6&google_ula={guid},5&google_gid=CAESEBdUW3WLWOYIj3g8PgB9zNs&google_cver=1
Request Chain 362
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=bae09a2c-caaf-412a-aa09-7bfd359f3189&ttl=1635600090
Request Chain 366
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 373
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjg3QTY2MUUtOUQ5Qy00RTg5LTk0RjUtNzA4RTNCRjExMEQ3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 374
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAvtELBjEaRVbipoZP8dvRU&google_cver=1
Request Chain 375
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

368 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
tekno.kompas.com/read/2021/09/30/14030047/ 		259 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-117.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
d5d0d8c07a70637d67170786bac8c3944324a9fdbfeca47489cb6a936c056dce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
tekno.kompas.com
:scheme
https
:path
/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 30 Sep 2021 13:18:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-encoding
gzip
x-edge-origin-shield-skipped
0
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
DjnV5U_OgcITYHhz6vOb_JEs-3RWrViHXhRljZdMinqB4mbsWAF7Cg==
age
178
css
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
1c4eef698fad3e287afee66980e80c9999880d47912c3f5d56628a03e4e6ded6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 13:21:27 GMT
server
ESF
date
Thu, 30 Sep 2021 13:21:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 30 Sep 2021 13:21:27 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=547785&f=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
bd9eb05d7887bcad7789c61cdbdc9e994aa6c5ecf44eca5c69bfd048b0ea0f55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Sep 2021 13:21:27 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
kcm2017-article.min.css
asset.kompas.com/data/2017/wp/css/ 		181 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/css/kcm2017-article.min.css?v=136
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
f87b7349419f5a67e47e4039acd09f477a4836da92e9b0ab2c640a2e9b6cf688

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 08:07:59 GMT
content-encoding
gzip
age
882807
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Sep 2021 08:03:52 GMT
server
nginx
etag
W/"ead3defaf3626395657fa14b6d9954c6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
_a9Drd8dFfYu2YQwIPRC6jedpcbT.Bc1
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Tue, 20 Sep 2022 08:07:59 GMT
cache-control
max-age=31536000
x-amz-meta-s3b-last-modified
20210920T045541Z
x-amz-cf-pop
DUS51-C1
content-type
text/css
x-amz-cf-id
1aUAh7Uudlm1iSnS0tcnjrOCWwAURmLdtbnsqnyEyXpDPHO1d2Zqtg==
x-amz-meta-sha256
f87b7349419f5a67e47e4039acd09f477a4836da92e9b0ab2c640a2e9b6cf688
kcm2017-iconpack-article.min.css
asset.kompas.com/data/2017/wp/css/ 		21 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/css/kcm2017-iconpack-article.min.css?v=2
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
c826fd7425c5fd195e95bbf99c1d13f6cb2467af4bc130e3d233348e2d348004

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8ZWMqA9AX_3FkWJASl.bAoxmWgYf6qwH
content-encoding
gzip
etag
W/"9b7925188e2a9e58b8ad29b43672f4ea"
age
333606
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 19 Jan 2021 09:46:19 GMT
server
nginx
date
Sun, 26 Sep 2021 16:41:21 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
text/css
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
d01wB93Sf5b95GxtU2_bJOr-Ii7eaBp55NT-w1K2FUfrRAMybOdXJw==
expires
Mon, 26 Sep 2022 16:41:21 GMT
kcm2019-photo-article.min.css
asset.kompas.com/data/2017/wp/css/ 		32 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/css/kcm2019-photo-article.min.css?v=5
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
1f408da17d46506563eda5506bc190d4f490186de087590d682c3ccbd876c364

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 07:43:27 GMT
content-encoding
gzip
age
711480
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 22 Sep 2021 07:25:41 GMT
server
nginx
etag
W/"c70086a2809b88540e761df0a010d78a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
op1K4SAqbyfQVYCDHAeX.XwOAyeWwdEx
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 07:43:27 GMT
cache-control
max-age=31536000
x-amz-meta-s3b-last-modified
20210921T133154Z
x-amz-cf-pop
DUS51-C1
content-type
text/css
x-amz-cf-id
qckuA_AVk607zLkNG8KiQ7SNkPsvuWoYOcDA_2pbUZ5qnP9FIGgvOQ==
x-amz-meta-sha256
1f408da17d46506563eda5506bc190d4f490186de087590d682c3ccbd876c364
jquery-1.12.0.min.js
asset.kompas.com/data/2017/wp/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/jquery-1.12.0.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 23:50:29 GMT
content-encoding
gzip
age
912657
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
W/"cbb11b58473b2d672f4ed53abbb67336"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
DwhE6yyPxTCPerruPort-165RHqgkVPWpJeQanG4_xs1W7blu7o-VQ==
expires
Mon, 19 Sep 2022 23:50:29 GMT
modernizr.custom.js
asset.kompas.com/data/2017/wp/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/modernizr.custom.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
15e3d2e4b0b2358a0edc941ce88a7e7142591c7e2ece6a479e03f54a3ef75222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 16:47:43 GMT
content-encoding
gzip
age
1024424
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
W/"d73bb750efb0222082ce3c1e3339a0b6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
Apc0GjXIrHw7GYlocxRDt-xvaqg8umbbyBl8uuFBgiQU38Qk4mz9wA==
expires
Sun, 18 Sep 2022 16:47:43 GMT
jixietracker_2_1.min.js
scripts.jixie.io/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.io/jixietracker_2_1.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f2147c044463e12d3de85d65c1ac2f1657758efd31f2cec50f160e1d4e635e7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:02:06 GMT
content-encoding
gzip
x-oss-request-id
6155B54E2FFB293737025711
content-md5
DMn5c524uzlCyU69UjelWg==
age
1162
x-cache
HIT TCP_MEM_HIT dirn:12:860227846
x-oss-cdn-auth
success
x-swift-cachetime
2591995
x-swift-savetime
Thu, 30 Sep 2021 13:02:11 GMT
content-length
6647
x-oss-object-type
Normal
last-modified
Thu, 30 Sep 2021 13:00:31 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1633006926
content-type
application/javascript
via
cache9.l2ot7-1[0,0,200-0,H], cache10.l2ot7-1[0,0], cache10.l2ot7-1[1,0], cache11.de3[0,0,200-0,H], cache13.de3[1,0]
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
3852087564331474291
eagleid
4f85b1a116330080883368866e
x-oss-server-time
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b09a1f303a8817ecc0d70ebed2e5324cdc71dd75dd7b452e08984b2dfb202440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1001 / 220 of 1000 / last-modified: 1632780739"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25684
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Sep 2021 13:21:27 GMT
prebid-unified.js
adsimg.kompas.com/html5/jixie/ 		257 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-44.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8c7a5e1fd7332d8f6d6773f401fc841d8239c8292e4b053a5d2ab226c7e81032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 17:20:54 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 07:22:39 GMT
server
nginx
age
2577633
etag
W/"6076983f-40219"
x-cache-status
EXPIRED
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ngmcc-3P_onohgxy20EVUAvSiyUekUR3MZ10uIdA8Bmbj3q5gALRxQ==
expires
Wed, 31 Aug 2022 17:20:54 GMT
kompas.com_desktop
delivery.r2b2.io/hb/kompasGramedia/ 		413 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
94982612e5f7d14427a02ea8167ab078f05250eb91307c1943d4aa835bdc33db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
gzip
x-77-nzt-ray
5uhFEBupgP8=
x-77-cache
HIT
x-cache
HIT
x-age
167
content-length
118989
x-77-nzt
AcO1rgUlJBPvpwAAAA==
x-accel-expires
@1633009720
adt-powered-by
slim
server
CDN77-Turbo
etag
dcd17dd7bd2daaa02ba1ffbac2c12379
content-type
text/javascript; charset=utf-8
cache-control
s-maxage=1800
accept-ranges
bytes
f592773f-0b4f-4e7c-8cef-a1ca0bc0cec6
boot.pbstck.com/v1/tag/ 		1 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/f592773f-0b4f-4e7c-8cef-a1ca0bc0cec6
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad66ca1ed99f81751a462a58408ec0d41c9dd4ad75e76ab3c475b330af4dada4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
696dc125281f4e32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo-kompascom-26.png
asset.kompas.com/data/2017/wp/images/ultah/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/wp/images/ultah/logo-kompascom-26.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
48306f0f150a61653178a8e9fb516f18b28b6db34d4ba1e1f3e32ade0db77108

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:11:33 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1426194
x-amz-meta-sha256
48306f0f150a61653178a8e9fb516f18b28b6db34d4ba1e1f3e32ade0db77108
x-cache
Hit from cloudfront
content-length
6234
last-modified
Mon, 13 Sep 2021 03:48:45 GMT
server
nginx
etag
"eeaaa09a0e9ecb217cf3d225a5b5e889"
access-control-allow-methods
GET, OPTION
x-amz-version-id
AfeyWxWrqN.euyytkNDW5JnfKP65qFPZ
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 01:11:33 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
RzVhJLkM6lTR3FgEY2ocSBxapNI_gIQ7yJzY4NYY9oBfbQhNTtpJeQ==
x-amz-meta-s3b-last-modified
20210909T120034Z
gtm.js
www.googletagmanager.com/ 		462 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PT7PC4
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
958418d2756ad4c809f51c9b9fcd99986aa469b536425652138f2effb4c35864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89128
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Sep 2021 13:21:27 GMT
ultah26.css
asset.kompas.com/data/2017/wp/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/css/ultah26.css
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
a1a0e3a1a0516b12eddf6df9d12eb59f355ed9003e2516fc8b15747f565ba90a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:11:43 GMT
content-encoding
gzip
age
1426184
x-amz-meta-sha256
a1a0e3a1a0516b12eddf6df9d12eb59f355ed9003e2516fc8b15747f565ba90a
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 14 Sep 2021 01:06:56 GMT
server
nginx
etag
W/"fdd78f2670501e95a0bf20f9708e0c14"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
uVwQNG3jprgW8xsa94.P35W1Jzvi2MTK
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Wed, 14 Sep 2022 01:11:43 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
text/css
x-amz-cf-id
_304Nn13SfroxCMxZxH0ehLCZ0c42iG89UMuTm6G-XOgo7lVeYRltA==
x-amz-meta-s3b-last-modified
20210914T010619Z
ultah26-bird.png
asset.kompas.com/data/2017/wp/images/ultah/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/wp/images/ultah/ultah26-bird.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6c1be76425a049d127113d2963e7b5fde51239701153110a2c369d7222f78ea1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:11:45 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1426182
x-amz-meta-sha256
6c1be76425a049d127113d2963e7b5fde51239701153110a2c369d7222f78ea1
x-cache
Hit from cloudfront
content-length
1927
last-modified
Mon, 13 Sep 2021 05:36:48 GMT
server
nginx
etag
"387c3873da3c59fc25cb14e17329de57"
access-control-allow-methods
GET, OPTION
x-amz-version-id
2cghJrTrc63ZVtOUZybGelPbmPb_40cw
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 01:11:45 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
iD-9e5Tvzqh4Mnne6mkoyKHCIzkZnndXG2lKqQI3khG02NYR4cxOWA==
x-amz-meta-s3b-last-modified
20210910T162942Z
ultah26-kompascom.png
asset.kompas.com/data/2017/wp/images/ultah/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/wp/images/ultah/ultah26-kompascom.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
93e06b09c44f909df88efa9d728f6ee379d938105cb33f32e0de145eb3b2772a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:11:45 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1426182
x-amz-meta-sha256
93e06b09c44f909df88efa9d728f6ee379d938105cb33f32e0de145eb3b2772a
x-cache
Hit from cloudfront
content-length
2472
last-modified
Mon, 13 Sep 2021 05:36:48 GMT
server
nginx
etag
"7a4c5a86b96b4be4d7bb92aa76da796d"
access-control-allow-methods
GET, OPTION
x-amz-version-id
9OeoR1jnC7wWrTppyseD7PN5cH5mgvlF
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 01:11:45 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
6admbfXH7QS9B7h7aWpzj5aYtMvexkj3gSUDqCMIZf4c9PvUwC6FAQ==
x-amz-meta-s3b-last-modified
20210910T133218Z
ultah26-logo.png
asset.kompas.com/data/2017/wp/images/ultah/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/wp/images/ultah/ultah26-logo.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6e63ba5665cd0dee1efa420a8e38e465ff6920463bfd3f409c1721ec392ad54d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:11:45 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1426182
x-amz-meta-sha256
6e63ba5665cd0dee1efa420a8e38e465ff6920463bfd3f409c1721ec392ad54d
x-cache
Hit from cloudfront
content-length
8206
last-modified
Mon, 13 Sep 2021 05:36:48 GMT
server
nginx
etag
"fd531d01927f66df29f8b6bc8c6b25c9"
access-control-allow-methods
GET, OPTION
x-amz-version-id
2dcsN4oWtDwrUxfcJdNMSDhjGF9gGKyu
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 01:11:45 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
JjtwMFEf8tQGJXIQ2rTofVh0NDE40KbRVYqxNuVKGM_NFU1v6NRV7A==
x-amz-meta-s3b-last-modified
20210910T123658Z
ultah26-text.png
asset.kompas.com/data/2017/wp/images/ultah/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/wp/images/ultah/ultah26-text.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
ebe46d4727d4074fe9150b7265e2937f71af51883280583c25ea52a883500916

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:11:45 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1426182
x-amz-meta-sha256
ebe46d4727d4074fe9150b7265e2937f71af51883280583c25ea52a883500916
x-cache
Hit from cloudfront
content-length
2513
last-modified
Mon, 13 Sep 2021 05:36:49 GMT
server
nginx
etag
"a8443dbbad421b453d98fc91ae16c900"
access-control-allow-methods
GET, OPTION
x-amz-version-id
ImamW6ojR40A34k8EcVLz7o8P0ufzH_u
access-control-allow-origin
*
expires
Wed, 14 Sep 2022 01:11:45 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
Yb6NiNl06sLi3B2dADsBPTwRCRmxD3a5gR74NKvYYLo0rxYt-EAazA==
x-amz-meta-s3b-last-modified
20210910T140834Z
657640552.jpg
asset.kompas.com/crops/WqCp2dEKAcuvE2hX8Idswad-FEw=/0x0:1000x667/750x500/data/photo/2017/07/07/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/WqCp2dEKAcuvE2hX8Idswad-FEw=/0x0:1000x667/750x500/data/photo/2017/07/07/657640552.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
1a550bffd5d373cd58ae259cb7cbc5a2755726278932f9b1a7a804d461bc889b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 07:23:53 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
21454
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
43888
server
nginx
etag
"c25b7c1ed6de085d7b2e90284ccb4ee236b6a9ed"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ZcoZhyBZM4bqqtWTcu-ORlsZXPgjOotowh_-v-pcMmR5CTufkBiT9A==
expires
Fri, 30 Sep 2022 07:23:53 GMT
5edf1eeb9b98e.jpg
asset.kompas.com/crops/mnO2eS3C9KH71ysRyTNTSmXEcu0=/0x33:700x500/750x500/data/photo/2020/06/09/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/mnO2eS3C9KH71ysRyTNTSmXEcu0=/0x33:700x500/750x500/data/photo/2020/06/09/5edf1eeb9b98e.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
73700447180edc12313306766f0817a8667bd9ceb232db402624ac70268b8b88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 07:20:56 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
21631
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
61192
server
nginx
etag
"8c1b68cb1e7be86dced93613209413806c1ad11f"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Zi4ylC9rfvMVltdE2XT-487sF90GsxAkuRpl8-Nqk-WX1XcwWBW76Q==
expires
Fri, 30 Sep 2022 07:20:56 GMT
jxosm.1.0.min.js
scripts.jixie.io/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.io/jxosm.1.0.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c31867946bb800299b9ac99549ddbf91ef0541f0da11df818bb631b60d13fb28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 11:25:56 GMT
content-encoding
gzip
x-oss-request-id
6152FBC4D06C7B373929B981
content-md5
Qi6M6vTlBt+VrR2xqWQtTg==
age
179732
x-cache
HIT TCP_MEM_HIT dirn:12:319884231
x-oss-cdn-auth
success
x-swift-cachetime
2591991
x-swift-savetime
Tue, 28 Sep 2021 11:26:05 GMT
content-length
16584
x-oss-object-type
Normal
last-modified
Tue, 28 Sep 2021 11:22:54 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1632828356
content-type
application/javascript
via
cache15.l2de2[0,0,200-0,H], cache1.l2de2[1,0], cache1.l2de2[1,0], cache13.de3[0,0,200-0,H], cache13.de3[1,0]
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
11970172818298628092
eagleid
4f85b1a116330080883368867e
x-oss-server-time
0
logo-kompas-play.png
asset.kompas.com/data/2017/wp/images/info/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/wp/images/info/logo-kompas-play.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
48ccf4de53de559c0943ba8d0a0155c0fc939efb396c495ddd32d73327883797

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
XoJTA2G799oTTf6nj6avzbXBHJtEikAX
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
etag
"031fac4901315e28563f3cc04b89d96e"
age
208532
x-amz-meta-sha256
48ccf4de53de559c0943ba8d0a0155c0fc939efb396c495ddd32d73327883797
x-cache
Hit from cloudfront
content-length
26262
last-modified
Thu, 29 Jul 2021 03:16:58 GMT
server
nginx
date
Tue, 28 Sep 2021 03:25:55 GMT
access-control-allow-methods
GET, OPTION
content-type
image/png
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 03:25:55 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
4CNI06MesVr1r2k6OHSvlxCfohO1swo83KrewiS5u40qIoVprkaIqw==
x-amz-meta-s3b-last-modified
20210725T122550Z
loader.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR62-C4
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
2896
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Tue, 28 Sep 2021 04:58:50 GMT
Server
AmazonS3
ETag
W/"a13aa5b57d25ceda2ed7ea95f92c6a80"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
lTLXpiZ1EVi8uYm8srnAyZGVf4HMLCUrm5khk8yfRyfO6It7DdyZfA==
5fed8858023fa.jpeg
asset.kompas.com/crops/UQyJR60xwl4Xdbjp2FcpGos4wdo=/0x83:1000x750/100x100/data/photo/2020/12/31/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/UQyJR60xwl4Xdbjp2FcpGos4wdo=/0x83:1000x750/100x100/data/photo/2020/12/31/5fed8858023fa.jpeg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
f5b456c1b901c3cf83c6d0157973030ad5eab5da9b4205b580af723c75206034

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:14:20 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
270427
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
2935
server
nginx
etag
"f8151c4149c23bd12c3be03756918f674d7cb170"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
aWiZrrx-FjsDkb-_wwDsWVVLczexPEmXI2FObXjZcEQQwkfI261qmw==
expires
Tue, 27 Sep 2022 10:14:20 GMT
5ec746d5589a1.jpg
asset.kompas.com/crops/F9oCG2x77Jgi8xM1XnMYDWbir08=/263x128:1080x673/100x100/data/photo/2020/05/22/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/F9oCG2x77Jgi8xM1XnMYDWbir08=/263x128:1080x673/100x100/data/photo/2020/05/22/5ec746d5589a1.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
134434a83da00293a8ac1efb39bef2f026d08c4aaf8a93fce6ca10a791fbba74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
server
nginx
x-edge-origin-shield-skipped
0
etag
"1cb910be989affd49e84a9088221798772d6ca59"
x-cache-status
MISS
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Miss from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
2643
x-amz-cf-id
VY78N6DYFvap5tyRYjB4bTz1g5ljtf-a8iOeH1A71VGeMYTvtd1iYQ==
expires
Fri, 30 Sep 2022 13:21:30 GMT
5fad276a0ba02.jpg
asset.kompas.com/crops/XnUrscw8O19FitbWxYlShhyI02w=/0x0:1200x800/100x100/data/photo/2020/11/12/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/XnUrscw8O19FitbWxYlShhyI02w=/0x0:1200x800/100x100/data/photo/2020/11/12/5fad276a0ba02.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
c560fc31525b02ad3ea6e1c0bd913e998225811cdea1621a5cdda5dab939791d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
server
nginx
x-edge-origin-shield-skipped
0
etag
"cc91c1720ef3c12d2c8d7bb7c4788e757244b5e0"
x-cache-status
MISS
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Miss from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
2290
x-amz-cf-id
1CHhBxhczHC54M9I1AgttouLNKyZS3U2EjpDkLXsp31S4OXSUOLAag==
expires
Fri, 30 Sep 2022 13:21:28 GMT
jixie-logo.png
asset.kompas.com/data/2017/widget/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/widget/images/jixie-logo.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
28a756f6f166c2b3b1167df51592cc202232958b649cb97da2903d6cc31b1db3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 05:35:47 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
2360740
x-cache
Hit from cloudfront
content-length
1931
last-modified
Mon, 11 Feb 2019 12:34:21 GMT
server
nginx
etag
"3029b15ec1f9f41ab87f8b5f01783d5d"
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
E4nUaL_qTi7nhJYBnpvcEfHDkcIl-IeyADkN6bZYp2jp5uH-MQttwQ==
expires
Sat, 03 Sep 2022 05:35:47 GMT
postmessage-parent.js
asset.kompas.com/data/2017/wp/js/ 		560 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/postmessage-parent.js?v=4
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
703d76f4a8df00a9cc8c0600ddd180c4ad3b6f431add5a021fcc86f6bc89a3c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
etag
"7052063759666560e40709207eb489a8"
age
583940
x-cache
Hit from cloudfront
content-length
560
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
date
Thu, 23 Sep 2021 19:09:07 GMT
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
vAV_H6ayyr_QrXes7UI2irxdtirxq_S-ajuM93koW-vdSLR3rmJDxw==
expires
Fri, 23 Sep 2022 19:09:07 GMT
postmessage-child.js
asset.kompas.com/data/2017/wp/js/ 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/postmessage-child.js?v=5
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
71ed458dad8608fd5959ca474639c1930b11b237fdd8ad752302b39e3aa997ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"d46832726009bcb37dd48f95c2f6bd7c"
age
36018
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
date
Thu, 30 Sep 2021 03:21:12 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
7F2PGfHqbda6oATkPrfDJBi8QJSxKCe2UTTHwm3dx9DRo3E5og3aSw==
expires
Fri, 30 Sep 2022 03:21:09 GMT
kompas.com.984609.js
jsc.mgid.com/k/o/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/k/o/kompas.com.984609.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f114ca15de000e9e28113c7c5010726ffff8c986a94eacd16a8370457a0baf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
cf-cache-status
HIT
age
1458
last-modified
Tue, 14 Sep 2021 09:00:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T050YP1HCJATR3EN
x-amz-id-2
guyGb3T7LSx7yjIDpaoPgdx18OutSoOf7O1yzqNbqyRY7R+oqIoCP9bQGIV2UKN8vPNtLdYpVVY=
cf-bgj
minify
server
cloudflare
etag
W/"35e6a9696e2dfeefe21512228ec79e96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
696dc1258c941786-FRA
expires
Thu, 30 Sep 2021 16:21:27 GMT
sticky_style.css
adsimg.kompas.com/html5/assets_ads/rectangle-sticky-read/css/ 		667 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adsimg.kompas.com/html5/assets_ads/rectangle-sticky-read/css/sticky_style.css?v=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-44.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
440983a736ab3843d65e3c512b7ec9cdfab27b0060af54dcaa51501d5e5ddf7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:00:11 GMT
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
age
246076
x-cache-status
EXPIRED
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
667
last-modified
Thu, 28 Feb 2019 19:36:50 GMT
server
nginx
etag
"5c783852-29b"
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
C2D11hhryMtdkTMcs3bG_fzAfcffdBuU_Q785ee_UwWEpDoAJ7e-ig==
expires
Tue, 27 Sep 2022 17:00:11 GMT
jquery-scrolltofixed-min.js
adsimg.kompas.com/html5/assets_ads/rectangle-sticky-read/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsimg.kompas.com/html5/assets_ads/rectangle-sticky-read/js/jquery-scrolltofixed-min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-44.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
2a5d6f434ca2a1ee89ea27668f9e6a18d8283ab28e4c987859815d9a2567bd9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 14:26:00 GMT
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
last-modified
Thu, 28 Feb 2019 19:36:52 GMT
server
nginx
age
600927
etag
"5c783854-16dd"
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
5853
x-amz-cf-id
mWeQ5VwBzL-9GtFgr_UyLGDAWoaNdO1QwCbKZwWS88DmXBjQvfqksA==
expires
Fri, 23 Sep 2022 14:26:00 GMT
ico-motivasi.png
asset.kompas.com/data/2021/sonora/desktop/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2021/sonora/desktop/image/ico-motivasi.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
61f1358a37a758c9aaf2829606761dba3bd29f43ee3badbc24591f3eaff45e35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 16:04:08 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1113439
x-amz-meta-sha256
61f1358a37a758c9aaf2829606761dba3bd29f43ee3badbc24591f3eaff45e35
x-cache
Hit from cloudfront
content-length
1583
last-modified
Mon, 03 May 2021 06:44:15 GMT
server
nginx
etag
"949d4bbef49ae03156f08925189016aa"
access-control-allow-methods
GET, OPTION
x-amz-version-id
Wl5GP_hIDJWUp1QFh20rY1cWX.fanrLw
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 16:04:08 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
rvgZY0hO_rUt7tXL5FS42LDaPxVNh2oIrEbVcSS0DF-WrCQjdo_WTw==
x-amz-meta-s3b-last-modified
20210503T063725Z
ico-fengshui.png
asset.kompas.com/data/2021/sonora/desktop/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2021/sonora/desktop/image/ico-fengshui.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
08ce4b02371a6d650556140a8284b81121866c36516bebb69234179e2983e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 21:30:45 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1612242
x-amz-meta-sha256
08ce4b02371a6d650556140a8284b81121866c36516bebb69234179e2983e691
x-cache
Hit from cloudfront
content-length
1963
last-modified
Mon, 03 May 2021 06:44:15 GMT
server
nginx
etag
"5b854fd8f7ec67f6a2f312e33360ae2b"
access-control-allow-methods
GET, OPTION
x-amz-version-id
TGyi1938mVE2ApxEcmCxS0eExbAVb098
access-control-allow-origin
*
expires
Sun, 11 Sep 2022 21:30:45 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
l-gZXM0kjU4BHzVj5UMopvNZMMtZhfXH3tKGqJAQx4wwidFIWuDICA==
x-amz-meta-s3b-last-modified
20210503T063734Z
ico-tips-bisnis.png
asset.kompas.com/data/2021/sonora/desktop/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2021/sonora/desktop/image/ico-tips-bisnis.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b7b9c9f6191d6920f404155523db0be49dfc0fbba65f709fe8c754f48472e259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 12:15:31 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1299956
x-amz-meta-sha256
b7b9c9f6191d6920f404155523db0be49dfc0fbba65f709fe8c754f48472e259
x-cache
Hit from cloudfront
content-length
1486
last-modified
Mon, 03 May 2021 06:44:15 GMT
server
nginx
etag
"943222584fdc76a1089fe175598ef82b"
access-control-allow-methods
GET, OPTION
x-amz-version-id
pauyGm3McV18H0.faBtdRC8XGOk6d7zV
access-control-allow-origin
*
expires
Thu, 15 Sep 2022 12:15:31 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
f0PddKea5MUoAYX383qfXUFFJf6S6katYCr_brFF29nin-qqELAEEA==
x-amz-meta-s3b-last-modified
20210503T063740Z
ico-kesehatan.png
asset.kompas.com/data/2021/sonora/desktop/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2021/sonora/desktop/image/ico-kesehatan.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
06450408f5e426091c76879269f3d1e7ca0dfcb558a7989e5f7b1c5ee8cd2745

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
InvaEYIOgZVpFzwVGl5MJlzfRFavqz7w
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
etag
"01286ddbab2d3cd378e02fac24c8994e"
age
386349
x-amz-meta-sha256
06450408f5e426091c76879269f3d1e7ca0dfcb558a7989e5f7b1c5ee8cd2745
x-cache
Hit from cloudfront
content-length
1071
last-modified
Mon, 03 May 2021 06:44:15 GMT
server
nginx
date
Sun, 26 Sep 2021 02:02:18 GMT
access-control-allow-methods
GET, OPTION
content-type
image/png
access-control-allow-origin
*
expires
Mon, 26 Sep 2022 02:02:18 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
kw4DvkRP7h4d_3TiPNCsCdZMLisDU_p66D072oYXjpdJIk03zV6cCA==
x-amz-meta-s3b-last-modified
20210503T063746Z
60e6986996a5f.jpg
asset.kompas.com/crops/F-L9B1lCFlmBkzc1V0X8rVYA2do=/0x0:1280x853/95x95/data/photo/2021/07/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/F-L9B1lCFlmBkzc1V0X8rVYA2do=/0x0:1280x853/95x95/data/photo/2021/07/08/60e6986996a5f.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
a97a0e5352459ab9530c7d57b738de46346850dfa8cd5d39624d9e205157fb49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 05:56:16 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
26711
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
3192
server
nginx
etag
"f4808b93ea0ff2d5d4300316ab8c391063184e75"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
7OEVzjnD5IaPo-cmXm_ja-vhkwtP3gYm4qrhEyjpaKMZGNDfAtPnmw==
expires
Fri, 30 Sep 2022 05:56:16 GMT
6155236cde9c5.jpg
asset.kompas.com/crops/WALEbq2C55_StOnD383zQzelTL8=/36x0:566x353/95x95/data/photo/2021/09/30/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/WALEbq2C55_StOnD383zQzelTL8=/36x0:566x353/95x95/data/photo/2021/09/30/6155236cde9c5.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
931669dc7534e07781413ea097567d10023d9944e355464a6059a62fb6828456

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 04:09:57 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
33090
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
3248
server
nginx
etag
"5360b018f83d98a2fd9c2cba569f5058556ef6cc"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
xsXzD0ERnX8bVI3S0vx4FaNzCL6MG4SYDF_Y7Gle8GmPLNnuNdRC0w==
expires
Fri, 30 Sep 2022 04:09:57 GMT
61551b236e555.png
asset.kompas.com/crops/CfOOW4Xs6V2tTmkIX8tkolfNwEQ=/0x0:3840x2560/95x95/data/photo/2021/09/30/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/CfOOW4Xs6V2tTmkIX8tkolfNwEQ=/0x0:3840x2560/95x95/data/photo/2021/09/30/61551b236e555.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
f3f9986325d6f63324390d51037493f351009cc796843154f9b635b9c13e0582

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 03:25:22 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
35764
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
15005
server
nginx
etag
"a7036a16057fe61e3de0f1f401be25bbe7414727"
access-control-allow-methods
GET, OPTION
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
2Jo3JVKnPBZMGFVkW6ctHlWOQc4VDZjUUkz2JaA323iTMf6gikHZeg==
expires
Fri, 30 Sep 2022 03:25:22 GMT
3138264319.jpg
asset.kompas.com/crops/2VtBBvQJxUeKUl10r2BjpWUxkWA=/0x67:800x600/95x95/data/photo/2019/07/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/2VtBBvQJxUeKUl10r2BjpWUxkWA=/0x67:800x600/95x95/data/photo/2019/07/10/3138264319.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
228fbac4797d6a646183b985d553df9fc2a9c3806024be616a069fe340ee4376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 05:56:16 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
26711
x-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
3964
server
nginx
etag
"dd9e14e8aba6593d31818d6dbc8185c5086949c9"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
MQDpTexutvCyI5fRWLnZUIRlP9ClwxPkerliIBFsoZ54pcB-DI2x5g==
expires
Fri, 30 Sep 2022 05:56:16 GMT
61550d10811de.jpg
asset.kompas.com/crops/WB9u9FOPVFAasMihpfEVSA7nIVE=/112x0:1335x815/95x95/data/photo/2021/09/30/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/WB9u9FOPVFAasMihpfEVSA7nIVE=/112x0:1335x815/95x95/data/photo/2021/09/30/61550d10811de.jpg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
397b82ed5acd88feea73e1c0c5a4ad6ca7218951fa81048d295db0a8345407d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 03:11:17 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
36609
x-cache-status
HIT
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
1627
server
nginx
etag
"fa8a3d7de2ac58e5240c6de1d54eb82e3673de8c"
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
2LQEDdMTsTzlpzMLxctfWcB86gClfpAQlGFwNjqkqff4jUU0tU--PQ==
expires
Fri, 30 Sep 2022 03:11:17 GMT
copy_credit.min.js
asset.kompas.com/data/2017/wp/js/ 		970 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/copy_credit.min.js?v=8
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
d3bacce8e3f41a00656a198846c087ebb059dc6934e55aef2d8594837c7af417

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 14:40:33 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1032053
x-cache
Hit from cloudfront
content-length
970
last-modified
Mon, 03 Aug 2020 02:46:29 GMT
server
nginx
etag
"3b51b92cb4fc01197f0f76dbb30f5906"
access-control-allow-methods
GET, OPTION
x-amz-version-id
_4qZK9MVsxtsqdELI2g7l0RfT3EcZmLo
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
eozbjdJxBDeiX1on8o9TLMO1HHvM8xXvhXOSJJjgNYhBl332rfp90w==
expires
Sun, 18 Sep 2022 14:40:33 GMT
onetap_signin.js
asset.kompas.com/data/2017/wp/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/onetap_signin.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6bf4d859b0e1621af7f0b1decc130929f28076ddf6620482930b2fbc7adbc2bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 18:30:00 GMT
content-encoding
gzip
age
1795887
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 04 Dec 2020 08:10:13 GMT
server
nginx
etag
W/"1c2374d696d7d5f9fe6fe1e612a2e051"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
gHx6oqQY.fVJDGRtkj1t5mVt7gfj8C64
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/x-javascript
x-amz-cf-id
wYq6rl3xFtK5NiPs2kBjTqSxGd7FbF4qVBJfyIdZMInaITsey-5cPw==
expires
Fri, 09 Sep 2022 18:30:00 GMT
radio-stream.js
asset.kompas.com/data/2017/wp/js/ 		763 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/radio-stream.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
f052cbb397516de43af89c47844c8574b395f9b9f1dc256e64874470c7f2c4d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 18:08:29 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
1019578
x-cache
Hit from cloudfront
content-length
763
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
"0d8ac745fa49fcb9a5d18f518b7692a5"
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
XxY4S2bw333fBVxqQbSwCBNQKtUICQbC6fW7qHs4LXvNJDQ2KT7sQw==
expires
Sun, 18 Sep 2022 18:08:29 GMT
slick.min.js
asset.kompas.com/data/2017/wp/js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/slick.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 18:30:00 GMT
content-encoding
gzip
age
1795887
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
W/"b53bdfc29e18f4d493d775a8023fbdc8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
fegyBA-OL2ki8yVtjApUvT7yKS-Oc1Ce6gqbHr9QJbkDxnTFm5NEMw==
expires
Fri, 09 Sep 2022 18:30:00 GMT
jquery.sticky-kit.min.js
asset.kompas.com/data/2017/wp/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/jquery.sticky-kit.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 09:05:46 GMT
content-encoding
gzip
age
792941
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
W/"572ffbc4923d823f891cb3ce330e3d8a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
-5NTlwmvFEvPq8Rh31zTXgLccEbGJBFwS_U0hVVyarGK0WyiPxYHlg==
expires
Wed, 21 Sep 2022 09:05:46 GMT
jquery.marquee.min.js
asset.kompas.com/data/2017/wp/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/jquery.marquee.min.js?v=11
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
a09223cb6f35377760ce5de434c5287a88863d4c6091ae659d804cd30358afc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"16489e036665bbc928836137e0d538fc"
age
408443
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
date
Sat, 25 Sep 2021 19:54:04 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
_UePOi-YRrXnkrHcBynaiFJykxwQgNoxwy-BKquvILJCH77UNYOyZw==
expires
Sun, 25 Sep 2022 19:54:04 GMT
jquery.lazyload.min.js
asset.kompas.com/data/2017/wp/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/jquery.lazyload.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:00:38 GMT
content-encoding
gzip
age
1362049
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
W/"5c01d7aff077b4ed0804b71c2e3ab4a1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
msl3PZfgjYKTlkicZYBbdKIpGannRGA17BWVpTgpj_YP3kWLOksSyw==
expires
Wed, 14 Sep 2022 19:00:38 GMT
main.min.js
asset.kompas.com/data/2017/wp/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/main.min.js?v=12
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
49479308d85c50a887c1f89b3a243d05129af3228be5e63c257e8764ca18e045

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 18:30:00 GMT
content-encoding
gzip
age
1795887
x-amz-meta-sha256
49479308d85c50a887c1f89b3a243d05129af3228be5e63c257e8764ca18e045
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 01 Apr 2021 02:13:10 GMT
server
nginx
etag
W/"92238d6fccdc12680ebff201595df081"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
1uqEy73o8a5XjNIl0pr3Zv9WhuwO6.kC
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Fri, 09 Sep 2022 18:30:00 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
4WTqMsWg-5kWLkqDHdh9IxURUeZnZxMChy6P4ZVmHWnSlNi4zf-74A==
x-amz-meta-s3b-last-modified
20210324T125234Z
sso_personalisasi.min.js
asset.kompas.com/data/2021/sso/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/sso/js/sso_personalisasi.min.js?v=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
3791929b82ce96d8c1d8aae13f29e174377349f87fd639cd29c8ed9622a9058e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 20:02:04 GMT
content-encoding
gzip
age
1358363
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 11 Jun 2021 06:06:11 GMT
server
nginx
etag
W/"34d2433ad94ed24d0c751498eca2f83a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
lyeNdji6GEp1QFwp2b2nJAYsPRKZ9Ahg
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/x-javascript
x-amz-cf-id
wDTxSA5Vj6DmiFfLc4Rzn-QJwSv3iPhoRwv30MJ-VwuEPt54R_Cdhg==
expires
Wed, 14 Sep 2022 20:02:04 GMT
extender.min.js
asset.kompas.com/data/2021/sso/js/ 		750 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
414966823f863a649ba7e74ec0d2c5f1bfbb91c10432b93559740c6676055cbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 23:10:53 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
51034
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
750
last-modified
Wed, 29 Sep 2021 23:09:38 GMT
server
nginx
etag
"4c64caf1e1e65587efdffa9e807fdd91"
access-control-allow-methods
GET, OPTION
x-amz-version-id
28P7VowGW95jG7y1rdyFrz99hLvT0cOe
access-control-allow-origin
*
expires
Thu, 29 Sep 2022 23:10:53 GMT
cache-control
max-age=31536000
x-amz-meta-s3b-last-modified
20210929T230646Z
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
rSDDh3IP0BhXEebj_NXP-Byxgtw2Vrq-Xq7aP1u3K9rEQkWLD3cSAw==
x-amz-meta-sha256
414966823f863a649ba7e74ec0d2c5f1bfbb91c10432b93559740c6676055cbf
main-photo-article.min.js
asset.kompas.com/data/2017/wp/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/main-photo-article.min.js?v=6
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
5c28c7a228048ca4a4db876430f296594511001b6c56bca00a3b6cae49981a37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 09:00:14 GMT
content-encoding
gzip
age
2348473
x-amz-meta-sha256
5c28c7a228048ca4a4db876430f296594511001b6c56bca00a3b6cae49981a37
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 02 Sep 2021 04:44:21 GMT
server
nginx
etag
W/"999fa629d3e2d0368c8723d4550f9a79"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
NdnvTRfxTTVoScWc41OnyOKK2VyaPz7d
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Sat, 03 Sep 2022 09:00:14 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
b2hS86uzsXHBqqWN-iaC7WBaG5WPL8g3NjtQnApCypjSGXwBF9RN5g==
x-amz-meta-s3b-last-modified
20210901T113630Z
photoswipe.min.js
asset.kompas.com/data/2017/wp/js/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/photoswipe.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
5299510acf6fe0a5d526f558fa9f914a8e50e2294051787b9298f220fe687727

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"f5cd6479c4e4682545a9603e6b50c741"
age
35936
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
date
Thu, 30 Sep 2021 03:31:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
PqvsJVgl_dqb0LKuD_hktku-sIb7WEe_mCh7SOe85lxdbQCc62ur-w==
expires
Fri, 30 Sep 2022 03:22:31 GMT
photoswipe-ui-default.min.js
asset.kompas.com/data/2017/wp/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/photoswipe-ui-default.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e94d37f48fe6b0d678ade94a23e3238a2c775a7450d64b5b59c2828c24cf668d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"48aa0834aefb0378f1cad1db8a1c5068"
age
502845
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
date
Fri, 24 Sep 2021 17:40:42 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-rgXwaFsgwtAQCViV2PLzREVXnNp4VEqNKaeBG3hhziu1fV1aI7y0w==
expires
Sat, 24 Sep 2022 17:40:42 GMT
main-article.min.js
asset.kompas.com/data/2017/wp/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/main-article.min.js?v=19
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
19e3703108f351bd53f0b9deb2b81dcef86de452481dea85719dc58b800dcdf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 07:43:28 GMT
content-encoding
gzip
age
711479
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 22 Sep 2021 07:26:39 GMT
server
nginx
etag
W/"433d37c8dc11aa8e61dc0cff5638df41"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
FaGKrbV0yjGlcMEDd_VeOYlzGTl_1YTQ
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 07:43:28 GMT
cache-control
max-age=31536000
x-amz-meta-s3b-last-modified
20210921T133152Z
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
xKZ8l0u5fsg7hLH7ZhU4eWXnNSDzOe8g6e9deM4SKyZTwXU8qO_-Zg==
x-amz-meta-sha256
19e3703108f351bd53f0b9deb2b81dcef86de452481dea85719dc58b800dcdf9
bootstrap-datepicker.min.js
asset.kompas.com/data/2017/wp/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/bootstrap-datepicker.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
666d268909c7126eceba7f6bb6a9b79cca2cd14f179d7b33ef0b6532880e2d07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 09:22:22 GMT
content-encoding
gzip
age
791945
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
etag
W/"c25d169118c8aefae7f7f5b0f5a458cf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
mcf7vTe53sasH4a4Le5Bbbkvpa_UZezal7w_fTrAGok35_et-ZQIvA==
expires
Wed, 21 Sep 2022 09:22:22 GMT
jquery.magnific-popup.min.js
asset.kompas.com/data/2017/wp/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2017/wp/js/jquery.magnific-popup.min.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"b37d7edf99565d3858eaa1ad80df3cff"
age
412219
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 12:34:29 GMT
server
nginx
date
Sat, 25 Sep 2021 18:51:08 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
iDTg_s-YSNi8bhDBIimZEqpOxFuVDuTnlDNqtp0FdfSJZ9NG8pJq_g==
expires
Sun, 25 Sep 2022 18:51:08 GMT
firebase-app.js
www.gstatic.com/firebasejs/7.23.0/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.23.0/firebase-app.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
61fbb9b0a6dd750be54d75b8eb16f6aea217aa36df2b4e3a4b80f960a1ca368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 05:52:35 GMT
x-content-type-options
nosniff
age
26932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20120
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 20:48:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Fri, 30 Sep 2022 05:52:35 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/7.23.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.23.0/firebase-messaging.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
b090c352b4698d65d2d9fcd3c4b41e5f50d017e4caa48f2eef492c6a61adffb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 08:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10930
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 20:48:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Fri, 30 Sep 2022 08:14:08 GMT
kompascom.js
asset.kompas.com/kgnotif/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/kgnotif/kompascom.js?v=25
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
06c8934c35e4ba9b90761ad266b549b34f6959534a72097a195cfa02e6913d65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:14:35 GMT
content-encoding
gzip
age
2531212
x-amz-meta-sha256
06c8934c35e4ba9b90761ad266b549b34f6959534a72097a195cfa02e6913d65
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 22 Jul 2021 05:14:00 GMT
server
nginx
etag
W/"1a342f73ebddcf976e963d22fb35fe95"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
AGT9RuhntDMXwT.6xAc4OZfB1Byc_qtE
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Thu, 01 Sep 2022 06:14:35 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
vbWORy__squVYmwNEll084O7w6HjVGlpCk2X9uTPSSO8kqxnf-W5vg==
x-amz-meta-s3b-last-modified
20210722T051214Z
unregissw.js
asset.kompas.com/kgnotif/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/kgnotif/unregissw.js?v=3
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
50aa3752769a7bb77c65de3bcae6ed2cd98178c165b64cf7b25cc5b321c14f59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 23:11:33 GMT
content-encoding
gzip
age
6703794
x-amz-meta-sha256
50aa3752769a7bb77c65de3bcae6ed2cd98178c165b64cf7b25cc5b321c14f59
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 01:38:10 GMT
server
nginx
etag
W/"76d80069526d1917e0dd3adc0b92e2b4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
TCBGOvMKyos1YDRvAgdFjGmnKUqmkpW4
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Thu, 14 Jul 2022 23:11:33 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
6xWlbtJkfbtZaVTcDPDQqKVPFG6zwuqVL6OEwI1ZtQdGBcyJ8txzNw==
x-amz-meta-s3b-last-modified
20210701T013739Z
kgm-verify.css
asset.kompas.com/data/2021/kgmedia/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/kgmedia/kgm-verify.css
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
a638a078f3263e00530705bdad7e8fc2ec4d3d13605728be9299a52684d64a56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:18:36 GMT
content-encoding
gzip
age
583371
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 09:49:21 GMT
server
nginx
etag
W/"70da0aa581b008476049f6271a11033a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
x-amz-version-id
6dpOi.Edgpkir_DEwx4ZijRmECrKuJ8s
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Fri, 23 Sep 2022 19:18:36 GMT
cache-control
max-age=31536000
x-amz-meta-s3b-last-modified
20210623T081055Z
x-amz-cf-pop
DUS51-C1
content-type
text/css
x-amz-cf-id
j05k8FDIfouWjmJRgGi__7sCwYYvjtTv_08kR9Xv4O5bsZEDfhfpzg==
x-amz-meta-sha256
a638a078f3263e00530705bdad7e8fc2ec4d3d13605728be9299a52684d64a56
verify.png
asset.kompas.com/data/2021/kgmedia/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2021/kgmedia/images/verify.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
5d6a1b09de90d6f0c4d6f4350ad72e0a9426bfc7c812ce986e19407d43fa2602

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:18:10 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
2530997
x-amz-meta-sha256
5d6a1b09de90d6f0c4d6f4350ad72e0a9426bfc7c812ce986e19407d43fa2602
x-cache
Hit from cloudfront
content-length
9301
last-modified
Thu, 01 Jul 2021 09:49:07 GMT
server
nginx
etag
"32d9725eafac5b2fa68b526060439976"
access-control-allow-methods
GET, OPTION
x-amz-version-id
WRTjLg.lEDGGVPh3jufS_kI7TPFkYlaQ
access-control-allow-origin
*
expires
Thu, 01 Sep 2022 06:18:10 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
veYcWCk49NkM1Zq2tAZ5S2mZkJrJ82XUZ3dgkfvNTasBOdvYelwjdw==
x-amz-meta-s3b-last-modified
20210630T045540Z
kgm-verify.min.css
asset.kompas.com/data/2021/kgmedia/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/kgmedia/kgm-verify.min.css?v=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8ffaf08f8131e2697b95e64b5d46212a5017a2ae4c4544075ce91e17c9a69e31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
PtbZ_OKwzGKK2qohSjJB7puceApFCgXs
content-encoding
gzip
etag
W/"34053c2c3fd182852dec99a28708c473"
age
550898
x-amz-meta-sha256
8ffaf08f8131e2697b95e64b5d46212a5017a2ae4c4544075ce91e17c9a69e31
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 24 Aug 2021 06:27:21 GMT
server
nginx
date
Fri, 24 Sep 2021 04:19:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
text/css
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
expires
Sat, 24 Sep 2022 04:19:49 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
fhVorcg3YyEWrHsxdxzJRr4oTx34gFi7MARzO0afsiKcl0FWUo3WFg==
x-amz-meta-s3b-last-modified
20210819T154614Z
lengkapi.png
asset.kompas.com/data/2021/kgmedia/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2021/kgmedia/images/lengkapi.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
db75ecbc81d2ee4c8f8f3455f5926c2fe0215506e4e982b006357b80ef4cfe7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
KkcKMYjCal1tFZ4vbwnIkeY15CJSu2I0
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
etag
"f686063a594beed874691222f9951ce1"
age
550879
x-amz-meta-sha256
db75ecbc81d2ee4c8f8f3455f5926c2fe0215506e4e982b006357b80ef4cfe7c
x-cache
Hit from cloudfront
content-length
11327
last-modified
Tue, 24 Aug 2021 06:26:33 GMT
server
nginx
date
Fri, 24 Sep 2021 04:20:08 GMT
access-control-allow-methods
GET, OPTION
content-type
image/png
access-control-allow-origin
*
expires
Sat, 24 Sep 2022 04:20:08 GMT
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
QZTmFlKryntnruEDkckr0uXLzIvdosNUpX-I655T0qHsnlU7xBd3BQ==
x-amz-meta-s3b-last-modified
20210818T103220Z
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f3f99690d0246073c990f3e488c81126cc0d474e94e518d764cfe89b4eeb202

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options
nosniff
age
244430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 17:27:37 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:00:18 GMT
x-content-type-options
nosniff
age
343269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 26 Sep 2022 14:00:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
74987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:40 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:54:04 GMT
x-content-type-options
nosniff
age
206843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 03:54:04 GMT
tag-7be7a6e9e4d40978c46d49b3878028b5.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		161 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7be7a6e9e4d40978c46d49b3878028b5.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=547785&f=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
f723f3954ab9f51a8415544bf47c2e6b90469df0f8eda6b9eff474524b23306a

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:26 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 08:34:32 GMT
server
gfra1
etag
"614aea98-b636"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46646
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=547785&d=tekno.kompas.com&u=D14950907FD11B47C87AADA3A6A9129B7&h=90abf8bacad4fcd0e1cb39f076e4998d&t=false&r=0.7626548450306088
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
truncated
/ 		754 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd97f3fc703caa858d406d13397b8ef9f319e5c5383d75dd9c47180e244bce09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a34bdcd84cfd14960f5cbc1caaaaeb8f2b0a18ac8c94071844e82b71366d50d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a68fef4ce7cd0b5e860e4cd6fac6468cc45feab3d42049542222923fa0a38775

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		958 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
194f86d452cdfc2a9cd6d6bfa91dd28d0e88eb81d8405c9b9e1174d758837709

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
74984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:43 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:37:36 GMT
x-content-type-options
nosniff
age
74631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:37:36 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:37:36 GMT
x-content-type-options
nosniff
age
74631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:37:36 GMT
generic.js
pubs.contextads.live/kgm/kompas/kompas/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubs.contextads.live/kgm/kompas/kompas/generic.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-116.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d49e7aa4b071a77e7b00f7f7d6a6eb57ca27f03d51b1b5e8c27d20ffaabd3313

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 12:49:42 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 13:25:48 GMT
server
AmazonS3
age
2246
etag
W/"8f5198e0856e3a763c5f6a42ad290f2a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
84mDSa7DIDjXF6cOEqQzsrwTfeD5RxijaEyt4FWFTMQQJrNmuT-YYQ==
monitoring-acecfc8.js
cdn.pbstck.com/ 		180 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-acecfc8.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f592773f-0b4f-4e7c-8cef-a1ca0bc0cec6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c766b7b54356369f11ec94ec8c8cc7bf033dcd553c80f7018977ffc2479e58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1292690
x-guploader-uploadid
ADPycdsjFY6C0lzgShroXTR_L1DGQmbeNK66qh3RJ7RwKGRgT7ycDpj9XM4jLecPv_qhobI9ScVRZrHc12EyEV_-T7rTZ6l_bg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50264
last-modified
Wed, 15 Sep 2021 13:46:28 GMT
server
cloudflare
etag
"6fc0cf306d183666163d0b53ff649e8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=bmZHYg==, md5=b8DPMG0YNmYWPQtT/2SejQ==
x-goog-generation
1631713588162370
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=14400, no-transform
x-goog-stored-content-length
50264
accept-ranges
bytes
cf-ray
696dc1262b4c324c-FRA
expires
Thu, 15 Sep 2022 13:46:29 GMT
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Sep 2021 13:21:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		480 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tekno.kompas.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
72df26d9f5c08858a427d925fb9b37ba2af7d908c2ad5f6751971799d85f0b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
expires
Thu, 30 Sep 2021 13:21:28 GMT
tag-e34d9c05c9af0b9addf433a9dbc99f66.js
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-e34d9c05c9af0b9addf433a9dbc99f66.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7be7a6e9e4d40978c46d49b3878028b5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
8281031bec3e76d8a6208e82b6e31094c8d5939e6b45c1fc7b12284ea3f13e1e

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 08:34:32 GMT
server
gfra1
etag
"614aea98-5ca7"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23719
via
1.1 google
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.33.0&cb=37892350310
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:28 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.33.0&referrer=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&tmax=1500
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.149.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-149-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.33.0&cb=77335765164
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
arj
kompascybermedia-d.openx.net/w/1.0/ 		173 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=977d96c6-c5d5-4a92-90b9-37b96f80c995%2C6c563943-4e05-45c7-92b4-8d8fb6c67c8c%2C6bdbf55c-c2c8-4950-b933-96deb7ad11db%2C9aa9d850-0f10-4c67-85f1-d19cf9234e97%2Cc01d9209-553e-4463-bd14-3ffaf96cc659%2Cfe51e6b0-2181-4168-81ba-22363910e232&nocache=1633008088074&ttduuid=&aus=728x90%2C970x90%2C970x250%7C300x600%7C300x250%7C300x250%7C300x250%7C120x600%2C160x600&divIds=div-gpt-ad-Top_1-1%2Cdiv-gpt-ad-Giant%2Cdiv-gpt-ad-Right_3%2Cdiv-gpt-ad-Right_4%2Cdiv-gpt-ad-Right_5%2Cdiv-gpt-ad-Skyscraper&auid=540782269%2C540782269%2C540782269%2C540782269%2C540782269%2C540782269
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
165ea76bbd7b466c664bfb5a6841f857a0bb47ba13907f07fcf4dafcf7245208

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=449983&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22351bf7445755d69%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f0804b8e7305%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22374c994d4fdc6e2%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223808f57369d8576%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22396e4aea544dec8%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22403d9634b6533d9%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241bddfd9dc065db%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22429bb4fe37faa6a%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22436ca2689592b8d%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22100x650%22%7D%2C%22banner%22%3A%7B%22w%22%3A100%2C%22h%22%3A650%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22443c1ca396149d4%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22100x550%22%7D%2C%22banner%22%3A%7B%22w%22%3A100%2C%22h%22%3A550%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245daaeb11420a48%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22100x650%22%7D%2C%22banner%22%3A%7B%22w%22%3A100%2C%22h%22%3A650%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2246c532d04701635%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22100x550%22%7D%2C%22banner%22%3A%7B%22w%22%3A100%2C%22h%22%3A550%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2247303afc5f4d25e%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248d922ce5855319%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%221100x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A1100%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249e1ce3a11acf95%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225057b04adeb945b%22%2C%22ext%22%3A%7B%22siteID%22%3A449983%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
545dfe20ce2aefb945c3d90a2628ea660ae8c79e5ada838e32716baa063cae26

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.204], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tekno.kompas.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Thu, 30 Sep 2021 13:21:28 GMT
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-SpotX-Timing-Transform
0.000295
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000925
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000307
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007402
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000292
X-fe
110
Last-Modified
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003460
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://tekno.kompas.com
X-SpotX-Timing-Page-Misc
0.002091
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.003460
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282227
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282227
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-SpotX-Timing-Transform
0.001267
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001058
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000405
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007603
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000350
X-fe
077
Last-Modified
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002697
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://tekno.kompas.com
X-SpotX-Timing-Page-Misc
0.001792
X-SpotX-Timing-Page-Exception
0.000016
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002697
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 30 Sep 2021 13:21:28 GMT
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
X-SpotX-Timing-Transform
0.000295
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000958
X-spotx-Exception-conf-Message
Channel ID '282137' has no active deals.
X-SpotX-Timing-Page-Require
0.000572
X-fe
103
Connection
keep-alive
X-SpotX-Timing-Page
0.017581
X-SpotX-Timing-Page-Cookie
0.000054
X-spotx-Exception-conf-ID
SPOTMARKET.DEALS_INACTIVE
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000278
Last-Modified
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.001620
X-spotx-Exception-conf-RESULT
failure
Content-Type
application/json
Access-Control-Allow-Origin
https://tekno.kompas.com
X-SpotX-Timing-Page-Misc
0.013775
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.001620
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-SpotX-Timing-Transform
0.000317
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000945
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000339
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000007
X-SpotX-Timing-Page
0.006462
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000301
X-fe
029
Last-Modified
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002942
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://tekno.kompas.com
X-SpotX-Timing-Page-Misc
0.001569
X-SpotX-Timing-Page-Exception
0.000028
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002942
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-SpotX-Timing-Transform
0.000307
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000972
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000447
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.007536
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000389
X-fe
122
Last-Modified
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002833
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://tekno.kompas.com
X-SpotX-Timing-Page-Misc
0.002549
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002833
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hbpost
hb.jixie.io/v2/ 		62 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.77 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
a0a79d3dca32e662c8693d4d80c5020af41534f564892c3dadf51dde66a1c250

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
ETag
51efaea0-21f1-11ec-87b1-99301481a017
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
private, no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Expires
-1
v1
prg8.smartadserver.com/prebid/ 		171 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b5%3b111
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b17%3b133
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b24%3b93
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b21%3b65
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b0%3b119
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b23%3b67
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
bid-request
a.teads.tv/hb/ 		16 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 30 Sep 2021 13:21:28 GMT
bid
ad2.apx.appier.net/v1/prebid/
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=De6RX5SUBn2CS9kC2blVYQ
0
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://tekno.kompas.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 30 Sep 2021 13:21:28 GMT
expires
Fri, 01 Oct 2021 13:21:28 GMT
cache-control
max-age=86400
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age
86400
publishertag.standalone.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a49f1c04f45d6e64cbf54965442768c205f691d29a46cc51d87c18eada62a65b

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/javascript

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-172cc"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Oct 2021 13:21:28 GMT
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&bWlkPTEwOTg2MTQmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MTYmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MTUmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=40349709878
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b189ce66ada47b6df194270dd8b886666b513bb70480d002eb6ccb6fb8c8e0f8

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b8%3b68
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		156 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
797ed5ad90202e8a44dbf1ce3bef816614a91cec8b7bfce76688caa7f23d347a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a421cc07-b3bc-4332-bd08-22208f755b38
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		156 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
379664121649805b2f02092a65e52004d8abc33d8df9b81d61a727994d3e4f3e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
064654f0-319a-46c5-b283-ecf06a03ad57
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		272 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384370&zone_id=2136952&size_id=57&alt_size_ids=116%2C56%2C96%2C175&p_pos=atf&rf=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.21364542095608696&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d487344162f33038d01f2115c1e3662fd4b34f07702063bf3432777dba92bb75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
272
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dsh
hb.adscale.de/ 		11 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.140.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
vary
origin
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&bWlkPTEwOTg2MTkmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MjMmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MjQmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=594527420
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		968 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
52c4bd8d00c6adc1bf1faaaa12be0c700afe80fc656a75e449978f7a092d6d5f

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b15%3b98
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1e60af8fd74b7d88b71b1a42fee0deae63eda1f00c906740057e3d4f49496a0d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0eb29b9f-7710-46a8-bf76-aa7203f9c13b
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		156 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8d4e8209ec5a6385ddb72174854d14868986cea73a1d1ea928f28ed65d347fbb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
04b82f74-a238-4a9e-a499-b4e9f65dc7c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		269 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384370&zone_id=2136972&size_id=10&alt_size_ids=179%2C9%2C48%2C8&p_pos=atf&rf=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2728811025000506&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8dd6c67a0ee6d841aaeb3cdff99652b03fe11f3f479f3eccb05e508f6bcbef20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
269
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dsh
hb.adscale.de/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.140.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
785854753accf3d321e11a8395c821aee6d91bfddde98ce072d9e4ef25831508

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
vary
origin
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&bWlkPTEwOTg2MjUmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MjgmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MzAmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=62688298350
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3df4a444d168014dec6c7196b5649498c765111741cbbe46dd5631f9f7474cde

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b21%3b110
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8832e0dbd9e410aa12af516280c7795486646dc01e4269debb767da8d7859079
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5eecb2b2-1d76-4026-9a66-192655633226
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		155 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4c371ffdd2f27f26b3276ef8fb9746b408bdda38adeb9f6e98201cf485bcee5b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
93e200d4-68c7-4084-a9e5-8fe82be84987
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
155
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		267 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384370&zone_id=2136982&size_id=15&alt_size_ids=14%2C190%2C13%2C19&p_pos=atf&rf=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7695541295723782&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3bdf5ca33a0f0d785c97c4ebc521b8bd192f3c533ade8359c3c2f40b78d035b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dsh
hb.adscale.de/ 		11 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.140.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
vary
origin
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&bWlkPTEwOTg2MzImdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MzEmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MzMmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=67851090925
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		913 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
5d00ab79f3baeac4194c60c99f285de1663e4fb109472ce5c402d0d09079abe6

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b15%3b88
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9905188bb812ee680862ea522df87d10e8d5481245e81f2bd63aa089fa23b76a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bac8b8ec-1f39-4222-8dce-6375aa6d8b4f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		156 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
39d360cb0b90a7e79d4be8740039705942f292349f82ed9363a350ddf252501c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
368ee0a1-ae39-4d85-9e2a-6d866547c7c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		267 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384370&zone_id=2136976&size_id=15&alt_size_ids=14%2C190%2C13%2C19&p_pos=atf&rf=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.11990722650346286&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fc088898b2419e4b96139b7a78c31a644e18e7c3ec4d3d0f069673f0bd5aa8a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dsh
hb.adscale.de/ 		11 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.140.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
vary
origin
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x250%2C250x250%2C200x200%2C240x133%2C300x100%2C180x150&jst=hb&s=4412640&cur=USD&ord=991155991636953.9&tz=0&fl=0&rr=direct&bidid=utreb1r3pspgqr&transac...
  • https://ads.betweendigital.com/adjson?sizes=300x250%2C250x250%2C200x200%2C240x133%2C300x100%2C180x150&jst=hb&s=4412640&cur=USD&ord=991155991636953.9&tz=0&fl=0&rr=direct&bidid=utreb1r3pspgqr&transac...
2 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x250%2C250x250%2C200x200%2C240x133%2C300x100%2C180x150&jst=hb&s=4412640&cur=USD&ord=991155991636953.9&tz=0&fl=0&rr=direct&bidid=utreb1r3pspgqr&transactionid=jjatf8mzrrnjws&auctionid=ofwsmmx6msbvyg&crf=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x250%2C250x250%2C200x200%2C240x133%2C300x100%2C180x150&jst=hb&s=4412640&cur=USD&ord=991155991636953.9&tz=0&fl=0&rr=direct&bidid=utreb1r3pspgqr&transactionid=jjatf8mzrrnjws&auctionid=ofwsmmx6msbvyg&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://tekno.kompas.com
content-length
0
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&bWlkPTEwOTg2MzgmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MzcmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2MzkmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=4784982150
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		156 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e0a727f036891552103c4954208bf66a93474445dce779e65c251399ebe2cf9f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5155aecb-d3b2-45d3-978f-06150354aeeb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
624911ca2663b32fcab22e22984915ff491715a760bd6c21cd3da831cb29c947
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f8999582-1965-4d20-93ca-4f78bb45e719
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		267 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384370&zone_id=2136954&size_id=15&alt_size_ids=14%2C190%2C13%2C19&p_pos=atf&rf=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6973464510795573&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8b360b9cca4ce95cb96706033fbb93159621a60c6c9525a001bd1dc3c00c4f08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dsh
hb.adscale.de/ 		11 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.140.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
vary
origin
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&bWlkPTEwOTg2NDAmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTEuMTE
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2NDEmdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUiZtaW5wPTAuNTM
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTg2NDImdD0xJm1rdz1tYWx3YXJlLHBlbnllZG90LHB1bHNhLGJlcnNlbWJ1bnlpLGxlYmloLGRhcmksYXBsaWthc2ksYW5kcm9pZCZyY3VyPUVVUg
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&ptv=74&av=21&cb=89767508238
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://tekno.kompas.com
date
Thu, 30 Sep 2021 13:21:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a2f12c7309bda86a0e6e42f3870b1390ab5d16b33800cc3b808acb674e097f62

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b20%3b73
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		156 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9b596b187f8af54eed1582c0e0c5ced06e819da2b5bf54679581391a7997e5e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
678dd057-c2d2-456d-adec-d578775088ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
156
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.76 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d8e7f1df3636e402228b29909da13066ad392a3a9bc7c2b6b8b21328a402bfac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.204; 216.131.114.204; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cffa6c0c-467d-4266-b408-7dbb67dc2d7d
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		269 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=384370&zone_id=2136956&size_id=9&alt_size_ids=8%2C36%2C262%2C12&p_pos=atf&rf=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7241094120959453&rp_schain=1.0%2C1!r2b2.cz%2C243%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fa34e51319d8fdae91799d4c03b5dc9ca32fd331ee9f53090f12f6da0aceeda3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
269
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dsh
hb.adscale.de/ 		11 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.140.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-140-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
p3p
CP=NOI PSA OUR
vary
origin
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,700|Roboto:300,300i,400,400i,500,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
74988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:40 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=547785&settings_type=1&vn=7.0&r=0.9633000561628926&exc=1|2|34
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7be7a6e9e4d40978c46d49b3878028b5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0c0f55b71e69eb06cd312476fc01d36d03eb837716c1772c482c44cbc14eea49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
bundle.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		246 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
75430415da3c26478fa49bc40052d97f4c03c54a0cfdfb010dd0ec9f4579c0eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR62-C4
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
69035
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Tue, 28 Sep 2021 04:58:50 GMT
Server
AmazonS3
ETag
W/"857d53d6315eee89319bb71707e0dd5d"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
h22-lWEmeVmUojOL8OQhb8mRXDuPG7RWb7JBS6ACgcmP6I2Bw2SOUA==
/
widget.kompas.com/kompasiana_widget_read/ Frame EBD8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.kompas.com/kompasiana_widget_read/
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-93.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b2e25e0c2ab76b264d1f00953c098844b53595a83be6f9ef30cb2b9e27741f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
widget.kompas.com
:scheme
https
:path
/kompasiana_widget_read/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
cookie
_vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D14950907FD11B47C87AADA3A6A9129B7; _vwo_ds=3%241633008087%3A29.06305793%3A%3A; _vwo_sn=0%3A1; AdTrack-cookies=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1330
date
Thu, 30 Sep 2021 13:21:25 GMT
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
we-hiring
jobs@kompas.com
mail-subject
Join_via_header
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-6UdMpxHwYnv7QjlVPxAdOy6blakI3qjNT9Z28rCETFklbb20kuGug==
age
2
kompas.com.984609.es6.js
jsc.mgid.com/k/o/ 		245 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/k/o/kompas.com.984609.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/o/kompas.com.984609.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee1ef3f729c4eff64cabac710cbbc175fab6db5838e872aea6958b3287b91c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
cf-cache-status
HIT
age
1270
last-modified
Tue, 14 Sep 2021 09:00:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6BG783S547GW0Y3Y
x-amz-id-2
fOrz5ayj6GJRuIu0y4Owv/b79Fcv0tFRDUVn8x6HVCuDRG9EiB3ZQeo86etBXzrG7d+uzSCYaKM=
cf-bgj
minify
server
cloudflare
etag
W/"1a6a3a24f171870fa3bccd50641ec29c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
696dc1279b8bbeab-FRA
expires
Thu, 30 Sep 2021 16:21:28 GMT
list
apis.kompas.com/api/comment/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/comment/list?urlpage=https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&json&limit=1
Requested by
Host: asset.kompas.com
URL: https://asset.kompas.com/data/2017/wp/js/jquery-1.12.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-5.dus51.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
83e1750278f5e5cd715f10959d1d258e54a63703a132818a88a5b133bfd89207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edge-origin-shield-skipped
0
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://tekno.kompas.com
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
private, must-revalidate
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, X-Prototype-Version, Origin, Allow, *
x-amz-cf-id
AHOWvix0sYfc2TczDioICTh0pYQT-q35USQo8SyoOPcj2B3dPhoxNA==
expires
-1
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db92b37dab520e44e2ab6198a53f0f79d602023f093da716780227ccc1f868dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-77DJNQ0227&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT7PC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
24b19b5c186deb7bd940adbf921b88cb72677cdf52f0724c6a7fc05c57167f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49603
x-xss-protection
0
expires
Thu, 30 Sep 2021 13:21:28 GMT
js
www.googletagmanager.com/gtag/ 		125 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7KGEC8EBBM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT7PC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3816a47d8712f0a8faf8cecde125aaa9ba15a5f25468b98f9e2e7bcbb60dee56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49789
x-xss-protection
0
expires
Thu, 30 Sep 2021 13:21:28 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT7PC4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2071
date
Thu, 30 Sep 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 30 Sep 2021 14:46:57 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-114.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
13461242
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
mrvYDfbjSW2vshltM97tFlBtksbdgHj0FQvZh1nKpu6-hNnePA3yPA==
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-134.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:14:17 GMT
content-encoding
gzip
age
431
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
last-modified
Fri, 09 Jul 2021 00:11:37 GMT
server
nginx
etag
W/"60e79439-8e96"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
PekfnBazgwHkCu42hXmsIKDhnjLntOGYoo5qVZqlIt6dT_uqb4uSog==
expires
Thu, 30 Sep 2021 15:14:17 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT7PC4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-134.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 11:55:40 GMT
content-encoding
gzip
age
5148
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
last-modified
Thu, 08 Jul 2021 15:47:37 GMT
server
nginx
etag
W/"60e71e19-5a0d"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ZC8h0jA1aH_nwSHPGlBfWMjLmW9_LLtBrZrCotDwcqNqem2x3m8BiQ==
expires
Thu, 30 Sep 2021 13:55:40 GMT
web-vitals.umd.js
unpkg.com/web-vitals@1.1.1/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT7PC4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
13427283
fly-request-id
01F4B8KNV08N7TBR9G8FAZP5D8
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
696dc1288c0c9754-FRA
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1633008088366&ns_c=UTF-8&c8=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&c7=https%3A%2F%2Ftekno.k...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1633008088366&ns_c=UTF-8&c8=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&c7=https%3A%2F%2Ftekno....
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1633008088366&ns_c=UTF-8&c8=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&c7=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&c9=
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-29.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
Fg164O8EKGQgNujgFyE4pocRiqxsHKcT-rAXTGfHRUks84q4wGU-oQ==

Redirect headers

date
Thu, 30 Sep 2021 13:21:28 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1633008088366&ns_c=UTF-8&c8=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&c7=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&c9=
content-length
340
x-amz-cf-id
OG1aSxXB8GsvSWtLZAJMWNnDEOqB5mUxIo1HKRqKNlsQzeLgYIAx0g==
iav_ia.js
vibecdn.contextads.live/Inarticle/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vibecdn.contextads.live/Inarticle/iav_ia.js?publisher=kompas
Requested by
Host: pubs.contextads.live
URL: https://pubs.contextads.live/kgm/kompas/kompas/generic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-59.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc70d460d45c3128c24a03275200f141247c999c76706b0f918bb5d6017d06a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:09:59 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 09:49:49 GMT
server
AmazonS3
age
65490
etag
W/"2e37301d7d247fe581c5b064e968e437"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
A1RTojDOJAbvJyqX7ixBtO0NpoZX0Lh0CF381ct7YKrCiy-0iWWzZg==
impulse.js
impulse.contextads.live/main/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impulse.contextads.live/main/impulse.js
Requested by
Host: pubs.contextads.live
URL: https://pubs.contextads.live/kgm/kompas/kompas/generic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-128.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66aa8c82a7b17fb6233973de31e7a77fe329a051ac8a5d1e4dde86078b1e9b1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 08:59:36 GMT
server
AmazonS3
age
65049
etag
W/"283d14feaf968b3d997c11f4d6021367"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
GEKqUayELNGGk-InsnEZpFzRKXDazhXHTfRjjr8Vlm7daIejpq2elQ==
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7be7a6e9e4d40978c46d49b3878028b5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 08:34:32 GMT
server
gfra1
etag
"614aea98-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-92.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 18:06:24 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
Age
18386105
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
cMFw5TNUQJUnQcYRtt14b10nHrk8jsY3GwdSVndiAHGo6ajuWDXNlw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
3a641f236a23c5a62a5bfe6a7dc8c739753e908df1e46349a826808466f68afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121639
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Thu, 30 Sep 2021 13:21:28 GMT
3000451
hdrbd.ivstracker.net/hbplacementsservices/ 		284 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hdrbd.ivstracker.net/hbplacementsservices/3000451
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-115.dus51.r.cloudfront.net
Software
/
Resource Hash
4ee8587fb7b13d9c45ea14e423b776ad379558d6294f98d26be03c9872dfb0c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:17:43 GMT
content-encoding
gzip
age
224
x-amzn-requestid
4c7cc5db-5d2c-4dd4-ba66-f0673bbaf626
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
private, max-age=600
x-amzn-trace-id
Root=1-6155b8f7-2bd44f12346d637e36c1c979;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-apigw-id
GenWvEdgSQ0FTmw=
x-amz-cf-id
4qfT4F2hx89KeVj4D4iZ19Wrc3gy5ByMdbYOLdKZhOWxbUUH_aGhXw==
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 0736 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
459
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1anzFDrK8r4Mj%2FpN0I45d%2F9Ase6DVZrfKBO2%2Ffke1l4KXn%2Bq6z9mZUjlGkl6paMjFKcCbfHbT2hZB%2BvvMxj5Kz9QIz3lGTF44k4B96qXQR0BGeki0tGGYV%2FxRqPBUB4RYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
696dc12a0c2f412b-PRG
content-encoding
br
moat-tracker.js
player.ivideosmart.com/ivsplayer/v4/dist/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/assets/moat-tracker.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA2-C1
X-Edge-Origin-Shield-Skipped
0
Akamai-Mon-Iucid-Del
1125181
Content-Length
787
Last-Modified
Tue, 28 Sep 2021 04:58:50 GMT
Server
AmazonS3
Connection
keep-alive
ETag
W/"e487166610c7a5ecb4bb060d5a795b49"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
WP6IuJKwe8fnSHj-rDBWbe0m_Bdsrln7iJi7IYN8jrhBCMB9sn10dA==
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		132 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a51201223a80736c5a8d9304fdcf62cc768ce3b723e973071a428b7b6598abf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35638
x-jsd-version
1.205.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
54509
etag
W/"20f97-M+c+XYnVbCtYpGgSfafxFIzo44w"
x-served-by
cache-fra19171-FRA, cache-hhn4065-HHN
x-jsd-version-type
version
date
Thu, 30 Sep 2021 13:21:28 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
vtt.min.js
cdn.jsdelivr.net/npm/videojs-vtt.js@0.15.3/dist/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-vtt.js@0.15.3/dist/vtt.min.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37fb546f8426b457a1ad6fa0f6eef42a199837d34d79cd3c4df1162c2c19abd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1806873
x-jsd-version
0.15.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7387
etag
W/"52b8-ZERYoLNRSfBtBHiszm8New/vvZs"
x-served-by
cache-fra19151-FRA, cache-hhn4065-HHN
x-jsd-version-type
version
date
Thu, 30 Sep 2021 13:21:28 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hls.js@0.12.4
cdn.jsdelivr.net/npm/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3391796
x-jsd-version
0.12.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
72089
etag
W/"3dcd4-US0fJerQjQ10uxkkIHnJSLvClac"
x-served-by
cache-fra19158-FRA, cache-hhn4065-HHN
x-jsd-version-type
version
date
Thu, 30 Sep 2021 13:21:28 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
763e9270-6319
ivxplayer.ivideosmart.com/prod/widget/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ivxplayer.ivideosmart.com/prod/widget/763e9270-6319?key=d52ab655ffac53d7f87ce76e3d07f4bd&playertype=IVSN&title=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&canonicalUrl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-129.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
7b008d2a29e43c9cc4d5ae37f93af7833a1d553eefbbbbd96a03d750ea39804c

Request headers

Accept
application/json
Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
x-cache
Miss from cloudfront
pragma
no-cache
access-control-allow-origin
https://tekno.kompas.com
etag
W/"2646-d/tRabRklgGF979M+mUlG2tHI5U"
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
private, no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
x-robots-tag
none
x-amz-cf-id
CqG4JQJTQSTjHoFPir4W7nS5r8WGcZ0qAS81dmsKiUa70Kz2wfwoww==
expires
0
partner
sync.search.spotxchange.com/ 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=220182&sync_limit=7&gdpr=0&gdpr_consent=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Thu, 30 Sep 2021 13:21:28 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
99
Connection
keep-alive
Content-Length
0
truncated
/ 		482 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fcb57eb9682bc01ed2a77c8bffe1a5f1c5ab42a20993c4b2e9b729755e3b628

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		949 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed02212bdc9d93554d8645301fb1b7123480302e0492e770bb43c8e13e7b75b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f51166899f96e582bc10b3361c7452d1b54eb4be542b1ae61dc3c57c567c20e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80e112f302dc9e0e4167ec6030a7be016734cbddf0fbcb5bad8476b5290ec39f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame EBD8 		2 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400
Requested by
Host: widget.kompas.com
URL: https://widget.kompas.com/kompasiana_widget_read/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 12:10:05 GMT
server
ESF
date
Thu, 30 Sep 2021 13:21:28 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 30 Sep 2021 13:21:28 GMT
logo-kompasiana.jpg
asset.kompas.com/data/2017/kompasiana_widget_read/ Frame EBD8 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/data/2017/kompasiana_widget_read/logo-kompasiana.jpg
Requested by
Host: widget.kompas.com
URL: https://widget.kompas.com/kompasiana_widget_read/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
d23c8f350cb17509c1ef767faba637a7771d07e2b7c60b5e32a7dc17fce632a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 01:54:06 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age
905242
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
4564
last-modified
Mon, 11 Feb 2019 12:29:51 GMT
server
nginx
etag
"5fff63704bd71f8f37a94e3e02bf53d2"
access-control-allow-methods
GET, OPTION
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
Wk7SSwv18AmzVSou07wcOIzMmKecmzqnFPA7eis44N4VzqQINYoi1A==
expires
Tue, 20 Sep 2022 01:54:06 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&time=1633008088617&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&random_number=3931343816&sess_cookie=076d9ef817c36ddf62867b361db&sess_cookie_flag=1&user_cookie=076d9ef817c36ddf62867b361db&user_cookie_flag=1&dynamic=true&domain=kompas.com&account=bUvni1a8s700gi&jsv=20130128&user_lang=en-US
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-101.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 03:30:19 GMT
Via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
35470
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Edge-Origin-Shield-Skipped
0
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
DUS51-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
ZTnGmC_YiYqqYFSTYqvIUNldH_MWKXK2vaf6vz74a8ZSG6yxSBxY3A==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.139.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-139-3.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
server
Server
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
704d1bedfca2efa710f4fe03c778def86badaf92655095aaec16a7b17146b2bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aae336abd5e6ee1d571aaea262b90f26d91e96e32ecb026127b283c48e5c4907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
IMPL-KOMPAS-KOMPAS-RESP-GENERIC.js
impulse.contextads.live/impulse3/config/kompas/kompas/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impulse.contextads.live/impulse3/config/kompas/kompas/IMPL-KOMPAS-KOMPAS-RESP-GENERIC.js
Requested by
Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-128.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4bb501e8d33eb452124a516e88f2d111ef8bd8fcc93cec49186c6a041e1b088

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 06:34:35 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 05:14:52 GMT
server
AmazonS3
age
24413
etag
W/"9f36e8501944950d143b9b192bb1810f"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
jcPq6VygL7s34Ld0JTQ9mxq_DhdfZr1izyLst25KVwzQU06JMyaP1w==
client
accounts.google.com/gsi/ 		183 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: asset.kompas.com
URL: https://asset.kompas.com/data/2017/wp/js/onetap_signin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f13.1e100.net
Software
ESF /
Resource Hash
c9cdc6408bb334bc6a9ce525cbd281a67f2d38ed80b2417a93174a634e9364e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TMmdzvVq2WpoYP1Jkm+d9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-TMmdzvVq2WpoYP1Jkm+d9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"
expires
Thu, 30 Sep 2021 13:21:28 GMT
user
apis.kompas.com/api/activity/ 		86 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/activity/user
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-5.dus51.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
bde727653fd1cd73e3a4a3ffdc9c9cda85d50782ce9bb3dcac85e56516438eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-C1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
content-length
86
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, X-Prototype-Version, Origin, Allow, *
x-amz-cf-id
Hh5ShS1ZgZAvtkJTG17mftR52ZvwdJyhIAz5d6PGuVK0jXVjZWwFWA==
expires
-1
publisher:getClientId
ampcid.google.com/v1/ 		3 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tekno.kompas.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
analytics.google.com/g/ 		0
368 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-77DJNQ0227&gtm=2oe9r0&_p=761876462&sr=1600x1200&_gaz=1&ul=en-us&cid=127167524.1633008089&_s=1&dl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&dt=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&sid=1633008088&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77DJNQ0227&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-77DJNQ0227&cid=127167524.1633008089&gtm=2oe9r0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77DJNQ0227&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-77DJNQ0227&gtm=2oe9r0&_p=761876462&sr=1600x1200&ul=en-us&cid=127167524.1633008089&_s=2&dl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&dt=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&sid=1633008088&sct=1&seg=1&en=page_view&_c=1&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77DJNQ0227&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7KGEC8EBBM&gtm=2oe9r0&_p=761876462&sr=1600x1200&_gaz=1&ul=en-us&cid=127167524.1633008089&_s=1&dl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&dt=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&sid=1633008088&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KGEC8EBBM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
309 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7KGEC8EBBM&cid=127167524.1633008089&gtm=2oe9r0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KGEC8EBBM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getPublisherConfig
analytics-vibe.contextads.live/inarticle/v2/ 		278 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-vibe.contextads.live/inarticle/v2/getPublisherConfig?publisher_name=kompas&is_device=false
Requested by
Host: vibecdn.contextads.live
URL: https://vibecdn.contextads.live/Inarticle/iav_ia.js?publisher=kompas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-109.dus51.r.cloudfront.net
Software
nginx/1.17.10 /
Resource Hash
dfd3f2df49d146d9503ac579a2912e2dda56ffb82871e2234d4286228780f619

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
gzip
server
nginx/1.17.10
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-amz-cf-id
ahCBEriN665dlv9IVIoUFCCfBPShU8kskMs-3XOpphiduVL4ylIZvA==
via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 UTC
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame EBD8 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:18:36 GMT
x-content-type-options
nosniff
age
86572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 13:18:36 GMT
syncframe
gum.criteo.com/ Frame E24B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tekno.kompas.com
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=tekno.kompas.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2544
set-cookie
uid=e093ddf1-15a1-4f76-aad1-e9b5886e8001; expires=Tue, 25 Oct 2022 13:21:28 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 30 Sep 2021 13:21:28 GMT
content-length
4666
truncated
/ 		595 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfd8bec1c0307dee8fb9d208adab683229d71d48cf9c546dae1a312ffde440af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker_2_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
58adf5ce2ab609ac7692da19eba9cfc7de26ad88b82b3bb8eced6c238a14fb40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tekno.kompas.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 30 Oct 2021 13:21:28 GMT
dac.min.js
dac.contextads.live/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dac.contextads.live/dac.min.js
Requested by
Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffd6323ee142840bba7354a6b6ae5979a9b0d8a5aae2224b8be4844bfcd57de3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:45:06 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 18:31:04 GMT
server
AmazonS3
age
84983
etag
W/"88d32490a4127ecd4d03bb7435735f92"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
o0fHhkW6tQXdAxMJgk0Es4YH7UP8sETk_L7-LpV1yyol8qTQxEfFPQ==
osm
ad.jixie.io/v2/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.jixie.io/v2/osm?source=osm&unit=1000008-iT3q5Ci4Ry&pageurl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&domain=tekno.kompas.com&fixedheight=400&maxwidth=546
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jxosm.1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.121.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-121-89.ap-southeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
c1c798aa2fae7dc4bc44cdd9edd966e3bf19dbe051c7a3efbba92c63e2167761

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
x-powered-by
Express
etag
51efaea0-21f1-11ec-87b1-99301481a017
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
-1
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		0
0
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3374285-20&cid=127167524.1633008089&jid=1297424117&gjid=1387358851&_gid=1519758513.1633008089&_u=6DDAgEADQAQCAE~&z=1697257973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 30 Sep 2021 13:21:28 GMT
content-type
text/plain
access-control-allow-origin
https://tekno.kompas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-M67X3CX&t=gtm5&cid=127167524.1633008089
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
9bfa2b8cc24aa8a21d4a41f7fa53cd15b2e355d4146407217796c48910aaee33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37112
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Sep 2021 13:21:28 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=761876462&t=pageview&_s=1&dl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&ul=en-us&de=UTF-8&dt=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6DDAgEADQAQC~&jid=1297424117&gjid=1387358851&cid=127167524.1633008089&tid=UA-3374285-20&_gid=1519758513.1633008089&gtm=2wg9r0PT7PC4&cd1=Tekno&cd2=Internet&cd3=Bill%20Clinten&cd4=Reska%20K.%20Nistanto&cd5=&cd6=Standard&cd7=2021-09-30%2014%3A03%3A00&cd10=Phone%20Arena&cd11=615&cd12=Android&cd13=0&cd20=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&cd21=1688&cd22=607&cd23=2021&cd24=8&cd25=30&cd28=&cd29=&cd31=Android%2C%20Malware%2C%20GriftHorse&z=284905156
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 17:02:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73139
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=kompas.com&p=%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&u=CzSZ0fDlptbJDDad8l&d=tekno.kompas.com&g=66130&g0=Tekno%2CTekno%20-%20Internet&g1=Reska%20K.%20Nistanto&n=1&f=00001&c=0&x=0&m=0&y=12998&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1264&t=DvszOoCkljVYBiUHHfCnwTUH-cBtg&V=128&i=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&tz=0&sn=1&sv=n9ybiCDVmJZD4JUwGBlHf8qDC9pqZ&sd=1&im=061b2fff&_
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.28.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-28-94.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
user
traid.jixie.io/api/ 		115 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/user?info=interests-short,intends-short&idlist=bae09a2c-caaf-412a-aa09-7bfd359f3189:ttd
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker_2_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
f175f4f29a964595e5693a52ae02cbdf42928a66c35aa2418ca35fdaac90e7a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:28 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
W/"73-GVtTVMltAGF9UeBAcMcvsD3rWS8"
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
style
accounts.google.com/gsi/ 		658 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.Izn7dtzVzSQ.O/am=chE/d=1/rs=AF0KOtVbtTyGrisZujTx_IAac_zQe9_IaA/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f13.1e100.net
Software
ESF /
Resource Hash
bf3b24767fc257674429212a2270b44f3345e9b9006807c19b146487aa596ae5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tro3eTkDZyWrJsRgOez0wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-Tro3eTkDZyWrJsRgOez0wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"
expires
Thu, 30 Sep 2021 13:21:29 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3374285-20&cid=127167524.1633008089&jid=1297424117&_u=6DDAgEADQAQCAE~&z=899434756
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idsync
sync.aralego.com/ Frame 0736
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/27790edb-8427-3e87-8c1b-e43cb07ba4e5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-INfBIXNE2oVDyhgl57GWYNVvjmurx094ZlAArpU-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=bae09a2c-caaf-412a-aa09-7bfd359f3189
0
0
bridge3.482.0_en.html
imasdk.googleapis.com/js/core/ Frame FEAB 		576 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.482.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193423
date
Tue, 28 Sep 2021 07:35:12 GMT
expires
Wed, 28 Sep 2022 07:35:12 GMT
last-modified
Thu, 23 Sep 2021 13:33:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
193577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Sep 2021 13:21:29 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&page-ref=&cha...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&page-ref&ch...
167 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A307008219590%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A1046176129%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Ati%3A2%3Ast%3A1633008089
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
4e4b39ab33a232afc6f0098e8d9c679a4fbb37a966d9cf13f3e7528ad5a328dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 30-Sep-2021 13:21:29 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Thu, 30-Sep-2021 13:21:29 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
last-modified
Thu, 30-Sep-2021 13:21:29 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A307008219590%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A1046176129%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Ati%3A2%3Ast%3A1633008089
strict-transport-security
max-age=31536000
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 30-Sep-2021 13:21:29 GMT
1
mc.yandex.ru/watch/49007009/
Redirect Chain
  • https://mc.yandex.ru/watch/49007009?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charse...
  • https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&char...
350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A957815708914%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A690819154%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633008089%3At%3AMalware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
dd7750aa50f4c6d1c433e21b4382c3a11d47a89929e297517a96575f3bf7e6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 30-Sep-2021 13:21:29 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 30-Sep-2021 13:21:29 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
last-modified
Thu, 30-Sep-2021 13:21:29 GMT
location
/watch/49007009/1?wmode=7&page-url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afp%3A298%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A957815708914%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A690819154%3Arqn%3A1%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633008087634%3Ads%3A1%2C27%2C26%2C13%2C0%2C0%2C%2C1072%2C50%2C%2C%2C%2C1138%3Adsn%3A0%2C28%2C26%2C13%2C0%2C0%2C%2C1062%2C51%2C%2C%2C%2C1137%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633008089%3At%3AMalware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android
strict-transport-security
max-age=31536000
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 30-Sep-2021 13:21:29 GMT
truncated
/ 		646 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d199e96a59a34886f7576a166410a0a8a8d17d1dcd900d4c3be355565f36b0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a7c0597f9deac9d1fb1fef594d0284dbcfe60462c7af1c4316a12bc96801faa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f411007a91c239980468b9c78a239e8fb25935cb39aa8ee291c9af5d9916647

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adc9653265270d5780d70626bb304f1016dc71581ac4ccac28968a76b3a0873

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		992 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35d73aa0a10654d0ccf34049448c438a47f1d29bd7e77383cbd7dc0a97cb193b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
advert.gif
mc.yandex.ru/metrika/ 		43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 30 Sep 2021 14:21:29 GMT
json
gum.criteo.com/sid/ Frame E24B 		433 B
527 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=kompas.com&sn=ChromeSyncframe&so=0&topUrl=tekno.kompas.com&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tekno.kompas.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
32f9195fac865181eeb0ea408c61a07b98641559aff48daf10ef40561f075357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tekno.kompas.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 30 Sep 2021 13:21:28 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3065
expires
0
blank.html
dac.contextads.live/ Frame C3E5 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dac.contextads.live/blank.html?url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&amp=false
Requested by
Host: dac.contextads.live
URL: https://dac.contextads.live/dac.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4a0b095a84e1405fd830aff4a6fc1c7e9f8634ae68f3660adc0304c8c5b3a32

Request headers

:method
GET
:authority
dac.contextads.live
:scheme
https
:path
/blank.html?url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&amp=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

content-type
text/html
last-modified
Tue, 15 Jun 2021 18:31:04 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
gzip
date
Wed, 29 Sep 2021 23:16:03 GMT
etag
W/"11de4e828b74e76169c84d9572721885"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
CzY4Q5SeHLLWg1xJMxw0jiGeqKx5k7sObvXtA5DO_rR82trupCcY5Q==
age
50727
article.php
delivery.contextads.live/www/delivery/Outstream/delivery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.contextads.live/www/delivery/Outstream/delivery/article.php?zoneid=6275&cb=41576225978&charset=UTF-8&loc=https%3A//tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&display_width=1600&containerId=_forkInArticleAdContainer&product=vibe
Requested by
Host: vibecdn.contextads.live
URL: https://vibecdn.contextads.live/Inarticle/iav_ia.js?publisher=kompas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-59.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
4c28ab8dc667cf83d42a885b8a5adbff95e1d3ba47be93c7e99dd7ba87e92a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
p3p
CP="CUR ADM OUR NOR STA NID"
etag
18fbfe02d61e057e2e977d01846b64a3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600
expire
Thu, 30 Sep 2021 14:21:29 GMT
x-amz-cf-id
d4hiYw63_syhIitUjdkZeVTwqfuCjyW265wna7PSOXa_GiQRNGQm6Q==
client
api-cengine.forkcdn.com/ Frame C3E5 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cengine.forkcdn.com/client?url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&device=desktop&product=audience
Requested by
Host: dac.contextads.live
URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-91.dus51.r.cloudfront.net
Software
nginx/1.17.10 / Express
Resource Hash
20e6f33cc3b17623923e9c04c0e18b781c115240a4984016eef76b4486ee56a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dac.contextads.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
etag
W/"924-Yol9rD1JqB8OMzMbFKqcRsZTM+s"
server
nginx/1.17.10
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
BBVwDIlQhRlAdRFnaRD-8BUEOK71q4C9AfFtOYWiLVZtVnwQ5VEYRw==
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
default-hotspots.js
player.ivideosmart.com/ivshotspots/js/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivshotspots/js/default-hotspots.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9ac442b673ba2d232f592393f82260ece7d59a4105aab8894586cfedbdb340ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR61-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
10806
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Tue, 21 Sep 2021 09:40:54 GMT
Server
AmazonS3
ETag
W/"3b1c936b69d69f0174ccc87f29308378"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
K9Vs-_-BMPZaE8Y80CC-kJLRH-DJgV6ScN3KV8mE3S7hm5rE9ezP1Q==
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/ 		2 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1262838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGKUVuqyXRm%2FmBm3YGgiegPCnCuwF4%2Fa6Cn3oO2NXrfP7yo%2FWrh2%2BbhzHmPoTpIl%2FImLAiDATRhywK0BAA83KEw17P4S%2Bm3LIHYH0GXeGv0tCEKYWfocRQUXqlLy76%2FlMV78Es%2Br"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
696dc12dede496f2-FRA
expires
Tue, 20 Sep 2022 13:21:29 GMT
tiny-slider.js
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1508512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11404
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-7bfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDtb6fupEz%2BUqKmj62UDJ4pE8QR4%2FPnGUHnJsTjrnnKbGZF0gMEZywq%2FRY1I5bVgePMgsQtJBtAsKPx6Z2LQPwmtJuVR1TnLw4VFuSwTOgWJBLkltyPTYxRGhrKG%2BUWtmpq36anZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
696dc12dede596f2-FRA
expires
Tue, 20 Sep 2022 13:21:29 GMT
3000513-1759235-master.m3u8
3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/ 		300 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/3000513-1759235-master.m3u8?Expires=1633015289&Key-Pair-Id=K2NBAOB0YS34PG&Signature=OfulAR6J-LzAk-NG8tv9DbFRkjHxifnWRH7wRlsL9j882jti~qWRQv-~J0oaZs~K~50VH8zqc3QzuFL-yfOhmWRBoET0Cvql2bvgEMbNPqYbQw7SIe8Gm7uR4UmIqQ1RCYLMILGVAOiOfjJppQ0~WVJIienb4MfVpZSS5wCgsUY2CUtChBnsCyGa40rCWkbN2hhYvhSnYoUeBk09u4wxnddvfBco87KH2lLZYNohZ7IpwDl~h2s2CGmNQK6IxQaRktDJZstmMjstSs-1Y03hS8MEchCl2uxKmUt7l2d4U5L3dgxYEdmmqFX3A-y9DPlSsYFq-V8GZOdnyOAkdIepBQ__
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-32.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5f254bce70e103010742bc88d8176a7e19831978ed8887c8f48a4bd824cf0a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
300
last-modified
Mon, 30 Aug 2021 06:14:38 GMT
server
AmazonS3
etag
"21d962f177ab89e7f75bf29e74b86aa4"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
Y0fHEaOLCAe5RqTAJ13Jn21aGqS-5blwKjnK_pb9o9cXC30HoT0PvA==
pageLoad
p-events.ivideosmart.com/prod/v1/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-events.ivideosmart.com/prod/v1/pageLoad?clientCity=Newark&clientConnType=Corporate&clientCountry=US&clientGroup=099&clientID=ab686a27-39ad-4602-ba22-ea2229f14277&clientIsp=KeepItSafe%2C%20Inc&containerID=Kompas-techno&cpID=3000513&cpName=Kompas.com&device=others&domainAppName=tekno.kompas.com&engVersion=0&eventAction=pageLoad&eventPlayhead=0&eventStarted=mute&eventTime=685&isOutstream=0&pageArticleID=2976307d2b54c167bd3205c0b6d90c66&pageID=1633008088575-1a39e8544d4f3&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.83.3&productID=763e9270-6319&productName=IVSN&referrer=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&spID=3000451&spName=Kompas.com&videoDuration=83&videoID=1759235&videoPlayedDuration=0&videoRequestId=1633008088592-89fd8188d4bac&videoTitle=Hati-hati%2C%20Ini%20Daftar%20Aplikasi%20Terinfeksi%20Virus%20Joker%20yang%20Bisa%20Sedot%20Rekening&videoType=ivideostream&__token__=st=1633008089~exp=1633015289~acl=/*~id=orvoi608n5f~hmac=71e149f46421545785b1fab22a01689dcfaee7ec2cd9b4efdc0890db67e97225
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto
http
Akamai-Mon-Iucid-Del
1190329
CDN-Origin-Protocol
HTTP
Content-Length
0
Content-Type
application/json
playerViewable
p-events.ivideosmart.com/prod/v1/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-events.ivideosmart.com/prod/v1/playerViewable?clientCity=Newark&clientConnType=Corporate&clientCountry=US&clientGroup=099&clientID=ab686a27-39ad-4602-ba22-ea2229f14277&clientIsp=KeepItSafe%2C%20Inc&containerID=Kompas-techno&cpID=3000513&cpName=Kompas.com&device=others&domainAppName=tekno.kompas.com&engVersion=0&eventAction=playerViewable&eventPlayhead=0&eventStarted=mute&eventTime=688&isOutstream=0&pageArticleID=2976307d2b54c167bd3205c0b6d90c66&pageID=1633008088575-1a39e8544d4f3&playerFlag=AD_nAndmTimePlay&playerMajorVersion=4&playerVersion=v4.83.3&productID=763e9270-6319&productName=IVSN&referrer=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&spID=3000451&spName=Kompas.com&videoDuration=83&videoID=1759235&videoPlayedDuration=0&videoRequestId=1633008088592-89fd8188d4bac&videoTitle=Hati-hati%2C%20Ini%20Daftar%20Aplikasi%20Terinfeksi%20Virus%20Joker%20yang%20Bisa%20Sedot%20Rekening&videoType=ivideostream&__token__=st=1633008089~exp=1633015289~acl=/*~id=orvoi608n5f~hmac=71e149f46421545785b1fab22a01689dcfaee7ec2cd9b4efdc0890db67e97225
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Forward-Proto
http
Akamai-Mon-Iucid-Del
1190329
CDN-Origin-Protocol
HTTP
Content-Length
0
Content-Type
application/json
truncated
/ 		540 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd5a327cacc6d55aaf0fbd27f6c312e0dfeac90d75c625ef085d0b7cf076886c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
935878f57587be49f9e316c6b60588818dd45b507a5882b5195c38cc52c0a5f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9412.VEk6M8NwXSzyaNiOGVF7WIVmCpgJhHmwyurliufN2Igc-_MLx1gKPN44EkqeEKzi.ME7aY_k8ksHdyZuxBGjFkozPcyc%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9412.lpO5ofy8OGUGNzu7cJ4OfmQrfEezNhmqh2pWV34ixWLU07Zc_mj_c-jofJ4MXO-OyZjZI1IB27DWbFeGuOvipfc7Wb1-OvVRPLaS7LPZ760%2C.tSGQziH0yFGb5cM95flNg_JOIp...
43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9412.lpO5ofy8OGUGNzu7cJ4OfmQrfEezNhmqh2pWV34ixWLU07Zc_mj_c-jofJ4MXO-OyZjZI1IB27DWbFeGuOvipfc7Wb1-OvVRPLaS7LPZ760%2C.tSGQziH0yFGb5cM95flNg_JOIpw%2C
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.47.36.118 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9412.lpO5ofy8OGUGNzu7cJ4OfmQrfEezNhmqh2pWV34ixWLU07Zc_mj_c-jofJ4MXO-OyZjZI1IB27DWbFeGuOvipfc7Wb1-OvVRPLaS7LPZ760%2C.tSGQziH0yFGb5cM95flNg_JOIpw%2C
date
Thu, 30 Sep 2021 13:21:29 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.ru/watch/49007009/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Ftekno.kompas.com%2FpageLoad&page-ref=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A1%3Als%3A957815708914%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A899221034%3Arqn%3A2%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633008087634%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633008089%3At%3AMalware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
last-modified
Thu, 30-Sep-2021 13:21:29 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 30-Sep-2021 13:21:29 GMT
1
mc.yandex.ru/watch/49007009/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49007009/1?page-url=goal%3A%2F%2Ftekno.kompas.com%2FplayerViewable&page-ref=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A4phzp5uweggzi70qc%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A1%3Als%3A957815708914%3Ahid%3A631672363%3Az%3A0%3Ai%3A20210930132129%3Aet%3A1633008089%3Ac%3A1%3Arn%3A434253871%3Arqn%3A3%3Au%3A1633008089875756401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633008087634%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633008089%3At%3AMalware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
last-modified
Thu, 30-Sep-2021 13:21:29 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://tekno.kompas.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 30-Sep-2021 13:21:29 GMT
rtb_ajs.php
delivery.contextads.live/www/delivery/rtb/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=518&cb=33968539153&charset=UTF-8&loc=https%3A//tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&containerId=impulseadcontainer&product=impulse
Requested by
Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-59.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
a07991e85e7815bf5ffc703781daede8f6748335031e3ce419799942b38001f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
p3p
CP="CUR ADM OUR NOR STA NID"
etag
18fbfe02d61e057e2e977d01846b64a3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600
expire
Thu, 30 Sep 2021 14:21:29 GMT
x-amz-cf-id
6l_4u3-bjlBMjzRSP0MzGpqy3k32FCcR3-H_6l3UYH1GO5Q7efXbGA==
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 11:58:50 GMT
server
ESF
date
Thu, 30 Sep 2021 13:21:29 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 30 Sep 2021 13:21:29 GMT
css
fonts.googleapis.com/ 		3 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 11:58:06 GMT
server
ESF
date
Thu, 30 Sep 2021 13:21:29 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 30 Sep 2021 13:21:29 GMT
native-loader.js
video.unrulymedia.com/native/ Frame 235E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34c35a7c463e757c7b517a0c144da5ff0bab882f7eef4db3b79391a7e53f9884

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:13:14 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 29 Sep 2021 09:01:46 GMT
server
AmazonS3
age
496
etag
W/"c1cb67f5178d80bdd444baa4dd06c071"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control
max-age=600
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
fix8bmUPaj-OqxGF37EuGWHStJB14ZKlOOZKlfObnRxtp4kWfV6RiA==
ad
traid.jixie.io/sync/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/ad?jxlb=1&cid=1005&cpid=287&source=osm&adtype=osm&engine=std.2.720&client_id=51efaea0-21f1-11ec-87b1-99301481a017&offerid=na&unit=1000008-iT3q5Ci4Ry&pageurl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&domain=tekno.kompas.com&sid=1633008088-51efaea0-21f1-11ec-87b1-99301481a017&device=desktop&sessionts=1633008089299&jxub=2&jxtok=3040021e0505af6baec6db5ae68d4b54caf0803e331cb8f179063e3b19a577c7090b021e0fd20b44be082637abc2640e497e886cdec7ebabafbe593279e048a8f271&action=response&stackidx=0&stackdepth=4&vers=v2.1&msoffset0=550&msoffset1=9
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jxosm.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tekno.kompas.com
Date
Thu, 30 Sep 2021 13:21:29 GMT
Cache-Control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
gethotspotsjson
a.ivstracker.net/prod/ 		113 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ivstracker.net/prod/gethotspotsjson?device=desktop&cpid=3000513&spid=3000451&videoid=1759235&clientid=ab686a27-39ad-4602-ba22-ea2229f14277&bucket=014&iabcategoryid=12&country=US&isp=KeepItSafe%2C%20Inc&brand=Other&os=Windows&domain=tekno.kompas.com&pageurl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&widgetid=763e9270-6319&playlistid=2478&playertype=IVSN&iabcategory=News%20and%20Politics
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-99.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
cc8677fc071a55c236b392ed4d3b52b9cd019c2f2bf7ce27e74538fe408dad9b

Request headers

Accept
application/json
Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
etag
W/"71-3F8A7RjG40Ozuxt1hUgbxKynkPE"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tekno.kompas.com
access-control-allow-credentials
true
content-length
113
x-amz-cf-id
AWq-Dl4Vr7sgddLNbX9mdIOkb3WT9QfCOzG-BTcQSC1lNjWGn9DoTw==
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:35:54 GMT
x-content-type-options
nosniff
age
74735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:35:54 GMT
1759235
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1759235?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
546299ba5db3e5230b97bc5f19132f8b16460c6f74090f1c19df1fe8f0b6e710

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2804
1782625
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1782625?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
19294bb2b8f1cf4f27e0d5b312d37e70903e3321810d9f68f7fd8c25a44e4d14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2652
1711651
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1711651?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9a2b303ba37286cf5782c3dbcf6e2d9a45ceb0b2d6e6459c7430a2cb6e584bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2900
1726283
ivx-image.ivideosmart.com/serve/image/video/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1726283?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7e3dca5b0a664e47e47eaf1ca740768b82926d0c98370b43a09349f4bc443641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2119
1684230
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1684230?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6ef8a3b3e5c0cfd3627c0775919eff6d31ad22ee5e441b086be1820859c80c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
3249
1676966
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1676966?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fd0a0f7f3fb429f9c99a2566590e18ab599b6af4e14c1ed20c926d21d989db84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2720
1673525
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1673525?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e0f8924bf913c5fb02d60cea21d6be6b17117c1ccd770ea2b9736665148fb931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2889
1666458
ivx-image.ivideosmart.com/serve/image/video/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivx-image.ivideosmart.com/serve/image/video/1666458?width=110
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-19.deploy.static.akamaitechnologies.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
689ef583803c0223d89b0658bfa9b882739bbb3d557167d36934618006cf357e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Akamai-Mon-Iucid-Del
1141586
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
2902
ping
audience.contextads.live/ Frame C3E5 		0
0
systemSkin.json
video.unrulymedia.com/system-skin/ Frame 235E 		167 B
765 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/system-skin/systemSkin.json
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c0c2dfbd850be72ff00c5f4224808fd6e7ecefe530d3fdd72609c9fe12d58dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:55:19 GMT
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
69971
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
167
x-amz-expiration
expiry-date="Mon, 24 Apr 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Sun, 25 Apr 2021 09:19:13 GMT
server
AmazonS3
etag
"3064577a4cc523eced224b4a1d3d20e4"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://tekno.kompas.com
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
kSXh8UIV30t4g5EsuU9ymC5bVqg9cAXLtzvi8LkMFldjOoqkk7humw==
et_v1.0.1725-0-g1e62d93.js
video.unrulymedia.com/native/ Frame C0F3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1725-0-g1e62d93.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2446608ca2ed548412f271011fdbd5211d2185d36c9cbda317b0ef910ed8130

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:15:47 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
101143
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://tekno.kompas.com
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 29 Sep 2021 09:01:40 GMT
server
AmazonS3
etag
W/"3f6c45d3617c6ac7973a1c388ed104c7"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
GA9QeGog_tJcAm6zCdu52aKyIpr1xQ_WIIo04nQ-h4kE77qaS4EGBA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame C0F3 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 29 Sep 2022 19:09:05 GMT
img
rx-stats3.unrulymedia.com/trackedevent/ Frame 235E 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=17c36ddf99b22b0c4d7c164&clientver=v1.0.1725-0-g1e62d93&siteid=218003&iframe=true&compat=BackCompat&pageloadid=17c36ddf99b9de33a32a9e&cb=1633008089499&siteenv=html&doc_type=outstream_pread_event
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1633008089511674637606&ogtitle=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&uniqId=17997&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&lu=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&sessionId=6155b9da-06c1b&pageView=1&pvid=17c36ddf9a7af911f04&site=525060&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/o/kompas.com.984609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
696dc12fec5e1786-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
br
cf-cache-status
HIT
age
3499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
696dc12fdc481786-FRA
expires
Fri, 01 Oct 2021 13:21:29 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
br
cf-cache-status
HIT
age
5351
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
696dc12fdc471786-FRA
expires
Fri, 01 Oct 2021 13:21:29 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tekno.kompas.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		360 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97063815016700&correlator=1568319026389247&output=ldjh&impl=fifs&eid=31062913%2C44749396%2C31061165%2C44748553&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20210930&iu_parts=31800665%2CKOMPAS.COM%2Ctekno&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x600%2C300x250%2C300x250%2C300x250%2C160x600%7C120x600%7C100x650%7C100x550%2C160x600%7C120x600%7C100x650%7C100x550%2C468x60%7C1100x50%2C1x1%2C1x1%2C120x600%7C160x600%2C1x1&ists=13&prev_scp=Pos%3DTop_1%7CPos%3DGiant%26hb_format_r2b2%3Dbanner%26hb_source_r2b2%3Dclient%26hb_size_r2b2%3D300x600%26hb_pb_r2b2%3D0.09%26hb_adid_r2b2%3D69f214c3ef84b0f%26hb_bidder_r2b2%3Dr2b2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.09%26hb_adid%3D69f214c3ef84b0f%26hb_bidder%3Dr2b2%7CPos%3DRight_3%7CPos%3DRight_4%26hb_format_r2b2%3Dbanner%26hb_source_r2b2%3Dclient%26hb_size_r2b2%3D300x250%26hb_pb_r2b2%3D0.00%26hb_adid_r2b2%3D718fc014b82e98b%26hb_bidder_r2b2%3Dr2b2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D718fc014b82e98b%26hb_bidder%3Dr2b2%7CPos%3DRight_5%7CPos%3DSkin_Left%7CPos%3DSkin_Right%7CPos%3DHorizontal_Ad%7CPos%3DOverlay%7Cpos%3Dadbro%7CPos%3DSkyscraper%7CPos%3Dnative_banner_article&eri=1&cust_params=currentUrl%3D2021%252F09%252F30%252F14030047%26page%3Dpage_1%26safe_branding%3Dyes%26keyword_targetting1%3Dno%26keyword_targetting2%3Dyes%26keyword_targetting3%3Dno%26keyword_targetting4%3Dno%26keyword_targetting5%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1633008089&dt=1633008089631&dlt=1633008087692&idt=786&frm=20&biw=1600&bih=1200&oid=3&adxs=265%2C1035%2C1035%2C1035%2C1035%2C90%2C1350%2C250%2C265%2C265%2C265%2C444&adys=170%2C856%2C1476%2C3087%2C7134%2C165%2C165%2C1140%2C1497%2C1497%2C1497%2C7338&adks=1577573204%2C1671940736%2C2432952897%2C2432952896%2C2432952899%2C2531470432%2C1423836790%2C1365487711%2C2013372645%2C755128128%2C3451396596%2C2613528853&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1070x90%7C300x600%7C300x0%7C300x250%7C300x250%7C160x-1%7C160x-1%7C1100x-1%7C740x0%7C740x0%7C160x600%7C545x349&msz=1070x90%7C300x0%7C300x0%7C300x250%7C300x0%7C160x-1%7C160x-1%7C1100x-1%7C740x0%7C0x0%7C160x0%7C545x349&ga_vid=127167524.1633008089&ga_sid=1633008090&ga_hid=761876462&ga_fc=false&fws=512%2C0%2C512%2C512%2C0%2C512%2C512%2C512%2C0%2C128%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C0%7C0%7C4%7C5%7C6%7C7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGJb097bDL0UAAAAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8b46d44842cf517032986a3dcc7a9dc9154d7b1fb9affdb9760ed99426409bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42822
x-xss-protection
0
google-lineitem-id
-1,5693104272,-1,-1,5797809745,-1,-1,-1,-2,-2,-1,5793415586
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138350040451,-1,-1,138365494981,-1,-1,-1,-2,-2,-1,138364722208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tekno.kompas.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9065 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 30 Sep 2021 13:21:29 GMT
expires
Fri, 30 Sep 2022 13:21:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/jixie/prebid-unified.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Oct 2021 13:21:29 GMT
native_v1.0.1725-0-g1e62d93.js
video.unrulymedia.com/native/ Frame C0F3 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1725-0-g1e62d93.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88edc1e10ddd7fc9baf2a95fb59c505c092b11d8b4a80d60a1da48d2d4ab44df

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 10:13:16 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
97694
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://tekno.kompas.com
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 29 Sep 2021 09:01:38 GMT
server
AmazonS3
etag
W/"f499cc2bb3db1a4ebd6d38e13f7e4ff8"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
26grkOYZ6XBzNeInE9UBVXFZudm4b8xWaF99EaeH5prxShNwXEY-Xg==
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=native_ad_load&videoplcmt=%5B%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008089698
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
prod
traid.jixie.io/sync/ 		180 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker_2_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
3d2e61952526799072f16af89e0e55c8c3469bbf714a67f81c5608046b9d64c8

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
51efaea0-21f1-11ec-87b1-99301481a017
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tekno.kompas.com
Cache-Control
private
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
HTTP/1.1
Server
20.44.221.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://tekno.kompas.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
Access-Control-Allow-Origin
https://tekno.kompas.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers
content-type
Date
Thu, 30 Sep 2021 13:21:29 GMT
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=consent&videoplcmt=%5B%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&perfconsentstart=1633008089719&perfconsentend=1633008089719&perfcorejsstart=1633008089499&perfcorejsend=1633008089719&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008089720&message=could%20not%20find%20__cmp%20function%20on%20any%20window
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
skin-218003.json
video.unrulymedia.com/native/skins/ Frame C0F3 		351 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-218003.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c803e2bae8d7a465b1ec00989ea29249bc504923c0177184bb986384ff76c78

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:20:12 GMT
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
78
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
351
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 29 Sep 2021 16:08:21 GMT
server
AmazonS3
etag
"24719ad01bc31cd41fdfec83366caf04"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
LYxGXHELlNxIf6NaUoIWI_UyP5zrL2_8JpUWVyXUxlyoRjzUveAYhw==
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Oct 2021 13:21:29 GMT
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame D3F6 		466 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1725-0-g1e62d93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e33cdf5dc33fbd4a80842c8f8e6b4063cb27b96aee599eab1e6af877145c439f

Request headers

:method
GET
:authority
video.unrulymedia.com
:scheme
https
:path
/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tekno.kompas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/

Response headers

content-type
text/html
content-length
466
last-modified
Wed, 29 Sep 2021 09:01:50 GMT
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges
bytes
server
AmazonS3
x-edge-origin-shield-skipped
0
date
Thu, 30 Sep 2021 13:12:40 GMT
cache-control
max-age=600
etag
"cb50bfe65a22d3d2af6679ae4cdcdda8"
x-cache
Hit from cloudfront
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
THda-An4_dUN_DRSJURiQlDssyRpfSLWxLrdxoMHtejuzfj8dlTJXA==
age
530
chunk-vendors~populatePlacement-d02d608675ced91bf1ba.js
video.unrulymedia.com/native/chunks/ Frame C0F3 		110 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-d02d608675ced91bf1ba.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1725-0-g1e62d93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47f7131982b58fb51a7638e4c6760f62bd4e56b150219fb22b53e1eba3f5ad57

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 23:21:00 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
136830
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://tekno.kompas.com
x-amz-expiration
expiry-date="Mon, 18 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Sun, 19 Sep 2021 11:05:14 GMT
server
AmazonS3
etag
W/"75b5671816d798c23cebd037020af705"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
vzQMkneUCNDHNFc4cISNXj8bZM9pglYg2UcwhjMNXaNM1MuCmTS6EA==
chunk-populatePlacement-5193e20fee006145f826.js
video.unrulymedia.com/native/chunks/ Frame C0F3 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-5193e20fee006145f826.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1725-0-g1e62d93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23b5f2339229170825c24ca6ea57b391482c70067f248e3dc6050a0ad3ee153e

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 11:31:38 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
956992
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://tekno.kompas.com
x-amz-expiration
expiry-date="Mon, 18 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Sun, 19 Sep 2021 11:05:14 GMT
server
AmazonS3
etag
W/"fe3522f5ec15d732ec1a268d16d51b6d"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
SaJneIHmh3NwftqNzz8dXEAPx8QJnBNYpIPhkm33vi5MdUl_jj6F1w==
et_v1.0.1725-0-g1e62d93.js
video.unrulymedia.com/native/ Frame D3F6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1725-0-g1e62d93.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2446608ca2ed548412f271011fdbd5211d2185d36c9cbda317b0ef910ed8130

Request headers

Referer
https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Origin
https://video.unrulymedia.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:01:50 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
101980
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://video.unrulymedia.com
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 29 Sep 2021 09:01:40 GMT
server
AmazonS3
etag
W/"3f6c45d3617c6ac7973a1c388ed104c7"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
7_cBBRuBgy3a09NSQeCehR9oJO1z-1PxEQnb1VBpZiWRc_VqonkHZg==
third-party-iframes-bda0282444a5441f0cba.js
video.unrulymedia.com/native/third-party-iframes/ Frame D3F6 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-199.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57f6b0bb65baf25c69bf98cdc5c1f8382c82d7be86c96498a1d061343a68324a

Request headers

Referer
https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Origin
https://video.unrulymedia.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:01:50 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
101980
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://video.unrulymedia.com
x-amz-expiration
expiry-date="Thu, 28 Sep 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 29 Sep 2021 09:01:48 GMT
server
AmazonS3
etag
W/"d178cf080841fcda75075079a8c79709"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
wfjlj3Zz5ttdKVZHpgbjqb_sKzBhFf_LGswGztJ2i-nazTwMIq0sMw==
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=adcallsession&page=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&domain=tekno.kompas.com&videoplcmt=%5B3%2C5%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&perfconsentstart=1633008089719&perfconsentend=1633008089719&perfcorejsstart=1633008089499&perfcorejsend=1633008089719&perfskinstart=1633008089722&perfskinend=1633008089761&perfadagestart=1633008089811&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008089812&systemskinversion=v0.1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=adcall&page=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&domain=tekno.kompas.com&videoplcmt=%5B3%2C5%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&perfconsentstart=1633008089719&perfconsentend=1633008089719&perfcorejsstart=1633008089499&perfcorejsend=1633008089719&perfskinstart=1633008089722&perfskinend=1633008089761&perfadagestart=1633008089811&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008089812&adcallattempt=0&systemskinversion=v0.1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
2.2
rx.targeting.unrulymedia.com/openrtb/ Frame C0F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rx.targeting.unrulymedia.com/openrtb/2.2?uuid=218003&site.page=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&site.domain=tekno.kompas.com&video_width=545&video_height=306&allowDisplay=true&imp%5B0%5D.placement=3&imp%5B1%5D.placement=5&unr.site.env=html&h=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-5193e20fee006145f826.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://tekno.kompas.com
pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
checkp
usermatch.targeting.unrulymedia.com/usermatch/all/ Frame D3F6 		589 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/all/checkp?siteId=218003&callback=checkpCallback
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-length
589
content-type
text/javascript
1
servicer.mgid.com/984609/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/984609/1?pv=5&cbuster=1633008089879802553792&ogtitle=Malware%20Penyedot%20Pulsa%20Bersembunyi%20di%20Lebih%20dari%20200%20Aplikasi%20Android&uniqId=17997&niet=4g&nisd=false&jsv=es6&w=740&h=472&cols=3&ref=&cxurl=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&lu=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&sessionId=6155b9da-06c1b&pageView=1&pvid=17c36ddf9a7af911f04&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/o/kompas.com.984609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c84edcd5fc12b6afb5cf52f31d29890da0b581e0364a8ea00a024936540b07f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
696dc131ef1f1786-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=error_no_ads&videoplcmt=%5B%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&perfconsentstart=1633008089719&perfconsentend=1633008089719&perfcorejsstart=1633008089499&perfcorejsend=1633008089719&perfskinstart=1633008089722&perfskinend=1633008089761&perfadagestart=1633008089811&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008089882&adcallattempt=0&systemskinversion=v0.1&message=Empty%20VAST%20Response
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
bidswitch
event.clientgear.com/cookie/ Frame 63DC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=unrulyx&siteId=218003
  • https://x.bidswitch.net/ul_cb/sync?ssp=unrulyx&siteId=218003
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=unrulyx&bsw_custom_parameter=a7f8a09b-5362-4b3a-a020-813a3e5c17a1
0
0
RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
sync.targeting.unrulymedia.com/csync/ Frame 351C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D&siteId=218003
  • https://usermatch.targeting.unrulymedia.com/usermatch/loopme/e3d3a84a-38a2-4d1f-b3cc-bda396505603?siteId=218003
  • https://sync.1rx.io/usersync/loopme/e3d3a84a-38a2-4d1f-b3cc-bda396505603?siteId=218003
  • https://sync.1rx.io/usersync/loopme/e3d3a84a-38a2-4d1f-b3cc-bda396505603?zcc=1&dspret=0&cb=1633008089980
  • https://sync.targeting.unrulymedia.com/csync/RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003%22%7D; path=/; expires=Fri, 30 Sep 2022 13:21:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:29 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-aa3f41bd-fc9e-4f55-ae66-2d8fb44b3bf5-003
RX-81358636-835f-448a-81c1-8c6c86b83b02-003
sync.targeting.unrulymedia.com/csync/ Frame F7ED
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D&siteId=218003
  • https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/809b5827ed6b4da38e2a63d6e733fe2e
  • https://sync.1rx.io/usersync/crimtan/809b5827ed6b4da38e2a63d6e733fe2e
  • https://sync.1rx.io/usersync/crimtan/809b5827ed6b4da38e2a63d6e733fe2e?zcc=1&dspret=0&cb=1633008089988
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-81358636-835f-448a-81c1-8c6c86b83b02-003%22%7D; path=/; expires=Fri, 30 Sep 2022 13:21:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
sync.targeting.unrulymedia.com/csync/ Frame 73B7
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID
  • https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/2233821730145653958
  • https://sync.1rx.io/usersync/appnexus/2233821730145653958
  • https://sync.1rx.io/usersync/appnexus/2233821730145653958?zcc=1&dspret=0&cb=1633008089977
  • https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003%22%7D; path=/; expires=Fri, 30 Sep 2022 13:21:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:29 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
sync.targeting.unrulymedia.com/csync/ Frame D043
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D&siteId=218003
  • https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/2acc6155-b9d9-4f00-8b82-54efb9736122
  • https://sync.1rx.io/usersync/mediamathtest/2acc6155-b9d9-4f00-8b82-54efb9736122
  • https://sync.1rx.io/usersync/mediamathtest/2acc6155-b9d9-4f00-8b82-54efb9736122?zcc=1&dspret=0&cb=1633008089978
  • https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003%22%7D; path=/; expires=Fri, 30 Sep 2022 13:21:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:29 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
RX-81358636-835f-448a-81c1-8c6c86b83b02-003
sync.targeting.unrulymedia.com/csync/ Frame 5245
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=218003
  • https://sync-tm.everesttech.net/ct/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=218003&_test=YVW52QAFhMYMRQAT
  • https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YVW52QAFhMYMRQAT?&siteId=218003&_test=YVW52QAFhMYMRQAT
  • https://sync.1rx.io/usersync/adobe/YVW52QAFhMYMRQAT?&siteId=218003&_test=YVW52QAFhMYMRQAT
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-81358636-835f-448a-81c1-8c6c86b83b02-003%22%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-81358636-835f-448a-81c1-8c6c86b83b02-003%22%7D; path=/; expires=Fri, 30 Sep 2022 13:21:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
sync.targeting.unrulymedia.com/csync/ Frame 567B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1&siteId=218003
  • https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/bae09a2c-caaf-412a-aa09-7bfd359f3189
  • https://sync.1rx.io/usersync/tradedesk/bae09a2c-caaf-412a-aa09-7bfd359f3189
  • https://sync.1rx.io/usersync/tradedesk/bae09a2c-caaf-412a-aa09-7bfd359f3189?zcc=1&dspret=0&cb=1633008089977
  • https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003%22%7D; path=/; expires=Fri, 30 Sep 2022 13:21:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 30 Sep 2021 13:21:29 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-cb4c4d3e-f95b-4bdd-b9ea-04c74c2e5791-003
usync.html
eus.rubiconproject.com/ Frame 3C7B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east&siteId=218003
  • https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://video.unrulymedia.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwywYaQOmrhRaqUZrmDgY/CTx+qs1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+vEKleU6LjTam3MjDFVf/xlH9h; khaos=KU6YUP40-6-G6FO; audit=1|hLZGFuTafB1BGyzd/CMDhmGIDTCkJYdp0FBmQRW9tlfuuMRmhIiy9fHCWzqrdwtzLmDXqqdEClYi+YQF72mVaaHRODDcuZ6/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Sep 2021 13:21:29 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
Date
Thu, 30 Sep 2021 13:21:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
sync.srv.stackadapt.com/ Frame D953 		0
0
/
pr-bh.ybp.yahoo.com/sync/unruly/ Frame 304F 		43 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/unruly/?siteId=218003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.246.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-246-238.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pr-bh.ybp.yahoo.com
:scheme
https
:path
/sync/unruly/?siteId=218003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
cookie
A3=d=AQABBNm5VWECELllodbBVdSSrycwAEfIVGQFEgEBAQELV2FfYQAAAAAA_SMAAA&S=AQAAAgX0jnsZH2zGJ3GiKxcgaT8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

date
Thu, 30 Sep 2021 13:21:29 GMT
content-type
image/gif
content-length
43
age
0
strict-transport-security
max-age=31536000
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
OZDgFO3iLEqe
sync.1rx.io/usersync/pulse/ Frame 34C3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25&siteId=218003
  • https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/OZDgFO3iLEqe
  • https://sync.1rx.io/usersync/pulse/OZDgFO3iLEqe
0
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 45C4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&siteId=218003
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d4a81122630c44e41e6b301c3811ce12a2661cc7f36071191486cbca3243c79

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://video.unrulymedia.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVW52St3tjXD6w0TxlUtZwAA; CMPS=3185
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|221|5|111|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1634
Expires
Thu, 30 Sep 2021 13:21:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:29 GMT
Connection
keep-alive
Set-Cookie
CMID=YVW52St3tjXD6w0TxlUtZwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Sep 2022 13:21:29 GMT CMPS=3185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Dec 2021 13:21:29 GMT CMPRO=1175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Dec 2021 13:21:29 GMT CMRUM3=da6155b9d92760&276155b9d90b40&056155b9d905a0&6f6155b9d905a0&dd6155b9d92760&e66155b9d92760&f16155b9d905a0&2d6155b9d905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Sep 2022 13:21:29 GMT CMST=YVW52WFVudkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 01 Oct 2021 13:21:29 GMT

Redirect headers

Server
Apache
Content-Length
342
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 30 Sep 2021 13:21:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:29 GMT
Connection
keep-alive
Set-Cookie
CMID=YVW52St3tjXD6w0TxlUtZwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Sep 2022 13:21:29 GMT CMPS=3185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Dec 2021 13:21:29 GMT
unr
match.prod.bidr.io/cookie-sync/ Frame 7910
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=218003
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=218003&_bee_ppp=1
20 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/unr?siteId=218003&_bee_ppp=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bda0282444a5441f0cba.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.68.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://video.unrulymedia.com/
Accept-Encoding
gzip, deflate, br
Cookie
checkForPermission=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

content-type
text/plain
Date
Thu, 30 Sep 2021 13:21:30 GMT
Server
nginx
set-cookie
bito=AACkbU7Cq3QAABxUOhtpMQ; Domain=bidr.io; expires=Sun, 30 Oct 2022 09:21:30 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Sun, 30 Oct 2022 09:21:30 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
20
Connection
keep-alive

Redirect headers

Date
Thu, 30 Sep 2021 13:21:30 GMT
location
https://match.prod.bidr.io/cookie-sync/unr?siteId=218003&_bee_ppp=1
Server
nginx
set-cookie
checkForPermission=ok; Domain=bidr.io; expires=Thu, 30 Sep 2021 13:31:30 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
GMxh2kzEMNYDmGHfTZx5ihvFYtkDmDWJTZs2YQ-q
sync.1rx.io/usersync/quantcast/ Frame D3F6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=218003
  • https://sync.1rx.io/usersync/quantcast/GMxh2kzEMNYDmGHfTZx5ihvFYtkDmDWJTZs2YQ-q?gdpr=1
0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/quantcast/GMxh2kzEMNYDmGHfTZx5ihvFYtkDmDWJTZs2YQ-q?gdpr=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.1rx.io/usersync/quantcast/GMxh2kzEMNYDmGHfTZx5ihvFYtkDmDWJTZs2YQ-q?gdpr=1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
RX-81358636-835f-448a-81c1-8c6c86b83b02-003
sync.targeting.unrulymedia.com/csync/ Frame D3F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc&siteId=218003
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm=&google_sc=&siteId=218003&google_tc=
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEC9GcP1o-IZiZUe7rW0BKlU?siteId=218003&google_cver=1
  • https://sync.1rx.io/usersync/google/CAESEC9GcP1o-IZiZUe7rW0BKlU?siteId=218003&google_cver=1
  • https://sync.1rx.io/usersync/google/CAESEC9GcP1o-IZiZUe7rW0BKlU?zcc=1&dspret=0&cb=1633008089978
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1725-0-g1e62d93&siteId=218003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
ivs-open-sans.css
player.ivideosmart.com/ivshotspots/fonts/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivshotspots/fonts/ivs-open-sans.css
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.51.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-51-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64e277a8a009d28ecfa2f584646e8eea8efac99bd5dc4c9fc2eb9b07179dcf46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
FRA56-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
1075
Last-Modified
Tue, 27 Oct 2020 03:05:44 GMT
Server
AmazonS3
ETag
W/"29fa8d2441d3dca93c4bb5e22a04dafc"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=691200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
DumvrDyhv5KFqRtG7Xqw2KpVG1CvmockfqWMbEg8J-QyEzosvSAMEw==
3000513-1759235-240-180.m3u8
3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/3000513-1759235-240-180.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-32.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01a72bbe3ee22c968201e2ddee119be5cc862c314cc6d473869c33e11cdd3f63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:31 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
1138
last-modified
Mon, 30 Aug 2021 06:14:38 GMT
server
AmazonS3
etag
"c3542d6523234ce9ceb6ddece55d4064"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
aNenSCRBvOEpDJ0PZS_Fb1GYhFKeS69wjBGI2pP8XVTDmLpnEPc8mQ==
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=adcall&page=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&domain=tekno.kompas.com&videoplcmt=%5B3%2C5%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&perfconsentstart=1633008089719&perfconsentend=1633008089719&perfcorejsstart=1633008089499&perfcorejsend=1633008089719&perfskinstart=1633008089722&perfskinend=1633008089761&perfadagestart=1633008089811&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008090065&adcallattempt=1&systemskinversion=v0.1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
2.2
rx.targeting.unrulymedia.com/openrtb/ Frame C0F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rx.targeting.unrulymedia.com/openrtb/2.2?uuid=218003&site.page=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&site.domain=tekno.kompas.com&video_width=545&video_height=306&allowDisplay=true&imp%5B0%5D.placement=3&imp%5B1%5D.placement=5&unr.site.env=html&h=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-5193e20fee006145f826.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://tekno.kompas.com
pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzLy0yVkREZ2RVTjFlR0VueHhTV0dfcmMyS1Zubz0vMHgyMDQ6NTMxeDU1OC83ODB4MzkwL2ZpbHRlcnM6d2F0ZXJtYXJrKGRhdGEvcGhvdG8vMjAyMC8wMy8xMC81ZTY3NzVkOTQzZWViLnBuZywwLC0wLDEpL...
s-img.mgid.com/l/467705/492x277/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/467705/492x277/-/aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzLy0yVkREZ2RVTjFlR0VueHhTV0dfcmMyS1Zubz0vMHgyMDQ6NTMxeDU1OC83ODB4MzkwL2ZpbHRlcnM6d2F0ZXJtYXJrKGRhdGEvcGhvdG8vMjAyMC8wMy8xMC81ZTY3NzVkOTQzZWViLnBuZywwLC0wLDEpL2RhdGEvcGhvdG8vMjAyMS8wOS8zMC82MTU1YjBlMzljZDU0LnBuZw.webp?v=1633008089-kfyzP94h02ZFXyCbLJEguJQdnDUsT2-IoTDhUwlqOjc
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04742c6d2251a10e3243fc3d0c136be7ed4ef2456531b89459c1f815a09dd51b

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 12:51:43 GMT
x-mg-request-uuid
9fb61479-431d-48d8-9c32-c85d0cd98557
age
1260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
696dc13389e31f3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12556
server
cloudflare
aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL0xEU2lIMncyMGlucy1mYWVpb2hCbTAzSEJBQT0vMHgzNDA6MTA4MHgxMDYwLzc4MHgzOTAvZGF0YS9waG90by8yMDIxLzA5LzMwLzYxNTU3NzczMDYxM2YuanBn.webp
s-img.mgid.com/l/467705/492x277/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/467705/492x277/-/aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL0xEU2lIMncyMGlucy1mYWVpb2hCbTAzSEJBQT0vMHgzNDA6MTA4MHgxMDYwLzc4MHgzOTAvZGF0YS9waG90by8yMDIxLzA5LzMwLzYxNTU3NzczMDYxM2YuanBn.webp?v=1633008089-7OhH2_G7VTMHRaSGE9xZIW5eNzX1EXKDv_akYyUWTjM
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28400a32c0bd7b3693dc877755c76c604612f703870ddda10db07e19fcdcff74

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 13:10:13 GMT
x-mg-request-uuid
262048b4-9f36-49a3-8c78-eded9c738e56
age
670
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
696dc13389e61f3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15246
server
cloudflare
aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL3lpdEg1V0FVRC14MFJuT0t5X2JKalBNc2Ftbz0vMHgwOjEwODB4NzIwLzc4MHgzOTAvZmlsdGVyczp3YXRlcm1hcmsoZGF0YS9waG90by8yMDIwLzAzLzEwLzVlNjc3NWM2MjVjOTQucG5nLDAsLTAsMSkvZ...
s-img.mgid.com/l/467705/492x277/-/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/467705/492x277/-/aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL3lpdEg1V0FVRC14MFJuT0t5X2JKalBNc2Ftbz0vMHgwOjEwODB4NzIwLzc4MHgzOTAvZmlsdGVyczp3YXRlcm1hcmsoZGF0YS9waG90by8yMDIwLzAzLzEwLzVlNjc3NWM2MjVjOTQucG5nLDAsLTAsMSkvZGF0YS9waG90by8yMDIxLzA5LzIwLzYxNDdkNDJkYzg3NzkuanBn.webp?v=1633008089-QuYs0RVq6_ZO5WcnXjS8yPHcMwrUKOxTiLEkAG-Ft2A
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500e0fda37439fc5bd962e446f5c231ab2319e4fd753415b50a1a2edcc4fa795

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 00:06:31 GMT
x-mg-request-uuid
74f95723-fb5e-466c-ba55-d24dcf1d10d2
age
47309
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
696dc13389e71f3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17028
server
cloudflare
aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL3BnZWhmbVJaajdwYURQUmlkWGxuOEg1Z2h5MD0vMHg3NTk6MTI4MHgxNjEyLzc4MHgzOTAvZGF0YS9waG90by8yMDIxLzAzLzExLzYwNDkwNDE5YTY5MjcuanBn.webp
s-img.mgid.com/l/467705/492x277/-/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/467705/492x277/-/aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL3BnZWhmbVJaajdwYURQUmlkWGxuOEg1Z2h5MD0vMHg3NTk6MTI4MHgxNjEyLzc4MHgzOTAvZGF0YS9waG90by8yMDIxLzAzLzExLzYwNDkwNDE5YTY5MjcuanBn.webp?v=1633008089-7P5mbGJAjSbrjEMrsN1MQkw6y2hBbQuxiJy7F9p7Jms
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e60c58d2f92cefbc3bdb05df9d7d044e8decbf70318969e9456b52db6990aa1

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 13:05:27 GMT
x-mg-request-uuid
e5bb2bed-2ea5-4e58-ab02-2ac4e5d398fb
age
670
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
696dc13389e91f3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32280
server
cloudflare
aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL0d2b0RtQ3lQVnpVZFBRYjFWakdYNXZiUTBSMD0vMHgwOjEyODB4ODUzLzc4MHgzOTAvZmlsdGVyczp3YXRlcm1hcmsoZGF0YS9waG90by8yMDIwLzAzLzEwLzVlNjc3NWNjY2VmZjAucG5nLDAsLTAsMSkvZ...
s-img.mgid.com/l/467705/492x277/-/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/467705/492x277/-/aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL0d2b0RtQ3lQVnpVZFBRYjFWakdYNXZiUTBSMD0vMHgwOjEyODB4ODUzLzc4MHgzOTAvZmlsdGVyczp3YXRlcm1hcmsoZGF0YS9waG90by8yMDIwLzAzLzEwLzVlNjc3NWNjY2VmZjAucG5nLDAsLTAsMSkvZGF0YS9waG90by8yMDIxLzAzLzAzLzYwM2YyZDFlMGVhNzQuanBlZw.webp?v=1633008089-RkNhGeVGkUtlP4b8waoCVU0r3x9w7JCRzUO9wInhRjo
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e46ef65ce7e197a0ed133a7f1df17656a3ef4e38f172b47e9e9e8dba9acb95

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 13:10:20 GMT
x-mg-request-uuid
13451cf5-f1e9-4c8e-b821-7428c4f979a9
age
670
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
696dc13389f41f3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18048
server
cloudflare
aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL2gzNVRRdDZwbUZpaVIzMXZKNXE5bXBST0h1dz0vMHgxMTYwOjQwMDB4MzgyNy83ODB4MzkwL2ZpbHRlcnM6d2F0ZXJtYXJrKGRhdGEvcGhvdG8vMjAyMC8wMy8xMC81ZTY3NzVjNjI1Yzk0LnBuZywwLC0wL...
s-img.mgid.com/l/467705/492x277/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/467705/492x277/-/aHR0cHM6Ly9hc3NldC5rb21wYXMuY29tL2Nyb3BzL2gzNVRRdDZwbUZpaVIzMXZKNXE5bXBST0h1dz0vMHgxMTYwOjQwMDB4MzgyNy83ODB4MzkwL2ZpbHRlcnM6d2F0ZXJtYXJrKGRhdGEvcGhvdG8vMjAyMC8wMy8xMC81ZTY3NzVjNjI1Yzk0LnBuZywwLC0wLDEpL2RhdGEvcGhvdG8vMjAyMS8wOS8zMC82MTU1YWNjNDRiYjdjLmpwZw.webp?v=1633008089-LrgdLnwC38Dokn9vkX-Rzs8qG1_EeH_uXfv-r3gqzio
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94ed744ff96802ef1b8a72e54340bc1b9e6c93ad533ee41b296dbc1a2365ccb

Request headers

Referer
https://tekno.kompas.com/
Origin
https://tekno.kompas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 13:12:44 GMT
x-mg-request-uuid
9ff09d41-5f7a-4fa8-bcdb-13d9f1792ef7
age
36
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
696dc13389f51f3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9114
server
cloudflare
img
rx-stats3.unrulymedia.com/trackedevent/ Frame C0F3 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=error_no_ads&videoplcmt=%5B%5D&siteid=218003&devicetype=desktop&pageloadid=17c36ddf99b9de33a32a9e&siteenv=html&perfconsentstart=1633008089719&perfconsentend=1633008089719&perfcorejsstart=1633008089499&perfcorejsend=1633008089719&perfskinstart=1633008089722&perfskinend=1633008089761&perfadagestart=1633008089811&doc_type=outstream_pread_event&clientver=v1.0.1725-0-g1e62d93&adslotid=17c36ddf99b22b0c4d7c164&cb=1633008090118&adcallattempt=1&systemskinversion=v0.1&message=Empty%20VAST%20Response
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
events.php
log.r2b2.io/ 		10 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&hbDomain=kompas.com
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
c4961f6bf7ac520c9061a0e85c6472312fbd0e7b968fe8fa994ccbc66d489bec

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:24 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 13:21:30 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 45C4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 45C4 		0
0
crum
dsum-sec.casalemedia.com/ Frame 45C4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVW52St3tjXD6w0TxlUtZwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENK7J1AHQo8CRylqOhYanrA&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENK7J1AHQo8CRylqOhYanrA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 30 Sep 2021 13:21:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENK7J1AHQo8CRylqOhYanrA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 45C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVW52St3tjXD6w0TxlUtZwAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFUuFgV1L6a-61A1r6W3Z10&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFUuFgV1L6a-61A1r6W3Z10&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Sep 2021 13:21:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 30 Sep 2021 13:21:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFUuFgV1L6a-61A1r6W3Z10&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YVW52St3tjXD6w0TxlUtZwAA%261175
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 45C4 		0
0
ix
ad4m.at/ad/sim/ Frame 45C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame 45C4 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ibs:dpid=23728&dpuuid=YVW52St3tjXD6w0TxlUtZwAA%261175
dpm.demdex.net/ Frame 45C4 		0
0
RX-81358636-835f-448a-81c1-8c6c86b83b02-003
sync.targeting.unrulymedia.com/csync/ Frame 45C4
Redirect Chain
  • https://usermatch.targeting.unrulymedia.com/usermatch/casale/YVW52St3tjXD6w0TxlUtZwAA%261175
  • https://sync.1rx.io/usersync/index/YVW52St3tjXD6w0TxlUtZwAA&1175
  • https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=218003&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:30 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-81358636-835f-448a-81c1-8c6c86b83b02-003
pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usync.js
eus.rubiconproject.com/ Frame 3C7B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=218003
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37301
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 23:43:11 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3C7B 		0
0
i.js
cm.mgid.com/ 		1 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1633008090190302161192
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/o/kompas.com.984609.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf8396f4d4279ff24f30dbcede2da560d45d6b64e252fc47d540b2b861d73217

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
58628caa-7063-49b6-8b2d-8e6e66162d4c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
696dc133ca331786-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 7D98 		0
0
auction
intake.pbstck.com/v1/intake/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=d5f4b27d&tId=f592773f-0b4f-4e7c-8cef-a1ca0bc0cec6&c=9&ctr=DE
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tekno.kompas.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
696dc133f850324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
iev
csm.fr.eu.criteo.net/ Frame E24B 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012109102127000/ 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
19902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55506
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 07:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c42e3b94efe0099e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 07:49:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
19902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4995
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 07:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc03df60ee69192f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 07:49:48 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28507
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 07:38:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"283b6526337df106"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 07:38:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1638
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 07:38:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b3f838efba7b15f2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 07:38:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 07:38:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2e8049efde94274d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 07:38:47 GMT
truncated
/ 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06f4130d9d9518e5f017a1900d39634a4c29d468b45231743048e45801f1ffaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
13832259747097196643
tpc.googlesyndication.com/daca_images/simgad/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13832259747097196643
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
d8cf1c488d62287d6350eaaa58ae805541cd1c1fc49caaa15550e6916af2375d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 08:52:06 GMT
x-content-type-options
nosniff
age
534564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100756
x-xss-protection
0
last-modified
Sat, 31 Jul 2021 06:52:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Sep 2022 08:52:06 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Sep 2021 10:46:48 GMT
x-content-type-options
nosniff
server
cafe
age
9282
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Fri, 01 Oct 2021 10:46:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ 		344 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 19:50:12 GMT
x-content-type-options
nosniff
server
cafe
age
63078
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 30 Sep 2021 19:50:12 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqM_lJqn2WLC4reOKYiEHjuHPe1CZb6yChMdx7VisJgm6vTzvhaeY1dmP656qEDOUfNf6_TAJpBa8z28tfw5qhnZYS9g
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4wW-2blVYeSGLriZrASCmaaQAsiN67Zk8uPlycIOncfrj9wmEAEgytbjH2DJBqABg7CdnwLIAQLgAgCoAwHIAwiqBMwCT9Db7IRIX6yz9ku0zpYtlQnB2HjWguICEx4GVZMxAlh1C-MriuYmkamHnMOEfJmWizZLIPH0S0cDuiuwwqhJF1juxF1frhBJQuj4WzlakSx07SIvjWwS-iqz62ig9Sg3CVEhKoVa-0i5QxygKDTv41Gdk-9jBZoXCBkdXm_RjZIMjtrc0vzpZEGpQUzUzgUUEb4roU7kguS1tlbsmm2w1bja3pN-Ex-OAmXFIyWlMr9-AvTK2CNyAYCZTqcFn844v-LAdt2kap6p_ntz9EAGUA_7joNnkM3SACppnFXdZrm6aPSFKesDYJDKMEvmXeC6xqjwEsU6ueYsPcQ4GXibO3kfZhn2YQXnsyPrwmc08VvEVqIucdvDU4dhaBpR33D5HfVBqQdUhQzBsojbQBYq1h3jgrC3PxR219pwvW-4vRwrFeC58-VCunj3pLfABKit_LTbA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe82I-UAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQxbIO0ggHCIhhEAEYH4AKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi03Nzg0MDM0MDYxMjUzMDIwGNHDEQ&sigh=LnIqyHRGP7E
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		0
0
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=SSzCCc9zWLpAAAZp0024&pi=mgid&tc=1
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=SSzCCc9zWLpAAAZp0024&pi=mgid&tc=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
1e446f17-9d7f-4422-8f2f-e3adfae005d8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
696dc1350f77beab-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=SSzCCc9zWLpAAAZp0024&pi=mgid&tc=1
pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT, Thu, 30 Sep 2021 13:21:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5023935537043937&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&gdpr=&gdpr_consent=&us_privacy=
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c0e5f7ab-3c0b-498d-a90b-30e3c94c43e4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
696dc1355f8abeab-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 30 Sep 2021 13:21:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l8utYhj3TEl6
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
696dc1349b0b05ed-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l8utYhj3TEl6
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
696dc1349c3ec2e5-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l8utYhj3TEl6
  • https://pixel.advertising.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=
  • https://pixel.advertising.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=&apid=UP52eef6f6-21f1-11ec-94a3-0662f291b022
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=&apid=UP52eef6f6-21f1-11ec-94a3-0662f291b022
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 13:21:30 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55859/sync?uid=a7f8a09b-5362-4b3a-a020-813a3e5c17a1&_origin=1&gdpr=&gdpr_consent=&apid=UP52eef6f6-21f1-11ec-94a3-0662f291b022
date
Thu, 30 Sep 2021 13:21:30 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDh1dFloajNURWw2&muidn=l8utYhj3TEl6
  • https://cm.mgid.com/google?muidn=l8utYhj3TEl6&google_ula={guid},5&google_gid=CAESEBdUW3WLWOYIj3g8PgB9zNs&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l8utYhj3TEl6&google_ula={guid},5&google_gid=CAESEBdUW3WLWOYIj3g8PgB9zNs&google_cver=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
696dc134af4cbeab-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l8utYhj3TEl6&google_ula={guid},5&google_gid=CAESEBdUW3WLWOYIj3g8PgB9zNs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 		0
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=bae09a2c-caaf-412a-aa09-7bfd359f3189&ttl=1635600090
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=bae09a2c-caaf-412a-aa09-7bfd359f3189&ttl=1635600090
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
7c32e20f-3c8b-484c-ba5d-5bfc200c27dd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
696dc134af52beab-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=bae09a2c-caaf-412a-aa09-7bfd359f3189&ttl=1635600090
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
864670b09de1de340504ff6d40c9db9636e9deb98128172af8e9da9ac724ba27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Sep 2021 13:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8437
x-xss-protection
0
e.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/e.gif?f=triggerWrapper.js&l=905&c=9&a=547785&s=(_vwo_s().f_e(_vwo_s().dt()%2C%20%27mobile%27))&e=EvalError%3A%20Refused%20to%20evaluate%20a%20string%20as%20JavaScript%20because%20%27unsafe-eval%27%20is%20not%20an%20allowed%20source%20of%20script%20in%20the%20following%20Content%20Security%20Policy%20directive%3A%20%22script-src%20https%3A%2F%2Fcdn.ampproject.org%2F%22.%0A%0A%20%20%20%20at%20Hn%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2Fweb%2FdjIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ%3D%3D%2Ftag-7be7a6e9e4d40978c46d49b3878028b5.js%3A22%3A45767)%0A%20%20%20%20at%20Object.on%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2Fweb%2FdjIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ%3D%3D%2Ftag-7be7a6e9e4d40978c46d49b3878028b5.js%3A22%3A45976)%0A%20%20%20%20at%20Object.eligible%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2Fweb%2FdjIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ%3D%3D%2Ftag-7be7a6e9e4d40978c46d49b3878028b5.js%3A22%3A121218)%0A%20%20%20%20at%20https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2Fweb%2FdjIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ%3D%3D%2Ftag-7be7a6e9e4d40978c46d49b3878028b5.js%3A22%3A135322%0A%20%20%20%20at%20Object.processExperiments%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2Fweb%2FdjIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ%3D%3D%2Ftag-7be7a6e9e4d40978c46d49b3878028b5.js%3A22%3A137330)%0A%20%20%20%20at%20Object.topInitialize%20(https%3A%2F%2Fdev.visualwebsiteoptimizer.com%2F&vn=7.0.161&vns=undefined&vno=4.0.94&_cu=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-2&eTime=1633008089382&random=0.8505931095391004
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:30 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Thu, 30 Sep 2021 13:21:30 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
settings.js
dev.visualwebsiteoptimizer.com/ 		0
0
beacon.js
sb.scorecardresearch.com/ 		0
0
3000513-1759235-240-180-0000.ts
3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/ 		94 KB
94 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/3000513-1759235-240-180-0000.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-32.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ca5891200e69e691b2853636807f87fc254da6c8badc2f954a71c9b13cf2edc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:32 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
96068
last-modified
Mon, 30 Aug 2021 06:14:38 GMT
server
AmazonS3
etag
"d7b4ab97cbe927aaef0ac0cde0da6627"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
Agr0qvIswhd0NrQt1rkL6RHSviz9AaPNnwXVLHyWWjU1pVPAj5PzPg==
45d4c9ec-fc7e-4197-a03a-61175a7a9c1c
https://tekno.kompas.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tekno.kompas.com/45d4c9ec-fc7e-4197-a03a-61175a7a9c1c
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJF5YxxOmKkuvZ5mxSe2lgrMK2QKYYP5TKOd4WyrGxS6i_XiBQy-AvqIop1uZFvAxoWcQ3LkHHROAMh-89SKOMCm-02xtJilsskgwgr4xua7eUmCY&sai=AMfl-YRjs20ICu0jonlIuMKiXCecQm-yBledd1dLsOwtkRinxlCGYfc10jD28jdGvVo2-aKpypxsHN6J0P3bSJvH3wvElFKpfTxefzWNUD2c1WuvyuFLTn_AdxeZgqn3jBDd&sig=Cg0ArKJSzG3JqGKXOVYPEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=100&tls=1100&g=100&h=100&tt=1100&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1577573204
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3000513-1759235-240-180-0001.ts
3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/ 		101 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/3000513-1759235-240-180-0001.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-32.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
855ccfc1793e8397727371ff1953c90b521613c02fa0cf3ec8dfd15ab83ba0d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:33 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
103588
last-modified
Mon, 30 Aug 2021 06:14:38 GMT
server
AmazonS3
etag
"73d8796c4ca1d8eeb353f3b7f58bb4ac"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
KcKKFq5Zt-S--HBlIuGHrFnLxvFDx8CpYGL8VoGsLr_NGtwTzvs2sQ==
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjg3QTY2MUUtOUQ5Qy00RTg5LTk0RjUtNzA4RTNCRjExMEQ3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 30 Sep 2021 13:21:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:364
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=390556a8-c23c-41d2-9eb3-2529543af35e&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAvtELBjEaRVbipoZP8dvRU&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAvtELBjEaRVbipoZP8dvRU&google_cver=1
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:32 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAvtELBjEaRVbipoZP8dvRU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: tekno.kompas.com
URL: https://tekno.kompas.com/read/2021/09/30/14030047/malware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Sep 2021 13:21:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Thu, 30 Sep 2021 13:21:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
3000513-1759235-240-180-0002.ts
3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/ 		95 KB
96 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/3000513-1759235-240-180-0002.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-32.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0b980f564b41cb30ee3aed22d0c338915cf70b53c52254421be6729d7dde0a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:34 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
97572
last-modified
Mon, 30 Aug 2021 06:14:38 GMT
server
AmazonS3
etag
"b9a53d74dc2ae889022172b7e1c05a7f"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
_nGUObmC0o_gLXLprF0ycQBheh5OIjMfGTQCGF3Fi_KvqJXa-0-QXA==
userSync.js
ads.pubmatic.com/AdServer/js/ 		0
0
userconnect.js
js.adscale.de/ 		0
0
3000513-1759235-240-180-0003.ts
3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/ 		33 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://3000451-kompas-com.cf.ivideosmart.com/3000513/1759235/3000513-1759235-240-180-0003.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-32.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tekno.kompas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:21:35 GMT
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
88172
last-modified
Mon, 30 Aug 2021 06:14:38 GMT
server
AmazonS3
etag
"4dd7e963567ca0f21b803eeb5e8c3e12"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp2t
access-control-allow-origin
https://tekno.kompas.com
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
vqDQrzO6jPh0f8WB9zvaKZto_UWMFoL42y0JTfdU91pEYfEvfzHi6A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=De6RX5SUBn2CS9kC2blVYQ
Domain
mab.chartbeat.com
URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kompas.com&domain=tekno.kompas.com&path=%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=bae09a2c-caaf-412a-aa09-7bfd359f3189
Domain
audience.contextads.live
URL
https://audience.contextads.live/ping?url=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&category=science%26technology&device=desktop
Domain
event.clientgear.com
URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=unrulyx&bsw_custom_parameter=a7f8a09b-5362-4b3a-a020-813a3e5c17a1
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=41&siteId=218003
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/pulse/OZDgFO3iLEqe
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVW52St3tjXD6w0TxlUtZwAABJcAAAAB
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YVW52St3tjXD6w0TxlUtZwAA%261175?gdpr_consent=&us_privacy=&gdpr=1
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YVW52St3tjXD6w0TxlUtZwAA%261175?gdpr_consent=&us_privacy=&gdpr=1
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=unruly&siteId=218003
Domain
cm.mgid.com
URL
https://cm.mgid.com/i-noref.js?cbuster=1633008090207745386392
Domain
csm.fr.eu.criteo.net
URL
https://csm.fr.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~72
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/osd.js
Domain
sync.e-volution.ai
URL
https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l8utYhj3TEl6
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
dev.visualwebsiteoptimizer.com
URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=547785&settings_type=2&vn=7.0&r=0.6835543334640282&u=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&exc=1|2|34|35|36
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/beacon.js
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Domain
js.adscale.de
URL
https://js.adscale.de/userconnect.js

Verdicts & Comments Add Verdict or Comment

548 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| jixie_o string| keyword_data object| array_keywords object| jixie_p object| AdTrack object| pbjs function| myAdDoneFunction function| getCookieUid string| uuid__ function| SpotXPrebidRegular number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT number| HB_TIMEOUT object| adUnits object| gptadslots object| googletag function| initAdserver function| fb_share function| tweet_share function| plus_share function| telegram_share function| whatsapp_share number| settings_timer number| _vwo_settings_timer object| _vwo_code number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_worker_cb number| _vwo_clicks function| getCookieNwsLetter function| nwsLetterSubmit object| jxosmp function| jxOSMDefer object| _ContextAdsPublisher object| _scripter object| observer_nextprev function| nextprev_inject object| ggeac object| google_js_reporting_queue function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| div string| siteno string| tags string| id string| key string| spid string| wid object| script function| pbjsChunk object| _pbjsGlobals object| Criteo object| td undefined| f object| google_tag_manager function| postscribe object| google_tag_manager_external function| getCookieKcm string| ajax_loader function| formatDateComment function| limitText function| insertComment function| replyComment function| closeForm function| likedislikeComment object| mall number| comment_id string| comment_text number| alasan_id string| alasan_text function| laporkanComment function| reportCommentForm function| reportCommentSuccess function| showModals function| dismissModals function| dismissReloadModals function| clearModalsContent function| remDisabledBtn function| showOthers function| valueOthers object| regeneratorRuntime object| pbstck object| pbstckQ object| Pubstack object| d object| google_tag_data string| GoogleAnalyticsObject function| ga object| _atrk_opts string| sections object| _sf_async_config object| theDocument function| validateDeviceType function| customStyles function| EmbedScript function| inIframe string| $ImpulseID object| criteo_pubtag object| criteo_pubtag_standalone_113 object| Criteo_standalone_113 object| __nls number| ___vwo function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| observer_komentar function| show_widget_komentar object| webpackChunkplayersdk_html5 object| IVS object| jxtrkr function| atrk boolean| _atrk_fired object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _mgIntExchangeNews object| MarketGidInfC984609 function| MarketGidCContextBlock984609 function| MarketGidCMainBlock984609 function| MarketGidCInternalExchangeBlock984609 function| MarketGidCColorBlock984609 function| MarketGidCRejectBlock984609 function| MarketGidCCriteoBlock984609 function| MarketGidCInternalExchangeLoggerBlock984609 function| MarketGidCObserverBlock984609 function| MarketGidCSendDimensionsBlock984609 function| MarketGidCRtbBlock984609 function| MarketGidCIframeSizeChangerBlock984609 function| MarketGidCContentPreviewBlock984609 function| MarketGidCGradientBlock984609 function| MarketGidCResponsiveBlock984609 boolean| mg_loaded_525060_984609 function| ConfigEmbedder undefined| targetImageSelectorValue function| applyStylestoAdContainer string| closeBtnSrc function| addCloseBtn function| addCloseBtnNew function| addCloseBtnNewFaltu boolean| hover string| placementID string| urlcat boolean| isDebug string| PubId string| WebId string| PlatId object| jData boolean| CheckIpu number| IPUInterval string| targetimageW string| IPU_URL boolean| allowIsFilled string| testIPU_URL number| placementID_int string| lang undefined| safetyParam undefined| FlagParam undefined| keywordParams boolean| ClerifyBlocking string| targetimageH boolean| IpuReturned object| PrevLog object| ImageBottomY boolean| ComScoreEmbedded string| CONTAINER_NAME boolean| tpuOnly string| CONTAINER_ID string| CONTAINER_CLASS boolean| sendError boolean| LanguageTrim number| _ScreenWidth number| _ScreenHeight undefined| _adtechLink undefined| ipuRespJson boolean| ReviveCall boolean| BackfillFired boolean| isBackfill boolean| TestPlacementFlag string| placementQuery string| testPlacementCondition string| reviveParam string| ContextAdsServerURL string| DataReviveID string| UnsafeErrorRequestURL boolean| AdServerCall undefined| cSafe string| interactionTrackUrl string| interactionSelectorTrackUrl boolean| Retarget boolean| WapBool string| cookieName undefined| trackingData string| CurrentCity string| Budwiser_Country string| Budwiser_City undefined| forkretg string| domain string| Status function| FetchElement function| FetchElements function| FetchScrollerOptions function| GetImageTitle function| GetImageCaption function| URLCatFetch function| GetURLCAT function| log function| getPosition function| getAbsolutePosition function| ShowMeLog function| GetPlacements function| CreateAdContianer function| findDevice function| implJData function| RemoveContainer function| MetaExtractor function| GetAdContinerClass function| AdContainer function| AdtechArgumentFormater function| ReviveArgumentFormater function| IPUArguementFormater function| MakeIPUCall function| findUserAgent function| PrepareAdtechCall function| checkRevive function| FetchMiracleOptions function| GatherData function| SetTestPlacement function| URLCatPurger function| getQueryStringValue function| CallAdtech function| CallRevive function| injectAdJS function| PipeLineExecutor function| buildErrorJson function| handleErrorLogResp function| searchForTargetImage function| ArtBannerCheck function| findArtOrList function| ListicleBannerCheck function| UnsafeInventoryLog function| getDirtyCampaign function| getCampaign function| CreativeEventListeners function| handleCreativeEvents function| saveBannerInteraction function| addCloseBtnListicle function| BackfillOverImage function| setforkretg function| getforkretg function| checkforkretg function| updateforkretg function| backFillOverImageWithCloseButton function| addCloseButtonForBackfill function| callReviveForPassback function| handlePassbackResponse function| AddCloseButton function| getAudience function| loadAudience function| getLocalStorageItem object| Base64 string| curr_url string| full_domain string| domain_login string| domain_name string| service function| popupCenter function| radioclose object| phq number| a object| ph undefined| pAr undefined| cfs undefined| fs undefined| pl undefined| bLeft undefined| bRight function| closeFs function| keyPress function| ce function| gi function| gc function| gca function| insertAfter function| PhotoSwipe function| PhotoSwipeUI_Default function| initSlider function| createArrow function| slideIt function| showSocOverlay function| getHrefId function| scrollTooo function| findPoss object| wto undefined| wtoclose function| setCookieUkid object| xhttp function| lozad object| gaplugins object| gaGlobal function| ForkAd undefined| vibeRetargettingCookieValue function| transferKeys function| setVibeRetargetting function| getVibeRetargetting function| checkVibeRetargetting function| updateVibeRetargetting function| setKeyWordAttribute function| sendAnalytics function| _frkGetParameterByName function| isIE object| _cb_shared object| webVitals function| sendToGTM function| setCookieVer function| getCookieVer string| kmp_uid string| lgn_w object| settings function| checkCookieVer function| doVerification function| showKgModalJernihKomentar function| showKgModal function| completeProfile boolean| JX_FLOAT_COND_COMPILE object| jxrenderercore object| jxrenderer boolean| jxsellib function| jxsel object| jxoutstreammgr object| _jxoutstreammgrq function| receiveMessage string| classDetected string| className object| firebase string| site object| firebaseConfig object| ukid string| jixie_id string| useragent function| setCookieNotif function| getCookieNotif function| setCookieNotifDpt function| getCookieNotifDpt object| jQuery112005347620052341753 string| safe string| keyword_targetting1 string| keyword_targetting2 string| keyword_targetting3 string| keyword_targetting4 string| keyword_targetting5 object| _jxbidsreportsvcq object| ls string| _instID object| gaData function| onYouTubeIframeAPIReady object| Ya function| bugsnag function| Hls object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| ivsAdsClientJSBlob function| ivsVideoPbjsChunk object| ivsVideoPbjs function| HBEnrichedAdCallsSchedulerObjCreate function| HBEnrichedAdCallsCoreObjCreate function| initMoatTracking object| vttjs function| WebVTT object| default_gsi object| __G_ID_CLIENT__ object| closure_lm_263434 object| Try object| Implax object| TargetImage object| ImpulseAdW object| ImpulseAdH object| SpeedNullifier number| ScreenWidth boolean| adloaded boolean| belowImage function| LocateTagetImage function| setImpulseWH function| SetReviveFlag function| SetLocation function| SetLanguage function| customUrlCat function| listener function| LoadAd function| SetWebPlacement function| SetWapPlacement object| config object| placementsWeb object| placementsWap object| placementsWeb_context object| placementsWap_context function| AdtechAdditionalSettings function| StyleAdContainer function| AdScroller function| CheckForResponsiveIframe function| GetWapAd function| TeknoTitleConfig object| configweb object| configWap function| callNewCengine function| PipeLineSelector object| ExectutionPipeLine number| interval undefined| EmbedHeaderScript undefined| EmbedFooterScript object| ImpulseReady object| closure_lm_990298 boolean| _firstAdRequestFired object| firstComment object| komentar_reply object| komentar_fullname string| fullname function| audienceInit object| google_optimize string| htag object| closure_lm_657812 object| _ads_settings object| _hbparams function| fcnEarlyAdFoundAdviseHoldTimeCB_ string| purpose object| elem object| moob object| HSBigObj string| mainpart function| tns object| onClickExcludes function| mgReject984609 function| mgLoadAds984609_17997 function| MarketGidCReject984609 function| MarketGidLoadGoods984609_17997 object| _syntheticCVList string| cleanhtmlcode object| iframe object| _mgq function| _mgqp number| _mgqt number| _mgqi string| __unrulyPageLoadId string| _mgCanonicalUri boolean| _mgPageViewEndPoint525060 string| _mgPvid object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| reviveAsync object| Criteo_prebid_113 number| unruly:native-ad:nativeAdLoadedTimes boolean| _mgPageView525060 function| LoadCriteoAllPlaces984609_17997 boolean| i.js.loaded boolean| i-noref.js.loaded object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| AMP object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| _vis_opt_url object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG object| GoogleGcLKhOms function| FormProxy object| _comscore

120 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhDui_i2wy8=
.tekno.kompas.com/ Name: _vwo_uuid_v2
Value: D14950907FD11B47C87AADA3A6A9129B7|90abf8bacad4fcd0e1cb39f076e4998d
.mgid.com/ Name: __cf_bm
Value: kqkMXxrIu7FbarqsiYt8XDUGRzlLOafrkYi7U5FPpes-1633008087-0-AU2jjtPMtCC6uBkCqszMbr/Tx4iSBed1f/5zs9ZRCIIjtsTVmlalL3byvp07G2kLRjO0bDiRt9WjOSkg9ICxzUk=
.kompas.com/ Name: _vis_opt_s
Value: 1%7C
.kompas.com/ Name: _vis_opt_test_cookie
Value: 1
.kompas.com/ Name: _vwo_uuid
Value: D14950907FD11B47C87AADA3A6A9129B7
tekno.kompas.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.spotxchange.com/ Name: audience
Value: 51999ac6-21f1-11ec-8771-1f932c7f0006
.openx.net/ Name: i
Value: 667f7b90-5841-0291-003c-220777c4446c|1633008088
.smartadserver.com/ Name: pbw
Value: %24b%3d16930%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 439923=4600161
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwywYaQOmrhRaqUZrmDgY/CTx+qs1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+vEKleU6LjTam3MjDFVf/xlH9h
.adscale.de/ Name: uu
Value: a871fc70911546baa2e7817b8de84f5b
.adscale.de/ Name: cct
Value: 1633008088325
.rubiconproject.com/ Name: khaos
Value: KU6YUP40-6-G6FO
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1BGyzd/CMDhmGIDTCkJYdp0FBmQRW9tlfuuMRmhIiy9fHCWzqrdwtzLmDXqqdEClYi+YQF72mVaaHRODDcuZ6/
.adnxs.com/ Name: icu
Value: ChgIjspkEAoYASABKAEw2PPWigY4AUABSAEQ2PPWigYYAA..
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637686120881915683&o=1
.scorecardresearch.com/ Name: UID
Value: 1OG1ASXXB8GSVSWTLZAJMWg1633008088
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 09365cfe-ea14-5311-ad53-194dcc06a095
.betweendigital.com/ Name: ut
Value: YVW52AAGPajVIj27THDtUijWdnuUQhWS-ea6UQ==
.betweendigital.com/ Name: ss
Value: 1
.kompas.com/ Name: _vwo_ds
Value: 3%3At_0%2Ca_0%3A0%241633008087%3A29.06305793%3A%3A%3A2_0%2C1_0%3A0
.adnxs.com/ Name: uuid2
Value: 2233821730145653958
.kompas.com/ Name: __asc
Value: 076d9ef817c36ddf62867b361db
.kompas.com/ Name: __auc
Value: 076d9ef817c36ddf62867b361db
tekno.kompas.com/ Name: _cb_ls
Value: 1
tekno.kompas.com/ Name: forkrtg
Value: {"generic":"29112019"}
.kompas.com/ Name: _ga_77DJNQ0227
Value: GS1.1.1633008088.1.1.1633008088.60
tekno.kompas.com/ Name: vibertg
Value: {"generic":"29112019"}
.google.com/ Name: NID
Value: 511=gb7AeXg7npcDc4f4Q14vKV3Mh30crIY8KKbFzhPZuMymNC65ajrtoSf5tQgJgWvH1fGjnKWkCDk-C8_wTlW0MYEt17Drj-4HqmJYCabrUfbqFCWMYu6ohLKGWI6lGss2aOJTzWwHDy1pbjgvf7FqJK0v-sdDk6UTPJwc8ZifE70
.jixie.io/ Name: client_id
Value: 51efaea0-21f1-11ec-87b1-99301481a017
.jixie.io/ Name: sid
Value: 1633008088-51efaea0-21f1-11ec-87b1-99301481a017
tekno.kompas.com/ Name: _cb
Value: CzSZ0fDlptbJDDad8l
tekno.kompas.com/ Name: _chartbeat2
Value: .1633008088810.1633008088810.1.n9ybiCDVmJZD4JUwGBlHf8qDC9pqZ.1
tekno.kompas.com/ Name: _cb_svref
Value: null
.criteo.com/ Name: uid
Value: e093ddf1-15a1-4f76-aad1-e9b5886e8001
.kompas.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.kompas.com/ Name: _ga
Value: GA1.2.127167524.1633008089
.kompas.com/ Name: _gid
Value: GA1.2.1519758513.1633008089
.kompas.com/ Name: _dc_gtm_UA-3374285-20
Value: 1
.adsrvr.org/ Name: TDID
Value: bae09a2c-caaf-412a-aa09-7bfd359f3189
.kompas.com/ Name: _ym_uid
Value: 1633008089875756401
.kompas.com/ Name: _ym_d
Value: 1633008089
.yandex.ru/ Name: ymex
Value: 1664544089.yrts.1633008089#1664544089.yrtsi.1633008089
.yandex.ru/ Name: yandexuid
Value: 2681461861633008089
.yandex.ru/ Name: yuidss
Value: 2681461861633008089
mc.yandex.ru/ Name: yabs-sid
Value: 154034411633008089
.yandex.ru/ Name: i
Value: laokahgfaATH7sO7pcnqF4niPCMBxeakx2xDXg4+WDPqJqy44ILPaSKsDLb7AduwreJF5ePBlvKXJQbXXG/pdyn3sL0=
.kompas.com/ Name: cto_bundle
Value: vM_-D19JNVNZZlNwSU9IRjN3SHFHajVYMjglMkZkdmY4S2puc2tHV0d0RWVWczlING9ldW9obWI2RDFXU2dCeSUyQmtoZHpMeGtYVjRpMHpNTkJ6VVhRVGo1TGYlMkJmTmxoNlMyc0htY0dNaHAlMkZ5bVdvSSUyQkZ3SGQyc2hLQXk5NnVlNFlMJTJCN2FlWUVJM21lMER3a05pSGdsSDVOZzJId1ElM0QlM0Q
.kompas.com/ Name: _ym_isad
Value: 2
.ivideosmart.com/ Name: clientId
Value: 099-ab686a27-39ad-4602-ba22-ea2229f14277
.ivideosmart.com/ Name: clientGroup
Value: 099
.kompas.com/ Name: ukid
Value: 75b258055bea8e94caf8b7accc94f34b
.aralego.com/ Name: sspid
Value: 27790edb-8427-3e87-8c1b-e43cb07ba4e5
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 2990250060fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 429043340fake
.webvisor.org/ Name: yandexuid
Value: 2681461861633008089
.webvisor.org/ Name: yuidss
Value: 2681461861633008089
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.c.appier.net/ Name: _auid
Value: De6RX5SUBn2CS9kC2blVYQ
.mgid.com/ Name: muidn
Value: l8utYhj3TEl6
delivery.contextads.live/ Name: OAGEO
Value: US%7CTexas%7CDallas%7CStrong+Technology+LLC.%7Cstrongvpn.com%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7C%7C
tekno.kompas.com/ Name: _jx
Value: 51efaea0-21f1-11ec-87b1-99301481a017
.kompas.com/ Name: _jx
Value: 51efaea0-21f1-11ec-87b1-99301481a017
tekno.kompas.com/ Name: _jxs
Value: 1633008088-51efaea0-21f1-11ec-87b1-99301481a017
.kompas.com/ Name: _jxs
Value: 1633008088-51efaea0-21f1-11ec-87b1-99301481a017
tekno.kompas.com/ Name: _jxtdid
Value: bae09a2c-caaf-412a-aa09-7bfd359f3189
.kompas.com/ Name: _jxtdid
Value: bae09a2c-caaf-412a-aa09-7bfd359f3189
.quantserve.com/ Name: d
Value: EHQBDQGvJK3ckwA
.quantserve.com/ Name: mc
Value: 6155b9d9-e50ca-e5866-eafcf
.doubleclick.net/ Name: IDE
Value: AHWqTUlno_RrQBpm0AFvg5sdl29tMhjwsh8jICepxPzwwyIsbjH7Z9I8l03LL0ud6ic
.mathtag.com/ Name: uuid
Value: 2acc6155-b9d9-4f00-8b82-54efb9736122
.casalemedia.com/ Name: CMID
Value: YVW52St3tjXD6w0TxlUtZwAA
.casalemedia.com/ Name: CMPS
Value: 3185
servicer.mgid.com/ Name: __mglb
Value: fc02a5af8306bee686576562f78e8f80
.ctnsnet.com/ Name: cid_809b5827ed6b4da38e2a63d6e733fe2e
Value: 1
.casalemedia.com/ Name: CMPRO
Value: 1175
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81358636-835f-448a-81c1-8c6c86b83b02-003%22%7D
.bidswitch.net/ Name: tuuid
Value: a7f8a09b-5362-4b3a-a020-813a3e5c17a1
.bidswitch.net/ Name: c
Value: 1633008090
.bidswitch.net/ Name: tuuid_lu
Value: 1633008090
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81358636-835f-448a-81c1-8c6c86b83b02-003%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVW52QAFhMYMRQAT
.bidr.io/ Name: bito
Value: AACkbU7Cq3QAABxUOhtpMQ
.bidr.io/ Name: bitoIsSecure
Value: ok
tekno.kompas.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C984609%22%3A%7B%22page%22%3A1%2C%22time%22%3A1633008090110%7D%7D
eus.rubiconproject.com/ Name: pux
Value: 1512%3D102973%262249%3D102973%262307%3D102973%262974%3D102973%263778%3D102973%262249-DV360-Hosted%3D102973%26idl%3D102973%26brx%3D102973%26
.casalemedia.com/ Name: CMST
Value: YVW52WFVudoA
.casalemedia.com/ Name: CMRUM3
Value: e66155b9d92760&f16155b9d905a0&dd6155b9d92760&2d6155b9da2760CAESENK7J1AHQo8CRylqOhYanrA&276155b9d90b40&da6155b9d92760&6f6155b9d905a0&056155b9d905a0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.kompas.com/ Name: __gads
Value: ID=d3e26df1b6e02cb0-22c491a783c90022:T=1633008089:S=ALNI_MZRAOr2gULecQb9cVyr4q97HlXGpQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4eef700031e86ea9
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiIw4yj_oeCOhAFOAFaB29tbjY3aGxgAg..
.creativecdn.com/ Name: u
Value: SSzCCc9zWLpAAAZp0024
.creativecdn.com/ Name: ts
Value: 1633008090
.adform.net/ Name: C
Value: 1
.kompas.com/ Name: _vwo_sn
Value: 0%3A2
.idealmedia.io/ Name: muidn
Value: l8utYhj3TEl6
.advertising.com/ Name: APID
Value: UP52eef6f6-21f1-11ec-94a3-0662f291b022
.kompas.com/ Name: _ga_7KGEC8EBBM
Value: GS1.1.1633008088.1.1.1633008090.58
.lentainform.com/ Name: muidn
Value: l8utYhj3TEl6
.adform.net/ Name: uid
Value: 5023935537043937
.doubleclick.net/ Name: DSID
Value: NO_DATA
.analytics.yahoo.com/ Name: IDSYNC
Value: 173n~20p1
.yahoo.com/ Name: APID
Value: UP52eef6f6-21f1-11ec-94a3-0662f291b022
.yahoo.com/ Name: APIDTS
Value: 1633008090
.yahoo.com/ Name: A3
Value: d=AQABBNm5VWECELllodbBVdSSrycwAEfIVGQFEgEBAQELV2FfYQAAAAAA_eMAAA&S=AQAAAicFboFhB1BbUcK2hBchZf0
cm.mgid.com/ Name: mg_sync
Value: {"265689":1633008090,"341189":1633008090,"363887":1633008090,"371158":1633008090,"433145":1633008090,"433146":1633008090,"516418":1633008090}
.openx.net/ Name: pd
Value: v2|1633008092|gu
.3lift.com/ Name: tluid
Value: 10035097859378009242
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1634169600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F87A661E-9D9C-4E89-94F5-708E3BF110D7
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

14 Console Messages

Source Level URL
Text
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://match.prod.bidr.io/cookie-sync/unr?siteId=218003&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913(Line 10)
Message:
Refused to load the script 'https://www.googletagservices.com/activeview/js/current/osd.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cm.mgid.com/
Message:
Refused to frame 'https://secure-assets.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cm.mgid.com/
Message:
Refused to frame 'https://s.adtelligent.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062913(Line 5)
Message:
Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7be7a6e9e4d40978c46d49b3878028b5.js(Line 21)
Message:
Refused to load the script 'https://dev.visualwebsiteoptimizer.com/settings.js?a=547785&settings_type=2&vn=7.0&r=0.6835543334640282&u=https%3A%2F%2Ftekno.kompas.com%2Fread%2F2021%2F09%2F30%2F14030047%2Fmalware-penyedot-pulsa-bersembunyi-di-lebih-dari-200-aplikasi-android&exc=1|2|34|35|36' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://jsc.mgid.com/k/o/kompas.com.984609.es6.js
Message:
Refused to load the script 'https://sb.scorecardresearch.com/beacon.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop(Line 1)
Message:
Refused to load the script 'https://ads.pubmatic.com/AdServer/js/userSync.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://delivery.r2b2.io/hb/kompasGramedia/kompas.com_desktop(Line 1)
Message:
Refused to load the script 'https://js.adscale.de/userconnect.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://delivery.r2b2.io/
Message:
Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://delivery.r2b2.io/
Message:
Refused to frame 'https://ads.betweendigital.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3000451-kompas-com.cf.ivideosmart.com
73ae37e6e4e5fb7ba045ed67bd523685.safeframe.googlesyndication.com
a.ivstracker.net
a.teads.tv
accounts.google.com
ad.jixie.io
ad2.apx.appier.net
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adsimg.kompas.com
adx.adform.net
ajax.googleapis.com
ampcid.google.com
analytics-vibe.contextads.live
analytics.google.com
api-cengine.forkcdn.com
apis.kompas.com
asset.kompas.com
audience.contextads.live
bcp.crwdcntrl.net
bidder.criteo.com
boot.pbstck.com
c.mgid.com
c1.adform.net
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cdn.mgid.com
cdn.pbstck.com
cdnjs.cloudflare.com
certify.alexametrics.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
creativecdn.com
csm.fr.eu.criteo.net
csync.loopme.me
d2wy8f7a9ursnm.cloudfront.net
d31qbv1cthcecs.cloudfront.net
dac.contextads.live
delivery.contextads.live
delivery.r2b2.io
dev.visualwebsiteoptimizer.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.adscale.de
hb.jixie.io
hbopenbid.pubmatic.com
hdrbd.ivstracker.net
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
impulse.contextads.live
intake.pbstck.com
ivx-image.ivideosmart.com
ivxplayer.ivideosmart.com
js.adscale.de
jsc.mgid.com
kompascybermedia-d.openx.net
log.r2b2.io
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
mc.webvisor.org
mc.yandex.ru
openbid.pubmatic.com
p-events.ivideosmart.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-us-east.rubiconproject.com
pixel.advertising.com
player.ivideosmart.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prg8.smartadserver.com
pubs.contextads.live
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rx-stats3.unrulymedia.com
rx.targeting.unrulymedia.com
s-img.mgid.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.jixie.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.e-volution.ai
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tekno.kompas.com
tlx.3lift.com
tpc.googlesyndication.com
traid.jixie.io
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
vibecdn.contextads.live
video.unrulymedia.com
widget.kompas.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad2.apx.appier.net
ads.pubmatic.com
audience.contextads.live
bcp.crwdcntrl.net
cm.mgid.com
csm.fr.eu.criteo.net
dev.visualwebsiteoptimizer.com
dpm.demdex.net
event.clientgear.com
js.adscale.de
mab.chartbeat.com
pixel-us-east.rubiconproject.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sync.1rx.io
sync.aralego.com
sync.e-volution.ai
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.googletagservices.com
104.16.125.175
104.16.18.94
104.16.221.74
104.19.132.78
104.19.135.78
104.19.217.61
104.26.10.209
104.26.5.103
104.89.20.125
13.226.132.199
13.226.145.101
13.226.145.109
13.226.145.114
13.226.145.115
13.226.145.116
13.226.145.117
13.226.145.128
13.226.145.129
13.226.145.29
13.226.145.32
13.226.145.44
13.226.145.5
13.226.145.56
13.226.145.59
13.226.145.91
13.226.145.93
13.226.145.99
13.226.156.92
13.226.158.134
142.250.181.227
142.250.184.193
142.250.185.138
142.250.185.142
142.250.185.170
142.250.185.174
142.250.185.227
142.250.185.66
142.250.185.68
142.250.185.98
142.250.186.162
142.250.186.168
142.250.186.170
142.250.186.173
142.250.186.34
142.250.186.70
151.101.1.229
151.101.194.49
154.47.36.118
162.55.6.211
172.217.18.97
172.217.23.97
172.67.25.151
178.250.0.157
178.250.2.130
178.250.2.131
18.139.121.89
18.156.0.31
18.184.140.218
18.184.201.8
184.25.51.11
184.25.51.19
184.25.51.72
184.30.21.51
184.31.84.150
185.184.8.65
185.29.132.245
185.33.220.100
185.33.221.53
185.59.208.177
185.64.189.110
185.64.189.112
185.64.190.76
185.64.190.79
185.86.137.32
185.86.139.59
185.94.180.124
185.94.180.125
195.181.174.7
2.19.35.65
20.44.221.56
20.44.221.77
213.19.147.42
213.19.147.45
216.58.212.142
23.218.208.246
3.123.149.62
34.199.28.94
34.96.102.137
34.98.64.218
35.186.193.173
37.157.4.28
37.157.6.245
52.18.246.238
52.215.68.151
52.43.139.3
52.57.222.152
69.173.144.140
74.125.206.157
76.223.111.131
76.223.111.18
79.133.177.226
87.250.251.119
91.228.74.226
96.46.186.57
01a72bbe3ee22c968201e2ddee119be5cc862c314cc6d473869c33e11cdd3f63
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
04742c6d2251a10e3243fc3d0c136be7ed4ef2456531b89459c1f815a09dd51b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06450408f5e426091c76879269f3d1e7ca0dfcb558a7989e5f7b1c5ee8cd2745
06c8934c35e4ba9b90761ad266b549b34f6959534a72097a195cfa02e6913d65
06f4130d9d9518e5f017a1900d39634a4c29d468b45231743048e45801f1ffaf
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
08ce4b02371a6d650556140a8284b81121866c36516bebb69234179e2983e691
0c0f55b71e69eb06cd312476fc01d36d03eb837716c1772c482c44cbc14eea49
0e60c58d2f92cefbc3bdb05df9d7d044e8decbf70318969e9456b52db6990aa1
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
12e46ef65ce7e197a0ed133a7f1df17656a3ef4e38f172b47e9e9e8dba9acb95
134434a83da00293a8ac1efb39bef2f026d08c4aaf8a93fce6ca10a791fbba74
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
15e3d2e4b0b2358a0edc941ce88a7e7142591c7e2ece6a479e03f54a3ef75222
165ea76bbd7b466c664bfb5a6841f857a0bb47ba13907f07fcf4dafcf7245208
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5
19294bb2b8f1cf4f27e0d5b312d37e70903e3321810d9f68f7fd8c25a44e4d14
194f86d452cdfc2a9cd6d6bfa91dd28d0e88eb81d8405c9b9e1174d758837709
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
19e3703108f351bd53f0b9deb2b81dcef86de452481dea85719dc58b800dcdf9
1a550bffd5d373cd58ae259cb7cbc5a2755726278932f9b1a7a804d461bc889b
1c4eef698fad3e287afee66980e80c9999880d47912c3f5d56628a03e4e6ded6
1e60af8fd74b7d88b71b1a42fee0deae63eda1f00c906740057e3d4f49496a0d
1f408da17d46506563eda5506bc190d4f490186de087590d682c3ccbd876c364
1f51166899f96e582bc10b3361c7452d1b54eb4be542b1ae61dc3c57c567c20e
20e6f33cc3b17623923e9c04c0e18b781c115240a4984016eef76b4486ee56a3
228fbac4797d6a646183b985d553df9fc2a9c3806024be616a069fe340ee4376
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
23b5f2339229170825c24ca6ea57b391482c70067f248e3dc6050a0ad3ee153e
24b19b5c186deb7bd940adbf921b88cb72677cdf52f0724c6a7fc05c57167f08
28400a32c0bd7b3693dc877755c76c604612f703870ddda10db07e19fcdcff74
28a756f6f166c2b3b1167df51592cc202232958b649cb97da2903d6cc31b1db3
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2a5d6f434ca2a1ee89ea27668f9e6a18d8283ab28e4c987859815d9a2567bd9c
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2ee1ef3f729c4eff64cabac710cbbc175fab6db5838e872aea6958b3287b91c4
32f9195fac865181eeb0ea408c61a07b98641559aff48daf10ef40561f075357
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092
34c35a7c463e757c7b517a0c144da5ff0bab882f7eef4db3b79391a7e53f9884
35d73aa0a10654d0ccf34049448c438a47f1d29bd7e77383cbd7dc0a97cb193b
3791929b82ce96d8c1d8aae13f29e174377349f87fd639cd29c8ed9622a9058e
379664121649805b2f02092a65e52004d8abc33d8df9b81d61a727994d3e4f3e
37fb546f8426b457a1ad6fa0f6eef42a199837d34d79cd3c4df1162c2c19abd6
3816a47d8712f0a8faf8cecde125aaa9ba15a5f25468b98f9e2e7bcbb60dee56
397b82ed5acd88feea73e1c0c5a4ad6ca7218951fa81048d295db0a8345407d5
39d360cb0b90a7e79d4be8740039705942f292349f82ed9363a350ddf252501c
3a641f236a23c5a62a5bfe6a7dc8c739753e908df1e46349a826808466f68afb
3bdf5ca33a0f0d785c97c4ebc521b8bd192f3c533ade8359c3c2f40b78d035b6
3d2e61952526799072f16af89e0e55c8c3469bbf714a67f81c5608046b9d64c8
3df4a444d168014dec6c7196b5649498c765111741cbbe46dd5631f9f7474cde
3f3f99690d0246073c990f3e488c81126cc0d474e94e518d764cfe89b4eeb202
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414966823f863a649ba7e74ec0d2c5f1bfbb91c10432b93559740c6676055cbf
440983a736ab3843d65e3c512b7ec9cdfab27b0060af54dcaa51501d5e5ddf7d
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
47f7131982b58fb51a7638e4c6760f62bd4e56b150219fb22b53e1eba3f5ad57
48306f0f150a61653178a8e9fb516f18b28b6db34d4ba1e1f3e32ade0db77108
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ccf4de53de559c0943ba8d0a0155c0fc939efb396c495ddd32d73327883797
49479308d85c50a887c1f89b3a243d05129af3228be5e63c257e8764ca18e045
4adc9653265270d5780d70626bb304f1016dc71581ac4ccac28968a76b3a0873
4c0c2dfbd850be72ff00c5f4224808fd6e7ecefe530d3fdd72609c9fe12d58dd
4c28ab8dc667cf83d42a885b8a5adbff95e1d3ba47be93c7e99dd7ba87e92a03
4c371ffdd2f27f26b3276ef8fb9746b408bdda38adeb9f6e98201cf485bcee5b
4c803e2bae8d7a465b1ec00989ea29249bc504923c0177184bb986384ff76c78
4d199e96a59a34886f7576a166410a0a8a8d17d1dcd900d4c3be355565f36b0e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4b39ab33a232afc6f0098e8d9c679a4fbb37a966d9cf13f3e7528ad5a328dc
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4ee8587fb7b13d9c45ea14e423b776ad379558d6294f98d26be03c9872dfb0c3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500e0fda37439fc5bd962e446f5c231ab2319e4fd753415b50a1a2edcc4fa795
50aa3752769a7bb77c65de3bcae6ed2cd98178c165b64cf7b25cc5b321c14f59
5299510acf6fe0a5d526f558fa9f914a8e50e2294051787b9298f220fe687727
52c4bd8d00c6adc1bf1faaaa12be0c700afe80fc656a75e449978f7a092d6d5f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545dfe20ce2aefb945c3d90a2628ea660ae8c79e5ada838e32716baa063cae26
546299ba5db3e5230b97bc5f19132f8b16460c6f74090f1c19df1fe8f0b6e710
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57f6b0bb65baf25c69bf98cdc5c1f8382c82d7be86c96498a1d061343a68324a
58adf5ce2ab609ac7692da19eba9cfc7de26ad88b82b3bb8eced6c238a14fb40
58c766b7b54356369f11ec94ec8c8cc7bf033dcd553c80f7018977ffc2479e58
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5c28c7a228048ca4a4db876430f296594511001b6c56bca00a3b6cae49981a37
5d00ab79f3baeac4194c60c99f285de1663e4fb109472ce5c402d0d09079abe6
5d6a1b09de90d6f0c4d6f4350ad72e0a9426bfc7c812ce986e19407d43fa2602
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5f411007a91c239980468b9c78a239e8fb25935cb39aa8ee291c9af5d9916647
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
61f1358a37a758c9aaf2829606761dba3bd29f43ee3badbc24591f3eaff45e35
61fbb9b0a6dd750be54d75b8eb16f6aea217aa36df2b4e3a4b80f960a1ca368f
624911ca2663b32fcab22e22984915ff491715a760bd6c21cd3da831cb29c947
64e277a8a009d28ecfa2f584646e8eea8efac99bd5dc4c9fc2eb9b07179dcf46
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
666d268909c7126eceba7f6bb6a9b79cca2cd14f179d7b33ef0b6532880e2d07
66aa8c82a7b17fb6233973de31e7a77fe329a051ac8a5d1e4dde86078b1e9b1f
689ef583803c0223d89b0658bfa9b882739bbb3d557167d36934618006cf357e
6a34bdcd84cfd14960f5cbc1caaaaeb8f2b0a18ac8c94071844e82b71366d50d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6bf4d859b0e1621af7f0b1decc130929f28076ddf6620482930b2fbc7adbc2bc
6c1be76425a049d127113d2963e7b5fde51239701153110a2c369d7222f78ea1
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
6e63ba5665cd0dee1efa420a8e38e465ff6920463bfd3f409c1721ec392ad54d
6ef8a3b3e5c0cfd3627c0775919eff6d31ad22ee5e441b086be1820859c80c15
703d76f4a8df00a9cc8c0600ddd180c4ad3b6f431add5a021fcc86f6bc89a3c9
704d1bedfca2efa710f4fe03c778def86badaf92655095aaec16a7b17146b2bc
71ed458dad8608fd5959ca474639c1930b11b237fdd8ad752302b39e3aa997ab
72df26d9f5c08858a427d925fb9b37ba2af7d908c2ad5f6751971799d85f0b2f
73700447180edc12313306766f0817a8667bd9ceb232db402624ac70268b8b88
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74a36b5e7aa86dea54216c82390d18b821bc597647db38a459c4c1657d4b2bd2
75430415da3c26478fa49bc40052d97f4c03c54a0cfdfb010dd0ec9f4579c0eb
785854753accf3d321e11a8395c821aee6d91bfddde98ce072d9e4ef25831508
797ed5ad90202e8a44dbf1ce3bef816614a91cec8b7bfce76688caa7f23d347a
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b008d2a29e43c9cc4d5ae37f93af7833a1d553eefbbbbd96a03d750ea39804c
7e3dca5b0a664e47e47eaf1ca740768b82926d0c98370b43a09349f4bc443641
7fcb57eb9682bc01ed2a77c8bffe1a5f1c5ab42a20993c4b2e9b729755e3b628
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
80e112f302dc9e0e4167ec6030a7be016734cbddf0fbcb5bad8476b5290ec39f
8281031bec3e76d8a6208e82b6e31094c8d5939e6b45c1fc7b12284ea3f13e1e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e1750278f5e5cd715f10959d1d258e54a63703a132818a88a5b133bfd89207
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
855ccfc1793e8397727371ff1953c90b521613c02fa0cf3ec8dfd15ab83ba0d0
864670b09de1de340504ff6d40c9db9636e9deb98128172af8e9da9ac724ba27
8832e0dbd9e410aa12af516280c7795486646dc01e4269debb767da8d7859079
88edc1e10ddd7fc9baf2a95fb59c505c092b11d8b4a80d60a1da48d2d4ab44df
88f114ca15de000e9e28113c7c5010726ffff8c986a94eacd16a8370457a0baf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b360b9cca4ce95cb96706033fbb93159621a60c6c9525a001bd1dc3c00c4f08
8b46d44842cf517032986a3dcc7a9dc9154d7b1fb9affdb9760ed99426409bbd
8c7a5e1fd7332d8f6d6773f401fc841d8239c8292e4b053a5d2ab226c7e81032
8ca5891200e69e691b2853636807f87fc254da6c8badc2f954a71c9b13cf2edc
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
8d4e8209ec5a6385ddb72174854d14868986cea73a1d1ea928f28ed65d347fbb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd6c67a0ee6d841aaeb3cdff99652b03fe11f3f479f3eccb05e508f6bcbef20
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8ffaf08f8131e2697b95e64b5d46212a5017a2ae4c4544075ce91e17c9a69e31
931669dc7534e07781413ea097567d10023d9944e355464a6059a62fb6828456
935878f57587be49f9e316c6b60588818dd45b507a5882b5195c38cc52c0a5f5
93e06b09c44f909df88efa9d728f6ee379d938105cb33f32e0de145eb3b2772a
94982612e5f7d14427a02ea8167ab078f05250eb91307c1943d4aa835bdc33db
958418d2756ad4c809f51c9b9fcd99986aa469b536425652138f2effb4c35864
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9905188bb812ee680862ea522df87d10e8d5481245e81f2bd63aa089fa23b76a
9a2b303ba37286cf5782c3dbcf6e2d9a45ceb0b2d6e6459c7430a2cb6e584bcc
9a7c0597f9deac9d1fb1fef594d0284dbcfe60462c7af1c4316a12bc96801faa
9ac442b673ba2d232f592393f82260ece7d59a4105aab8894586cfedbdb340ce
9b596b187f8af54eed1582c0e0c5ced06e819da2b5bf54679581391a7997e5e3
9bfa2b8cc24aa8a21d4a41f7fa53cd15b2e355d4146407217796c48910aaee33
9c84edcd5fc12b6afb5cf52f31d29890da0b581e0364a8ea00a024936540b07f
9d4a81122630c44e41e6b301c3811ce12a2661cc7f36071191486cbca3243c79
a07991e85e7815bf5ffc703781daede8f6748335031e3ce419799942b38001f1
a09223cb6f35377760ce5de434c5287a88863d4c6091ae659d804cd30358afc9
a0a79d3dca32e662c8693d4d80c5020af41534f564892c3dadf51dde66a1c250
a1a0e3a1a0516b12eddf6df9d12eb59f355ed9003e2516fc8b15747f565ba90a
a2f12c7309bda86a0e6e42f3870b1390ab5d16b33800cc3b808acb674e097f62
a49f1c04f45d6e64cbf54965442768c205f691d29a46cc51d87c18eada62a65b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51201223a80736c5a8d9304fdcf62cc768ce3b723e973071a428b7b6598abf5
a638a078f3263e00530705bdad7e8fc2ec4d3d13605728be9299a52684d64a56
a68fef4ce7cd0b5e860e4cd6fac6468cc45feab3d42049542222923fa0a38775
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a97a0e5352459ab9530c7d57b738de46346850dfa8cd5d39624d9e205157fb49
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae336abd5e6ee1d571aaea262b90f26d91e96e32ecb026127b283c48e5c4907
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
ad66ca1ed99f81751a462a58408ec0d41c9dd4ad75e76ab3c475b330af4dada4
adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474
b090c352b4698d65d2d9fcd3c4b41e5f50d017e4caa48f2eef492c6a61adffb7
b09a1f303a8817ecc0d70ebed2e5324cdc71dd75dd7b452e08984b2dfb202440
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b189ce66ada47b6df194270dd8b886666b513bb70480d002eb6ccb6fb8c8e0f8
b2e25e0c2ab76b264d1f00953c098844b53595a83be6f9ef30cb2b9e27741f0c
b4a0b095a84e1405fd830aff4a6fc1c7e9f8634ae68f3660adc0304c8c5b3a32
b5f254bce70e103010742bc88d8176a7e19831978ed8887c8f48a4bd824cf0a6
b7b9c9f6191d6920f404155523db0be49dfc0fbba65f709fe8c754f48472e259
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50
bc70d460d45c3128c24a03275200f141247c999c76706b0f918bb5d6017d06a8
bd9eb05d7887bcad7789c61cdbdc9e994aa6c5ecf44eca5c69bfd048b0ea0f55
bde727653fd1cd73e3a4a3ffdc9c9cda85d50782ce9bb3dcac85e56516438eeb
bf3b24767fc257674429212a2270b44f3345e9b9006807c19b146487aa596ae5
bfd8bec1c0307dee8fb9d208adab683229d71d48cf9c546dae1a312ffde440af
c1c798aa2fae7dc4bc44cdd9edd966e3bf19dbe051c7a3efbba92c63e2167761
c31867946bb800299b9ac99549ddbf91ef0541f0da11df818bb631b60d13fb28
c4961f6bf7ac520c9061a0e85c6472312fbd0e7b968fe8fa994ccbc66d489bec
c4bb501e8d33eb452124a516e88f2d111ef8bd8fcc93cec49186c6a041e1b088
c560fc31525b02ad3ea6e1c0bd913e998225811cdea1621a5cdda5dab939791d
c826fd7425c5fd195e95bbf99c1d13f6cb2467af4bc130e3d233348e2d348004
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c9cdc6408bb334bc6a9ce525cbd281a67f2d38ed80b2417a93174a634e9364e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc8677fc071a55c236b392ed4d3b52b9cd019c2f2bf7ce27e74538fe408dad9b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8396f4d4279ff24f30dbcede2da560d45d6b64e252fc47d540b2b861d73217
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d23c8f350cb17509c1ef767faba637a7771d07e2b7c60b5e32a7dc17fce632a7
d3bacce8e3f41a00656a198846c087ebb059dc6934e55aef2d8594837c7af417
d487344162f33038d01f2115c1e3662fd4b34f07702063bf3432777dba92bb75
d49e7aa4b071a77e7b00f7f7d6a6eb57ca27f03d51b1b5e8c27d20ffaabd3313
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d5d0d8c07a70637d67170786bac8c3944324a9fdbfeca47489cb6a936c056dce
d8cf1c488d62287d6350eaaa58ae805541cd1c1fc49caaa15550e6916af2375d
d8e7f1df3636e402228b29909da13066ad392a3a9bc7c2b6b8b21328a402bfac
d94ed744ff96802ef1b8a72e54340bc1b9e6c93ad533ee41b296dbc1a2365ccb
db75ecbc81d2ee4c8f8f3455f5926c2fe0215506e4e982b006357b80ef4cfe7c
db92b37dab520e44e2ab6198a53f0f79d602023f093da716780227ccc1f868dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5a327cacc6d55aaf0fbd27f6c312e0dfeac90d75c625ef085d0b7cf076886c
dd7750aa50f4c6d1c433e21b4382c3a11d47a89929e297517a96575f3bf7e6a8
dd97f3fc703caa858d406d13397b8ef9f319e5c5383d75dd9c47180e244bce09
dfd3f2df49d146d9503ac579a2912e2dda56ffb82871e2234d4286228780f619
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e0a727f036891552103c4954208bf66a93474445dce779e65c251399ebe2cf9f
e0f8924bf913c5fb02d60cea21d6be6b17117c1ccd770ea2b9736665148fb931
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e33cdf5dc33fbd4a80842c8f8e6b4063cb27b96aee599eab1e6af877145c439f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e94d37f48fe6b0d678ade94a23e3238a2c775a7450d64b5b59c2828c24cf668d
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ebe46d4727d4074fe9150b7265e2937f71af51883280583c25ea52a883500916
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3
ed02212bdc9d93554d8645301fb1b7123480302e0492e770bb43c8e13e7b75b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052cbb397516de43af89c47844c8574b395f9b9f1dc256e64874470c7f2c4d8
f0b980f564b41cb30ee3aed22d0c338915cf70b53c52254421be6729d7dde0a1
f175f4f29a964595e5693a52ae02cbdf42928a66c35aa2418ca35fdaac90e7a4
f2147c044463e12d3de85d65c1ac2f1657758efd31f2cec50f160e1d4e635e7c
f2446608ca2ed548412f271011fdbd5211d2185d36c9cbda317b0ef910ed8130
f3f9986325d6f63324390d51037493f351009cc796843154f9b635b9c13e0582
f5b456c1b901c3cf83c6d0157973030ad5eab5da9b4205b580af723c75206034
f723f3954ab9f51a8415544bf47c2e6b90469df0f8eda6b9eff474524b23306a
f87b7349419f5a67e47e4039acd09f477a4836da92e9b0ab2c640a2e9b6cf688
fa34e51319d8fdae91799d4c03b5dc9ca32fd331ee9f53090f12f6da0aceeda3
fc088898b2419e4b96139b7a78c31a644e18e7c3ec4d3d0f069673f0bd5aa8a8
fd0a0f7f3fb429f9c99a2566590e18ab599b6af4e14c1ed20c926d21d989db84
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffd6323ee142840bba7354a6b6ae5979a9b0d8a5aae2224b8be4844bfcd57de3