mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:16d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.bicolink.net/ahS7K
Effective URL:
https://mbantul.my.id/
Submission: On July 08 via manual (July 8th 2023, 1:05:44 pm UTC) — Scanned from DE

Summary HTTP 159 Redirects Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 31 domains to perform 159 HTTP transactions. The main IP is 2606:4700:20::681a:16d, located in United States and belongs to CLOUDFLARENET, US. The main domain is mbantul.my.id. The Cisco Umbrella rank of the primary domain is 717466.
TLS certificate: Issued by GTS CA 1P5 on July 5th 2023. Valid for: 3 months.

This is the only time mbantul.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:21b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:4780:3:c... 2a02:4780:3:c141::17	47583 (AS-HOSTINGER) (AS-HOSTINGER)
30	2606:4700:20:... 2606:4700:20::681a:16d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	18.66.97.3 18.66.97.3	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2406:da12:fbe... 2406:da12:fbe:4200:8604:c7bd:e790:fec2	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:8600:a:e047:753:be1	() ()
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.52.46.51 52.52.46.51	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3 9	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	107.6.90.94 107.6.90.94	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	35.161.135.248 35.161.135.248	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	104.36.113.112 104.36.113.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
12	192.229.163.26 192.229.163.26	15133 (EDGECAST) (EDGECAST)
2	72.251.234.22 72.251.234.22	() ()
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
159	40

1 2606:4700:20::681a:21b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.bicolink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:3:c141::17 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

link.deimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::681a:16d (United States)

ASN13335 (CLOUDFLARENET, US)

mbantul.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-3.fra56.r.cloudfront.net

compass.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:da12:fbe:4200:8604:c7bd:e790:fec2 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

data.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8600:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.46.51 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-46-51.us-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.6.90.94 (Santa Clara, United States)

ASN32475 (SINGLEHOP-LLC, US)

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.161.135.248 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-135-248.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.112 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.163.26 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.234.22 (None, )

ASN- ()

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com	174 KB
30	mbantul.my.id mbantul.my.id — Cisco Umbrella Rank: 717466	1014 KB
19	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 ad.doubleclick.net — Cisco Umbrella Rank: 184	323 KB
16	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6778 cdn.revjet.com — Cisco Umbrella Rank: 7024 pix.revjet.com	1 MB
13	gstatic.com fonts.gstatic.com www.gstatic.com	718 KB
9	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	33 KB
8	adop.cc compass.adop.cc — Cisco Umbrella Rank: 59688 data.adop.cc — Cisco Umbrella Rank: 64884	11 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	3 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	25 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388	670 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 812	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	82 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 922	45 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	173 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 981	717 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	542 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	deimoney.com 1 redirects link.deimoney.com — Cisco Umbrella Rank: 837136	481 B
1	bicolink.net 1 redirects link.bicolink.net — Cisco Umbrella Rank: 817490	430 B
159	31

	Domain	Requested by
30	mbantul.my.id	mbantul.my.id
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com mbantul.my.id 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	tpc.googlesyndication.com	mbantul.my.id cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	cdn.revjet.com	ads.revjet.com srcdoc
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	www.google.com	mbantul.my.id www.gstatic.com www.google.com tpc.googlesyndication.com 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	compass.adop.cc securepubads.g.doubleclick.net mbantul.my.id www.googletagservices.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	compass.adop.cc	mbantul.my.id compass.adop.cc
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdn.jsdelivr.net	compass.adop.cc securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	data.adop.cc	mbantul.my.id
2	ad.doubleclick.net	1 redirects srcdoc
2	pix.revjet.com	srcdoc
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
2	ads.revjet.com	7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com ads.revjet.com
2	googleads.g.doubleclick.net	7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	compass.adop.cc 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects mbantul.my.id
2	adservice.google.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	mbantul.my.id securepubads.g.doubleclick.net
1	ssbsync.smartadserver.com	7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
1	tr.blismedia.com	7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
1	match.adsrvr.org	7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	mbantul.my.id
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	link.deimoney.com	1 redirects
1	link.bicolink.net	1 redirects
159	46

This site contains no links.

Subject Issuer	Validity	Valid
mbantul.my.id GTS CA 1P5	`2023-07-05` - `2023-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
adop.cc Amazon RSA 2048 M01	`2023-02-28` - `2023-10-29`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://mbantul.my.id/
Frame ID: D6C75598836053594BFCB6A47041B62A
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=580hw5y3rckl
Frame ID: F46AC79C09BDE9F4DCA94235FBFF348D
Requests: 8 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: E45CC1A42AF9BEA15C2D734893954BC4
Requests: 4 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: 152D03BF1175928F3FFB06E06CAAD5A1
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f
Frame ID: 9CEDC398A266EF468AEF72C0E2DA607F
Requests: 3 HTTP requests in this frame

Frame: https://f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 92DF0DA1A1B5A52C4C237B11383431C8
Requests: 1 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/c71ba3ac-9bc0-4f9f-8ee6-57273080b78c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c71ba3ac-9bc0-4f9f-8ee6-57273080b78c&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: 877874845B82DA884F8D49542A826D28
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Frame ID: 6EB003936E50B9099E7DDE89C901A436
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CC7BB6BBBCE217D742D330DAABF47FAF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 887822EF98947D686494CBE01C99A42F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72958048C80327B2782165EDDB16F3F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27C31AEF7C4FFF81B9DAAFD8D28DD1D0
Requests: 2 HTTP requests in this frame

Frame: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: B4C3F55F475088C4B757B9D1D895F4A0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F5DE59777002D743FC13BD250AF0515
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 046954C2CF6EBC502DB2889571E4237A
Requests: 2 HTTP requests in this frame

Frame: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 3089A35191FC0858050233DD2A2D288E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNTB3d4BMAE&v=APEucNUkLvUHu7LZE1bpS1fGOHvVSsuC_D85OGvAUPQ-omMcK_7pEI1Zx2CSZnznSrMWKVYlRGy4Y5LByGiO7i220ZQS9r-ZePXk3W-DtUl5tyoK-rczcco5AwwV_4jelJNRVtqpE45I5rwHCL6RkqFGY8qmTCXaXONU0BubnLm-aAdhUlcnaKM
Frame ID: BB652E94A61C56A2A9734A6453935BD3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE0D9751EF109E38115A5CA7FD0089A2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7F78AEE8F772DF53C0F19B27D2C5E43
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
Frame ID: D819B3CBBF84A2442007B51E11AC2168
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 62878B2D905E10628388067D38108716
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mbantul – Travel Wanted

Page URL History Show full URLs

https://link.bicolink.net/ahS7K HTTP 301
https://link.deimoney.com/ahS7K HTTP 302
https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA... Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

159
Requests

93 %
HTTPS

47 %
IPv6

31
Domains

46
Subdomains

40
IPs

7
Countries

3667 kB
Transfer

6844 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.bicolink.net/ahS7K HTTP 301
https://link.deimoney.com/ahS7K HTTP 302
https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0= Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.bicolink.net/ahS7K HTTP 301
https://link.deimoney.com/ahS7K HTTP 302
https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=

Request Chain 67

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

Request Chain 74

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_Fed1HxwMkNaVFBVcHdqZkZIU3NxYU9mYTc3d3U1aG9PZjllTC9LR2tFWjBDUFl3YXJ6R3FXMlZ1Y0FiTy85RDJvWDF1eXIwSHpzMC84a2o3TVlLNUU2TGdGRjlFczVRQjg1aWNrNlBxeFVqM1lHS2djdTJQOGdHbU9tdk5uVGxjTGZhZXNzT0xFVjRabjFobXM1WE9SUWZleGdOaVRhaGhwMXIrb3VVTnN5Z0p5UnRnd2R3SG9PcGJSaFdRaGUvSHJFay9hSEx0YmVlcUF3OFhEcFdXUnpadURSYlF1cWg3OXBOVTArWTJXSlJDTVlHTDlPR3Z2c01qbnJ1U0lEbjBZMFduMlRDODg0WFBKUC8yTkkwSm9ldmIzUT09fA&cppv=2

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKlfJbk-iLKH2F5nVLb4RgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBKkj0Hj35RP9cr-_A3W-zw&google_cver=1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEwNDE5ODYwNTAyNjEwMTY0

Request Chain 134

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cver=1&google_push=AaAOQGE0q26Ueetf6uu9uTXystANw6t9loMv8W07Qi1kmNRZe18s6OdiwH-o3LS4pmhwk0rp9tbOwQlKX4gTf3n4bNNDeCOqxg8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cver=1&google_push=AaAOQGE0q26Ueetf6uu9uTXystANw6t9loMv8W07Qi1kmNRZe18s6OdiwH-o3LS4pmhwk0rp9tbOwQlKX4gTf3n4bNNDeCOqxg8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekQxSFVucmgxUWk3RDc1&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cver=1&google_push=AaAOQGE0q26Ueetf6uu9uTXystANw6t9loMv8W07Qi1kmNRZe18s6OdiwH-o3LS4pmhwk0rp9tbOwQlKX4gTf3n4bNNDeCOqxg8

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIh2fFnxUiNbB5aUOOeU4Jg&google_cver=1&google_push=AaAOQGGg3xkHm_02ASwf4AGQwvOP9-PshV4OZFG-zCfoWx_kgFuGU6PyPPFD5HIyb62Rg-Vlc1-1BW7_-jixaDfM4MW6OQeFn4o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIh2fFnxUiNbB5aUOOeU4Jg&google_push=AaAOQGGg3xkHm_02ASwf4AGQwvOP9-PshV4OZFG-zCfoWx_kgFuGU6PyPPFD5HIyb62Rg-Vlc1-1BW7_-jixaDfM4MW6OQeFn4o

Request Chain 136

https://um.simpli.fi/gp_match?google_gid=CAESEAJJ2K9wOwr_SwkwK9Q1qDo&google_cver=1&google_push=AaAOQGH4iugrF9-Ihjvi0w8bMUYn6rjdiDlEY7wZrWD7O1YkINKJxYky79nDHS89atG8XxtKEbJiZE1Nb_0kqOkE3tZAhgRpPEU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C36945FD60ED4BCC85DF5D4CC76E34CC&google_push=AaAOQGH4iugrF9-Ihjvi0w8bMUYn6rjdiDlEY7wZrWD7O1YkINKJxYky79nDHS89atG8XxtKEbJiZE1Nb_0kqOkE3tZAhgRpPEU

Request Chain 139

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM8IxHpXcjL_LAogc74IiRs&google_cver=1&google_push=AaAOQGFF0HYwVJKLS_XT-sIqpX--V-qBTTtKpJFL3qxwd_nITPPlxXuKFb6aPfn6UbBwdLQJXlsGW7GmvXPzpyiHVkpH_rvJen0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM8IxHpXcjL_LAogc74IiRs&google_cver=1&google_push=AaAOQGFF0HYwVJKLS_XT-sIqpX--V-qBTTtKpJFL3qxwd_nITPPlxXuKFb6aPfn6UbBwdLQJXlsGW7GmvXPzpyiHVkpH_rvJen0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=X8-6HZ6SQBq7djVNSswteg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFF0HYwVJKLS_XT-sIqpX--V-qBTTtKpJFL3qxwd_nITPPlxXuKFb6aPfn6UbBwdLQJXlsGW7GmvXPzpyiHVkpH_rvJen0

Request Chain 156

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505515;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688821542436 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505515;dc_pre=CMX3lMGW__8CFabtuwgdjfYOTA;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688821542436

159 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
mbantul.my.id/
Redirect Chain

https://link.bicolink.net/ahS7K
https://link.deimoney.com/ahS7K
https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=

551 B
829 B

600ms
561ms

Document
text/html

2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7e388a31184218d3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 13:05:38 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ms4ExTUDRwt1zKLZ%2Birwlv6%2Bhh%2BvSRBYxRKnZ4aB8dXPWuasGc9vWar43dgAPWC4jgBw9X8NY3tJ7zdis7jPi%2B%2FjzqCCoAu9PAeDIV0Ym7zApxypTVdvIqcuHYGbAhbUyoZUNe967awe8MA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 13:05:37 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

POST
H2 200 /
mbantul.my.id/ 1 KB
1 KB 222ms
222ms Document
text/html 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7e388a34cceb18d3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 13:05:38 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVUVJc%2BvxlJoEji80i31QAYbjhY1bf6IJbY%2FmByWAemNLrFOu2uWLtcwQ517iXB736HETUeDyxYTWPpPqOdnS22x3xvDe4EcQ0tDO06DqaP%2FAP5sYAyJf8vzH69JTYrTh8zJUSIqtm0WGJ0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

POST
H2 200 Primary Request / Show response
mbantul.my.id/ 135 KB
39 KB 382ms
381ms Document
text/html 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ef95be91d86f9966514318f916f538a6a1673c935957d1c6d15615771fba2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7e388a364ebb18d3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 13:05:38 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIfLcUkDEfFtIPN8GmRSsqDNhMx71849kj1KW0p4tQM8JzHKFqsAHSKF3caWNKsTBmZzh5QpSdqqy%2BtMBK0YEb3rlpAfXsL4VJW7sYosKBKwOdU4226xVf41ZkwQFZXVZzJdqTBZfuC8u7Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
mbantul.my.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581652
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 22:52:38 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73yOUR9gAyb4JSl%2FtImLaID46mNYG4d0ErZeGcEyqCAhRSOY7Zbf2s9eSOTmTKB1QXzxCiaspFobyiztH5yNAGiDtoG5BWFrHVcZjezCLlWOQaT1VySzfBgCKIs3GkENj0%2B1rGzjCMM5NU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a393aa218d3-FRA
expires: Sat, 08 Jul 2023 19:31:26 GMT

GET
H2 200 classic-themes.min.css
mbantul.my.id/wp-includes/css/ 291 B
560 B 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585645
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Feb 2023 19:20:20 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gs5BfU30y6e%2BBD%2FgBM2GDc8hUjdrHdf79Wo6QMsjyT1WEuR5OFMhcq4X3L34u2ejM7l117FYBDVhZnnJuONH0ZkVJHPc2wdD4Z7D9SLBzlIXgF3yfRHnSmRrG3s8UWQSoXSdMURxi0Pxvbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a393aa418d3-FRA
expires: Sat, 08 Jul 2023 18:24:53 GMT

GET
H2 200 style.css
mbantul.my.id/wp-content/themes/gridmax/ 88 KB
14 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/style.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103265
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rd%2BDdfG0A3QYNbAYBZVUN7YR1wCrAvb374OJpve9lW8DXX%2BmUoN%2BBJC0yIR%2FgWa11pL3c3LmMx8b7Nx4XHmHf0tzTmBp6dqpihazc7mNxcXVh6T3qtcOdG7AHl3dvEsJD6aV7Vbcs2AEB9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a393aa518d3-FRA
expires: Fri, 14 Jul 2023 08:24:33 GMT

GET
H2 200 all.min.css
mbantul.my.id/wp-content/themes/gridmax/assets/css/ 56 KB
13 KB 23ms
21ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbSEDe2eYK7Kyw2sJ7UQoarLas8v20zD4lf5Nd%2BVtBhjQ6a00ZxK9OtVTSrwr9FuSQyL7xHory7DDzI4YmWBBAu6FXyhcHClGGfBE0rvgxxea2FHR74RzcQ3AVyYgA%2FJVF71XWVbEsmmBpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a393aa618d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 13:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 13:05:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 13:05:38 GMT

GET
H2 200 jquery.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 88 KB
32 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277620
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Mar 2023 17:07:34 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWCM0TxgFs6D4KXK8mhNluy%2BFo9bg5egrgzLTLOUT%2FOEj3eo8VkEm0v7K7GVdsw4phg0QrzJGJD4Fjv5X%2FHILGCFSAL%2FbtgBs857LIO3MudnV78dqnGJ8gLfT9B%2FVno84aepWSuV6CKDBBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a393aa718d3-FRA
expires: Wed, 12 Jul 2023 07:58:38 GMT

GET
H2 200 jquery-migrate.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 13 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 19:29:16 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vi6tLKYkt9uXAXq1P20ZtE6aMTi2uyzjnBUHYxQqZWid8kpMmUJTmPThA3OHWDbCrmzqZu3QOCL9VHaoH71KT8ED018OUoxR2y4TbZTcXgzNhVNFIdIqhRZ2cF4r89yDbXQce7VMn7CebPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a393aa918d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 cropped-mbantul.png
mbantul.my.id/wp-content/uploads/2023/05/ 2 KB
3 KB 20ms
19ms Image
image/png 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/cropped-mbantul.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-length: 2489
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:36:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2Sfv6q3zPJnMBewSSijWklbkeK5Jz3gBicccV3kKXCYb%2F2PHtlueiPRtLSld4qGNrvrXj7vbr3t8A45KHqz7RAYw5Bo6dGlS%2F9JpjU%2FFC%2FpCpwv%2B32O9hkAgoPoB06bhDRQmkfKUNnX%2FgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a399b0a18d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ 3 KB
2 KB 60ms
9ms Script
application/javascript 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 34
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: 54jqu3ERLmqrCqO3HkaIAKuOC_wdrWVhwSNHjDds1SOkJTb_VfvCBA==
expires: Sat, 08 Jul 2023 13:15:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 42ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Sat, 08 Jul 2023 13:05:38 GMT

GET
H2 200 output-onlinepngtools-5-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 9 KB
10 KB 17ms
16ms Image
image/png 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-5-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312698
x-powered-by: Niagahoster
content-length: 9505
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:00 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clMSoCJnUSeKy1gqXLnW6EbXi3QqeS1jiKIB21Y35hk9ZMUvzlxvo3v0ZDnrZe3wnRiAhmAHhzOnwEQacatb1lhn1r7GV6kznpQ%2B%2FfQQJtGuZZvL7k5LKUVjkOBJ2LoguzwD%2FI4DU1EKrsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a399b0c18d3-FRA
expires: Tue, 11 Jul 2023 22:14:00 GMT

GET
H2 200 htmlF_IMG_640d1a95251aa-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 73 KB
73 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d1a95251aa-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 319567
x-powered-by: Niagahoster
content-length: 74563
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:47 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRpl29y1azSV%2FYI0ltrXTh9K31F3X7YJr4LEPhSD1VyA0lM224dKN%2BSnyQ4jvF52tjLDywA%2BRfi5DBu4mXVs8rPWhojmgiiPrMmJllIlFMggQ1G46EmVl9vdCjFNqgfLRBvTI%2FBFnPAKlJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a399b0e18d3-FRA
expires: Tue, 11 Jul 2023 20:19:31 GMT

GET
H2 200 ezgif.com-gif-maker-4.gif
mbantul.my.id/wp-content/uploads/2023/05/ 14 KB
14 KB 20ms
19ms Image
image/gif 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/ezgif.com-gif-maker-4.gif

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-length: 14474
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXeOeSlsuwfQs9bqKp7caHAjD59HTe6PmpZLlanrZ6bZuortvkV5p5zEtk04NvjFeaJU3ij%2BBOsLzgmLsPJRlU4PPqn2XAZpXX9Gij%2Fgjdu1n6js1GMPtvvGLsL3ojO8Tg53OvA8ooDRSzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a399b1018d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 output-onlinepngtools-9-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 10 KB
10 KB 22ms
21ms Image
image/png 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-9-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-length: 9923
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:27 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJjuRchKGL%2FWYFoz50FpI6vD3nJajiZ34v8lhELXGk7UvgwlXKHuNzC7THZJyvjb7MIIN3%2FgyshQoUre0Y1Avocjkyi4MHfNurCufDaLAydBVJv4bpf7wNSk9iRD7DNvF6%2FWBF30MJzNC0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a399b1218d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 jquery.fitvids.min.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 2 KB
996 B 16ms
16ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spaKdE3WQF0KxcjaQFlj6MaZVHZcYb%2Bbq0OWPzBa8jNu9CMUQ4%2FGugu5AxHhYuu7CDqJobWW1edrkbpjBIRZOWTebPdI6bpltWqYhIAanxK0ft51eV%2FQLFnDudk5nqgo8dm4G4bfj2JGVOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a398aec18d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 navigation.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 9 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/navigation.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VKE02dBoYVDdEAn1HQxtWF4mPtHEW7hK2Vmb7LmWuoa2ZVOfoDR6clX0xG1z0m%2FU%2FwzwAcrdFY3GaauBp%2BDzQE8fC96CSk5fYbrrJeEWDpDGrNtznuqFtRYXJekDPoRyvWbqWGW47y8%2FEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a399b0518d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 skip-link-focus-fix.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 834 B
666 B 23ms
22ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2OVYGbBzdan6FCxVKJZYnG%2FTNRLOzMvcSZrJHZ45AV0Z1H4fyS5Rm7ANug%2BuY%2FbjJjWXagypOFUvQuVzeaIribtm3TC%2Bv6Ea1ox8zKp1%2Fz8SwA1eyD9D4KgOwih2s6JcKX%2FRqua5VSFlL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a399b0718d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 custom.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 6 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/custom.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq7MZ0hjVwyiBaJyiolgjDO6lu2uso6UncWFKvfpgIzlAdEvrp2a7dVk%2F9R2fPdeB%2Bsk%2BYy%2BAZSSWB5IK2R28XJuBSaXvYiituZd96BFvncwjdm8zvoL8bcMSYdCcLBNJOhOzCg%2Fk9LjXN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a399b0818d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 html5shiv.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 10 KB
3 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/html5shiv.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519382
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqU%2FSfutxqg025XTLJNEynok6CoSQdHfJdfWMw1PeU2vv2i%2FxHg%2FEiRyXwShrA980ExVNhzdz5SBXR74po07GvsH4c3ll0cIBC1ArJ0g4d16bdASjDZCVIa30GQRqOGIR1Jp%2Bv9eJtNWIrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a399b0918d3-FRA
expires: Sun, 09 Jul 2023 12:49:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mbantul.my.id/wp-includes/js/ 18 KB
5 KB 23ms
23ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 564876
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 23:23:26 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B8%2FVCY1d%2FrkhYgBAOW1D7B%2FOXrqkmYSMWT4v7jgNE1tjjPoYsp9AZpW8%2Bgfcets%2BV57tNyHqZSZdXcHsfFWo0RpLr9DAf4EvsXfhEVSbB6h3Q0ESVWmX9waM2%2Fy3Rz9PasLdFLY1vck9Zg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e388a399b1418d3-FRA
expires: Sun, 09 Jul 2023 00:11:02 GMT

GET
H2 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
21 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 20:11:31 GMT
x-content-type-options: nosniff
age: 579247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 20:11:31 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 47ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:20:43 GMT
x-content-type-options: nosniff
age: 589495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:20:43 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2
fonts.gstatic.com/s/dmseriftext/v12/ 24 KB
24 KB 42ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v12/rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:57:39 GMT
x-content-type-options: nosniff
age: 36479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24520
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 02:57:39 GMT

GET
H2 200 fa-solid-900.woff2
mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/ 74 KB
74 KB 16ms
15ms Font
font/woff2 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509925
x-powered-by: Niagahoster
content-length: 75728
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmFi844KkJe82SeRLTerlwi43CmnbcJPGtNbmqU6X3hDG0WMnJpiEri%2B1G40l4ziqxXlh369XZrZEVgP4cQOi4hsHNbbl1pD%2FBQ8US4WCoLKIl1%2FJmUu0P738fZwrtFFlrJk2T3C0NKz0PE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39eb8f18d3-FRA
expires: Sun, 09 Jul 2023 15:26:53 GMT

GET
H2 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 13:32:30 GMT
x-content-type-options: nosniff
age: 84788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21560
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 13:32:30 GMT

GET
H2 200 htmlF_IMG_640d18f0dbf9e-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 84 KB
85 KB 14ms
14ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d18f0dbf9e-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288707
x-powered-by: Niagahoster
content-length: 86224
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K5GzFarvdyiRcPHmN1iV%2BAo%2FWWsMnCfUvHw%2FVGpTzvhAdlPCT33%2BSqnRIhtI7Gt7%2BiH18H%2FxQpo4NwAputM%2FysMNdeeoLSSdCVsY%2B8ZPjqaYFNdXvOCDQ%2Bb5qqfX8ow5hRYaJkBY15Jz4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fb9d18d3-FRA
expires: Wed, 12 Jul 2023 04:53:51 GMT

GET
H2 200 htmlF_IMG_63b5aeca0fad0-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/01/ 107 KB
108 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/01/htmlF_IMG_63b5aeca0fad0-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321637
x-powered-by: Niagahoster
content-length: 109683
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIF9BIUQeHPb6HJspDKFjBJMhxiwla36id8Ykp88rG5QE5sCds7PwUoH5LlILY6Th4GRpaJ1r8xAvIwrExlpbN9EWNkmKnENzNSMYRALu6a7mcz1tXzFbslmyvswrjZMC9OQN91%2Bvv2VbYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba018d3-FRA
expires: Tue, 11 Jul 2023 19:45:01 GMT

GET
H2 200 htmlF_IMG_63a88155f0de6-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/12/ 87 KB
87 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/12/htmlF_IMG_63a88155f0de6-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98936
x-powered-by: Niagahoster
content-length: 88613
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o3jRYme%2Bj5CwmzZFrWd64yLddqCeODK%2BEoadkdkdhy9pz4W9MOtZZS1PQ93EjtkU3eBC0N0DbukakfIQ0aNTVCRUDKsKsFb3R%2BkHIPEu3WXDBxWXmv%2Fui20BV8K0L93LJH4uAC8Uw%2FlUO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba218d3-FRA
expires: Fri, 14 Jul 2023 09:36:42 GMT

GET
H2 200 htmlF_IMG_637a5df9ba5dc-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637a5df9ba5dc-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321637
x-powered-by: Niagahoster
content-length: 83210
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsjShAIUNz7AuBG5sJBrg6UEm7sS6VW05xqwLOXtNQ8LaGG5km%2FLLg5yCQIVXH7ccFzGmGEf1243A1c2KS1tGPGGsfLUMKCxVDY5FmtJXxcxLFQI8PMapctt7r%2Bxcguk9cyrstZstRPYhnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba418d3-FRA
expires: Tue, 11 Jul 2023 19:45:01 GMT

GET
H2 200 htmlF_IMG_6377521dc4135-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 62 KB
63 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377521dc4135-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 273972
x-powered-by: Niagahoster
content-length: 63746
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRS%2BqvX%2Fe6BFTD%2F44jNhzWArbtiJjVsi3c3qmM40wJthAZSG0bMHardZ1fpN5mDI2xt7mvdK8sDROpCjlMQO1guXx4VA41GhEn6LYIDH8vJHWXYWrKGHOnYUQvpphNRL59dPHq8F%2Bm9l1Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba618d3-FRA
expires: Wed, 12 Jul 2023 08:59:26 GMT

GET
H2 200 htmlF_IMG_637752093cd90-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 78 KB
78 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637752093cd90-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300571
x-powered-by: Niagahoster
content-length: 79469
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhjiY1HrAi2wSf5FhW2fClk0vG5DmIrS8QOB%2FtiBz5%2BIG3x3jt0vPhfHzM58pscIUetWWvQPFe0kXhuzhUF6CvK%2Bw3caoby8GnBVO4EiIwrX1hhgHzGMAcKDexU09xoAo1C70rpl%2FheGH3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba718d3-FRA
expires: Wed, 12 Jul 2023 01:36:07 GMT

GET
H2 200 pexels-photo-13593211.jpeg
mbantul.my.id/wp-content/uploads/2022/11/ 34 KB
34 KB 25ms
25ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/pexels-photo-13593211.jpeg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421399
x-powered-by: Niagahoster
content-length: 34306
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:55:01 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKG%2B0Qo%2B%2BZekEGtmYFbGkM9yn3X%2F6b1Rs1vDPPhHDmZtRWSmBG2UHooIPfC08JIqcVbNRmFwVGwgobcaeE%2FOYFKufICnKafoPqVBZzX7zeAGKcC2nSYhCBEM9vo%2BlWfo0OPhSgAKWMBPWw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba818d3-FRA
expires: Mon, 10 Jul 2023 16:02:19 GMT

GET
H2 200 htmlF_IMG_6377514b6f45f-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 23ms
22ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377514b6f45f-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261341
x-powered-by: Niagahoster
content-length: 83351
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoeQ03Ws29dDV8It1si64jlJZElKEO%2Fv7D1lN4gqYWN8iAe3Z10mH0Wzr6Qyg%2B3VuOoARQ%2FRI9BiiLitoSQbLCZmpZwmq2rMxzHCFtTfR9png%2BCphhNEn0ioZ2sf5aM%2FV6SDW1zgmAnv9Wo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fba918d3-FRA
expires: Wed, 12 Jul 2023 12:29:57 GMT

GET
H2 200 htmlF_IMG_63775126768fd-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 80 KB
80 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_63775126768fd-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 273971
x-powered-by: Niagahoster
content-length: 81955
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVUKf12MTx2KD%2F921VezeYz5WBYjOnG6RA1OUl7X9KVn0e2tCQUvCfaIVvxb7pt4R9Q2ID%2FF5xGTFdJRk5kgP7kLNkqp%2BuKeIHj87x9o30%2Boi3vz8VS9%2FhSxJDlM%2BVArEcQge1368%2FoykOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e388a39fbaa18d3-FRA
expires: Wed, 12 Jul 2023 08:59:27 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 431 KB
174 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 22:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 22:44:46 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F46A 52 KB
29 KB 31ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=580hw5y3rckl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4243d4cac056c22addd90b984dfbb64f673c5b7a21ec6f962317785465f34734

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2bnNVRmpkGjhZ9Xq1dYXEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28933
content-security-policy: script-src 'report-sample' 'nonce-2bnNVRmpkGjhZ9Xq1dYXEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame F46A 55 KB
24 KB 25ms
8ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=580hw5y3rckl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 13:07:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame F46A 431 KB
173 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 22:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 22:44:46 GMT

GET
H2 200 8e606d93-713b-41ab-8a38-28505529c9a1 Show response
compass.adop.cc/RE/ Frame E45C 1 KB
1 KB 249ms
249ms Script
text/html 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: c839215cc800cb891638b3eae0ac3d4aac02b61759562aa8a2a78a42b911ff62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 608
x-amz-cf-id: KY4firMW0Q9kgF6ExENTWWUmivvNJd9tu7Vw4MxPw2yyrmM7VV1SGw==

GET
H2 200 ee2791d8-e821-4cfc-aae3-2e1c82f20b9d Show response
compass.adop.cc/RE/ Frame 152D 2 KB
1 KB 240ms
240ms Script
text/html 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 7488f77b5d8abc14769a44374621fa4306bbacaa4eb2a16042a4af3cbca3d680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 778
x-amz-cf-id: rMMUDIeQBcjTvbDXd_FRIi5byxDwr4RZgn0C8Her4TL0uHb8U44CLw==

GET
DATA 200
OK truncated
/ Frame F46A 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F46A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F46A 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 78495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 14 Jul 2023 15:17:24 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F46A 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 43841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:54:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F46A 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=580hw5y3rckl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 08 Jul 2023 13:05:39 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9CED 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

508443b6bcb778348686389c6bd25cf7fe1c6bbf34f89f758d705a2150291dc6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a8NXoHx8ISuhqcsteqcagw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1151
content-security-policy: script-src 'report-sample' 'nonce-a8NXoHx8ISuhqcsteqcagw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 9CED 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 13:07:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 9CED 431 KB
173 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdF6eomAAAAAH8RxvecMQQyrT8N302DQ5Pus17f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 22:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 22:44:46 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 152D 18 KB
8 KB 33ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 13:05:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42096
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230052-FRA
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 152D 76 KB
26 KB 120ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b77f198376837ddf26aed4ddc2df1b49732f92fe6cc3d546f6764b6c0d5beb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26163
x-xss-protection: 0
server: cafe
etag: 272 / 19546 / 31075836 / config-hash: 12381638052069933206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 13:05:39 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame E45C 18 KB
8 KB 32ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 13:05:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42096
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230052-FRA
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ Frame E45C 3 KB
2 KB 7ms
7ms Script
application/javascript 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:38 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 35
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: 6-4ScRVrDNPgc_Sc9m-w0-raPavhjLSqpBWIiSYsUAFT08FI-CBHHA==
expires: Sat, 08 Jul 2023 13:15:02 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame E45C 0
140 B 759ms
245ms Image
text/html 2406:da12:fbe:4200:8604:c7bd:e790:fec2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNzA4MTMwNTM5IiwiY3RyeSI6IkRFIiwiYWNpZCI6IkRFLTIzMDcwODEzMDUzOS0xMzA3ZDBhMjNmZTQ0ZGQ4IiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ6aWQiOiI4ZTYwNmQ5My03MTNiLTQxYWItOGEzOC0yODUwNTUyOWM5YTEiLCJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTQuMC41NzM1LjE5OCBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjgwLjI1NS4xMC4yMDEiLCJmbG9jIjoiaHR0cHM6Ly9tYmFudHVsLm15LmlkLyIsImZwIjoiMCIsImNkdCI6IjIzMDcwODEzMDUzOSIsImRpciI6InYiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiJNYmFudHVsJTIwJUUyJTgwJTkzJTIwVHJhdmVsJTIwV2FudGVkIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=1e7094c9-0ba4-4c30-b6a3-606687d53169&r=PtoFbre
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:8604:c7bd:e790:fec2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 collect.php
data.adop.cc/ Frame 152D 0
139 B 755ms
246ms Image
text/html 2406:da12:fbe:4200:8604:c7bd:e790:fec2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNzA4MTMwNTM5IiwiY3RyeSI6IkRFIiwiYWNpZCI6IkRFLTIzMDcwODEzMDUzOS0xMzA3ZDBhMjNmZTQ0ZGQ4IiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ6aWQiOiJlZTI3OTFkOC1lODIxLTRjZmMtYWFlMy0yZTFjODJmMjBiOWQiLCJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTQuMC41NzM1LjE5OCBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjgwLjI1NS4xMC4yMDEiLCJmbG9jIjoiaHR0cHM6Ly9tYmFudHVsLm15LmlkLyIsImZwIjoiMCIsImNkdCI6IjIzMDcwODEzMDUzOSIsImRpciI6InYiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiJNYmFudHVsJTIwJUUyJTgwJTkzJTIwVHJhdmVsJTIwV2FudGVkIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=e4d06a59-b94b-4def-8805-ef825a9d3434&r=sj15s1H
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:8604:c7bd:e790:fec2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/ Frame 152D 392 KB
125 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0407c967f9b56d97e40232370eda7a905d27c980d1ddcfdf55c719bae9c3b444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8951
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127640
x-xss-protection: 0
server: cafe
etag: 3200400604667924725
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 07 Jul 2024 10:36:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 152D 107 B
456 B 41ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 152D 732 B
522 B 10ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 13:05:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6346
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230052-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame 152D 102 KB
25 KB 51ms
22ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: KQFF0FWPP4C17CP6
age: 3324
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e388a3e191437ef-FRA
x-amz-id-2: 8HczqSS59NC5+bMgvklOJToJ5CbRskupftalLHCw5wQPI4bAuQkMqhcD6kfepdHSTAjOpZlv/QM=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame 152D 1 KB
2 KB 49ms
24ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: be82e0936110b904bef0b0a532216b18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame 152D 38 KB
12 KB 36ms
7ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:04:08 GMT
content-encoding: gzip
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 36092
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 0B2mOSOnzZV4Ewr-KAUcNu87lbm_vFqWbfZYNqTX5-Gd703ZvmgpQw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame 152D 2 KB
2 KB 37ms
8ms Script
text/javascript 2600:9000:2250:8600:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 08 Jul 2023 07:03:45 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 21715
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: KSQWFpr4cQcf5JGE6rGuCOxwHPXif8rtlPMtyPjJUfWRm0TUGaUsaQ==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame 152D 24 KB
8 KB 33ms
8ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 04:47:06 GMT
content-encoding: gzip
age: 1757913
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 17 Jun 2024 04:47:06 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame 152D 42 KB
13 KB 60ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jul 2023 13:05:39 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 152D 57 KB
14 KB 367ms
367ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=316664703453236&correlator=1494718210268419&eid=31075836&output=ldjh&gdfp_req=1&vrg=202307050101&ptt=17&impl=fifs&iu_parts=223513049%2Cca-pub-5111137191506013-tag%2Cmbantul_pg_300x250_std-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3542551512&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688821539502&lmt=1688821539&dlt=1688821539056&idt=418&adxs=650&adys=2104&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=86ir0ex597mz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fmbantul.my.id%2F&ref=https%3A%2F%2Fmbantul.my.id%2F&top=https%3A%2F%2Fmbantul.my.id%2F&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&ga_vid=1112285861.1688821540&ga_sid=1688821540&ga_hid=1381667232&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYpcXurJMxSABSAghkEhkKCnB1YmNpZC5vcmcYpMXurJMxSABSAghkEhcKCHJ0YmhvdXNlGKXF7qyTMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRilxe6skzFIAFICCGQSGQoKdWlkYXBpLmNvbRilxe6skzFIAFICCGQSFAoFb3BlbngYpcXurJMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRilxe6skzFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6411862ee2887391f85fee0fae9abe94db1b3c13a1ac2923cebe5514b2e30912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14257
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92DF 6 KB
3 KB 52ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:39 GMT
expires: Sun, 07 Jul 2024 13:05:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/ Frame 152D
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

85 B
202 B

119ms
118ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ce6ca0d2a539e9ccce23f126c8f44d6f532fdb2ef911d364293720a1c3da2705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-+b72LHemBNRrdprJs9wbs6uOEMA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mbantul.my.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 08 Jul 2023 13:05:39 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://mbantul.my.id
location: /esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 152D 60 B
333 B 504ms
163ms XHR
application/json 52.52.46.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.46.51 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-46-51.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8fff4a9e4bdbdaddcdefd60315747dfdc9485ca3325a5bb3da5486c3b9df78d6

Request headers

Referer: https://mbantul.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache
x-server: 10.41.7.116
access-control-allow-credentials: true
content-length: 60
expires: 0

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 44ms
21ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mbantul.my.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://mbantul.my.id
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 08 Jul 2023 13:05:39 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: ac23dcc3815239e2a24a4e6c9f017259

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ Frame 152D 221 B
315 B 27ms
26ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 297f279516658fdb281b4f566dab3e78ea87a1af7667f4efc08c447214240b02

Request headers

Referer: https://mbantul.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jul 2023 13:05:39 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 2f237927c61d0d0a3b8f37bb841beb70
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H2 200 c71ba3ac-9bc0-4f9f-8ee6-57273080b78c Show response
compass.adop.cc/RE/ Frame 8778 9 KB
4 KB 675ms
675ms Script
text/html 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/c71ba3ac-9bc0-4f9f-8ee6-57273080b78c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c71ba3ac-9bc0-4f9f-8ee6-57273080b78c&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=8QXlnnKBKewApbsCadfEeFlgiHnikZGU5NWtoKzhjcUpIbEVxNEJzUFhKZXhGbnA5OEZzYjhJTmhjS1hra2MyRT0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 9eec758a3dea05c2ef2973559b8a4850811fac2d7357488b02c616ce6c360f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3017
x-amz-cf-id: CC7wNzrBes2LOsro6kFkqFyGahzahLOg_OoXFCWpjFxPK1CmaE4toA==

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ Frame 152D 0
322 B 43ms
16ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mbantul.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mbantul.my.id
date: Sat, 08 Jul 2023 13:05:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6EB0 15 KB
6 KB 51ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 277218
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6EB0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_Fed1HxwMkNaVFBVcHdqZkZIU3NxYU9mYTc3d3U1aG9PZjllTC9LR2tFWjBDUFl3YXJ6R3FXMlZ1Y0FiTy85RDJvWDF1eXIwSHpzMC84a2o3TVlLNUU2TGdGRjlFczVRQjg1aWNrNlBxeFVqM1lHS2djdTJQOGdHbU9tdk...

422 B
649 B

61ms
14ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_Fed1HxwMkNaVFBVcHdqZkZIU3NxYU9mYTc3d3U1aG9PZjllTC9LR2tFWjBDUFl3YXJ6R3FXMlZ1Y0FiTy85RDJvWDF1eXIwSHpzMC84a2o3TVlLNUU2TGdGRjlFczVRQjg1aWNrNlBxeFVqM1lHS2djdTJQOGdHbU9tdk5uVGxjTGZhZXNzT0xFVjRabjFobXM1WE9SUWZleGdOaVRhaGhwMXIrb3VVTnN5Z0p5UnRnd2R3SG9PcGJSaFdRaGUvSHJFay9hSEx0YmVlcUF3OFhEcFdXUnpadURSYlF1cWg3OXBOVTArWTJXSlJDTVlHTDlPR3Z2c01qbnJ1U0lEbjBZMFduMlRDODg0WFBKUC8yTkkwSm9ldmIzUT09fA&cppv=2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

be1cad02e422428fc3923f2a1e4d959658f2cf44ccaa8aca9ecd3399b0d71dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1465415
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_Fed1HxwMkNaVFBVcHdqZkZIU3NxYU9mYTc3d3U1aG9PZjllTC9LR2tFWjBDUFl3YXJ6R3FXMlZ1Y0FiTy85RDJvWDF1eXIwSHpzMC84a2o3TVlLNUU2TGdGRjlFczVRQjg1aWNrNlBxeFVqM1lHS2djdTJQOGdHbU9tdk5uVGxjTGZhZXNzT0xFVjRabjFobXM1WE9SUWZleGdOaVRhaGhwMXIrb3VVTnN5Z0p5UnRnd2R3SG9PcGJSaFdRaGUvSHJFay9hSEx0YmVlcUF3OFhEcFdXUnpadURSYlF1cWg3OXBOVTArWTJXSlJDTVlHTDlPR3Z2c01qbnJ1U0lEbjBZMFduMlRDODg0WFBKUC8yTkkwSm9ldmIzUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 303909
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame CC7B 0
176 B 50ms
24ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 08 Jul 2023 13:05:39 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 8878 222 KB
61 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 244488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 8878 15 KB
5 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:33 GMT
age: 247566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 8878 94 KB
28 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:57 GMT
age: 247602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:57 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 8878 5 KB
2 KB 51ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:33 GMT
age: 247566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 8878 40 KB
13 KB 52ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:57 GMT
age: 247602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8878 4 KB
751 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 13:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 12:49:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 13:05:39 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8878 2 KB
3 KB 52ms
13ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 51686
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Jul 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8878 295 B
664 B 48ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:43 GMT
x-content-type-options: nosniff
server: cafe
age: 8936
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Jul 2023 10:36:43 GMT

GET
DATA 200
OK truncated
/ Frame 8878 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1d95f36c52f56b2d4245402fe500aa821959f0e38e10ff9df0f0143f8d04522

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8878 16 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 583636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:58:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8878 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 139772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8878 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 51686
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Jul 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8878 295 B
353 B 8ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:43 GMT
x-content-type-options: nosniff
server: cafe
age: 8936
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Jul 2023 10:36:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8878 0
0 50ms
50ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2DnwI1-pZMnTIZv8x_AP16KImAnA9ZS9cYba08WFEaGPjfqTDhABIJm1iUNglYKAgKwHoAGysLibA8gBBqkCtmvPTG1msj7gAgCoAwHIAwqqBP0BT9CfNbddz1uLEaRsCcKSEdat3J6m-veSkEBsZ5hJXVMMdzxwQr2v7a-lzvNHCKytvPA5woSixwcLnWAj8sSDW1iKixK3JCd7LgDxq3uRleRznmRJYF8WwSv-wVlNHXb7C4q93crUZSDXqrEKHArjMYKyFvEHf-yUNCZSxviy624gut4yUJpXRd4SUc_xXlFvJQ3VDu-df9sZmxQ2fGopL8oj5kWzY2GsG3KkInv-1zukHXoZl9YeyR0WekyNMPDKOd1Df3Wy36OaqFpQLxM8EtkOXtjDOb7oXweztiBzftn8xqIUtlQtnXBISXC3NxuxDI45onjpwQPylP0x1cAE7MmWs6UE4AQBkgUECAQYAZIFBAgFGASgBjeAB7bPx2SoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQg5kE0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi02NTE0MTQ1ODkxMzk3MjE4GNHUIg&sigh=U_f_2OAz2hc&uach_m=[]&cid=CAQSTABygQiDb1mAHo_zsaqzNf4vjVGzLY0voCEMkmMGV0ftHpNx9h3Q0IW4akcdewZvCzfY4FM0dIEw37VY_FZ6s-PKArXspoU0Sfmir1YYAQ&template_id=493&cbvp=2
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 152D 15 KB
12 KB 80ms
56ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b89348e896a3b64c79b0f13abc7c07991037fe7e49ec613342c69c7f856f6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11761
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 152D 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 13:05:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7295 13 KB
5 KB 141ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:00:41 GMT
expires: Sun, 07 Jul 2024 13:00:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 27C3 783 B
535 B 20ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ce49ee6ee73f1ae54213878144d4e5ea677d7f9ffcf93c87b8018e8a286bd10

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4TtfxHwRIIE_TKHnWnm2vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4TtfxHwRIIE_TKHnWnm2vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:40 GMT
expires: Sat, 08 Jul 2023 13:05:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 8778 18 KB
8 KB 12ms
12ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/c71ba3ac-9bc0-4f9f-8ee6-57273080b78c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c71ba3ac-9bc0-4f9f-8ee6-57273080b78c&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 13:05:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42097
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230102-FRA
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8778 76 KB
26 KB 206ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b637b013f0d972b825bbc098cbee14a9d8afcb8bd3fc1386850f8fa0af65fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26171
x-xss-protection: 0
server: cafe
etag: 940 / 19546 / m202306290101 / config-hash: 12381638052069933206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 13:05:40 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame 8778 0
139 B 245ms
244ms Image
text/html 2406:da12:fbe:4200:8604:c7bd:e790:fec2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNzA4MTMwNTQwIiwiY3RyeSI6IkRFIiwiYWNpZCI6IkRFLTIzMDcwODEzMDUzOS0xMzA3ZDBhMjNmZTQ0ZGQ4IiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6ImM3MWJhM2FjLTliYzAtNGY5Zi04ZWU2LTU3MjczMDgwYjc4YyIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiODAuMjU1LjEwLjIwMSIsImZsb2MiOiJodHRwczovL21iYW50dWwubXkuaWQvIiwiZnAiOiIwIiwiY2R0IjoiMjMwNzA4MTMwNTM5IiwiZGlyIjoidiIsInRwIjoicmUiLCJyZWYiOiIiLCJ0aXRsZSI6Ik1iYW50dWwlMjAlRTIlODAlOTMlMjBUcmF2ZWwlMjBXYW50ZWQiLCJsb2ciOiJiYXNpYyJ9&aid=129520e6-7505-4b75-9c29-7320363b2730&r=EoOQ5rR
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:8604:c7bd:e790:fec2 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7295 38 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 10:54:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 27C3 0
0 51ms
42ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307050101&jk=316664703453236&rc=null
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ Frame 8778 391 KB
125 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 12:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 943
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 07 Jul 2024 12:49:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7295 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?59ly4g
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8778 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8778 27 KB
13 KB 489ms
489ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3807978727143595&correlator=1584758999212319&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_pg_300x250_std-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2353456063&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Df87b71d968528482%3AT%3D1688821539%3ART%3D1688821539%3AS%3DALNI_MaYjClfJkPI9XazNjrE8D3WuRRWoA&cdm=mbantul.my.id&gpic=UID%3D00000c38abac9f8c%3AT%3D1688821539%3ART%3D1688821539%3AS%3DALNI_MYbNyRuD6UubIhR1CwECUNboPuf4w&abxe=1&dt=1688821540542&dlt=1688821539552&idt=965&adxs=632&adys=116&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=13ehc0q98zd2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1066862089.1688821541&ga_sid=1688821541&ga_hid=1221160229&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYpcXurJMxSABSAghkEhkKCnB1YmNpZC5vcmcYu8XurJMxSABSAghqEsIBCghydGJob3VzZRKsAW55czJJa2VyNUFzdURTaG9tNHFhbXdYWGZHdGZySXE3ZC9aYk5SY2EwS0NQV2FMYVIyOVBSRmN5WGRYUWFyWktDQldCcHJWK0c4Vzk2MENDRGJEOFVlSmRybXhKUUZqYVBodGRzeDJtSUxrTERNRkRkQnc0T1EzUkJ2NXFzd2pHQTFUZE0vZ2lFVXRZOFEyNkpNSGpGUUhoTzVmOFNYSjFjT2lDdVBMZlluUT0YpMburJMxSAASHQoOZXNwLmNyaXRlby5jb20YpcXurJMxSABSAghkEhkKCnVpZGFwaS5jb20YpcXurJMxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVZUaHNVR2h6UTI1VWFVZFZZVGRaTWtORFNuRnZkejA5SW4wPRjZx-6skzFIABIbCgxpZDUtc3luYy5jb20YmMburJMxSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80157e620c3368503e0e3398c25e19b536418a23ab8ad0cbef723cc8a18ff83e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13112
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4C3 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:40 GMT
expires: Sun, 07 Jul 2024 13:05:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8778 15 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aec1a29738e6f71a2cbf5ff28c851ce376e42bb4973aae1634fb946fa3824a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11722
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8778 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 13:05:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F5D 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:00:41 GMT
expires: Sun, 07 Jul 2024 13:00:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0469 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69a96aca6038f225c998327f9124227d8b6624f9003e90798fb92fe9a5a29673

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wkh9Mco239Ak_Nn8EEs7Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Wkh9Mco239Ak_Nn8EEs7Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:41 GMT
expires: Sat, 08 Jul 2023 13:05:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3089 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:40 GMT
expires: Sun, 07 Jul 2024 13:05:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BB65 624 B
307 B 161ms
47ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNTB3d4BMAE&v=APEucNUkLvUHu7LZE1bpS1fGOHvVSsuC_D85OGvAUPQ-omMcK_7pEI1Zx2CSZnznSrMWKVYlRGy4Y5LByGiO7i220ZQS9r-ZePXk3W-DtUl5tyoK-rczcco5AwwV_4jelJNRVtqpE45I5rwHCL6RkqFGY8qmTCXaXONU0BubnLm-aAdhUlcnaKM

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3089 78 KB
27 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b18f906b7ca778339817ae6b31289687188a5cb4ca6904865544e48324686c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28050
x-xss-protection: 0
server: cafe
etag: 6804656964934420094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 13:05:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3089 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxpdiISBTSxksshZi7EsX2vviyUTiwRq_uWjeWP8VwMCblrs7EgXa3lxOFqljRYjd0IIayoITrXbIDYk9uv_IBTA7Y9fpVl0m7lN4U_xMZGfKHGDo

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3089 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12748047110943477749&x=1&ct=77

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3089 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 10:54:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3089 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3089 0
0 17ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNIypUwHEFQCwdUgmCa5_EgGVKtCOe5ufuSCKvS0Fxc9-7KzWvT3pCOodpAqGZvlVIPB_BgYOvjXUoAJhBk0aRjn28TQ
Requested by: Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3089 179 KB
56 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 13:05:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0469 0
0 43ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=3807978727143595&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F5D 38 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 10:54:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 152D 0
0 45ms
45ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307050101&jk=316664703453236&bg=!ycqlyp7NAAb90kgr3dI7ADkAdvg8WrvumtBqhUL6wAJcV15fk93_mbRyTRoMPmDoYPuWLat4p2lZtKW7MqhcP2qeVHNqzSWdbggCAAAAjVIAAAAHaAEHmQKyt8Kq6YYDTz2WVj9zWbf5ghaXi1TQZy6WNUv7JZ8m-fe4dBTRHBHpL7SFkV-r0e2G4wZxUcPFu6yREsAydgTcz-9TAtmPKZ7uijx85n2N_L7NRNCl1GV7TQsJvK3_HONgzAfgY0Bh93WrHS4Y8dyQbmM1fGmwKdQIbAADVKrAMoYWnikacJDm73qYCWR1No6fh2Tjh4qf9GSJ5grgTBZe631kuS80KY_eCcbqGZQYbp4mznCyLvKUqXf0oL7nkcZiATnaZDZhGqS_fCRra_D6vC1SF1lmFF3R70pYnDzOaKAeWmAbIVhozuxEGQTNS-ghzXQoNeufnXlcjtxL-EMOnIH9ZnzWPjNFRR2CXanrya9Td1qT69aZ-ILetxl9HAnzxRA8yNwBrhWwtvrigI-JMIW7yQrd5My73RiFuAmLP0P0rcH6DKlJldb87shH-G2bETFrGs7jjVgr_wwW8G3Q_XRSqgRA4ji9-6t4OYcA3KndvE3Sslia3MyNILBnjQWwe11aybkeLfg17ArkQLwpZFq-syhpJvxwtAGBAJ2kR9QXpPA5XCrdZNBGF7byzYq5CmXHXfkEObGWvqx6ypGwUqeJ0iclto0VBsgVKzGbUuySCZaGs2CeCFKSLgn2rPv5T0XWWzNdeNBeqEnOOCxL5XYgE_ArZwL3yuHFXS2KVHrwkzuqH3KLEfO7tp5hpCcTXsfyTAOLktHfOkn2zQfXlbw0NGCdupyWiEA3vFlKHBEhnaCkstwnvYrCYTsCW8WdCaihRUIItcmZyWSR_nKreaFCA4roGfJpmGAQOXmk84eBfg_Cszed6RzUcuJrltdH015RIMS9YsuZl7-Fl-A-ujg_ot4gDgp0_daL50dJ6PoY8ibU754YWLjfLQ1Qyc9Ondg1ycB3rTW8oiOkbJXPjIoG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3089 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4503982631733&version=m202301300101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3089 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4503982631733&version=m202301300101&ct=77&x=1&cor=12748047110943478000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3089 29 KB
18 KB 78ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq_Tihc9hh6qIwT4Ec0EXKPE-AT66rfqa-kewO1WKIp0YSwBDIpDkDS3JZ9qHKp9wu9wxQIAWHuASxkhsejLE1BpCQSxtekgPCDfQYi5QQ-U61d9jDH9FeKssAh9z16qnwa5wTAG2ETYlL5QFo_sE61NweBH5YbjYwmWwL2EFQMZPRHBM&cry=1&dbm_d=AKAmf-BedkBzXm6X6mxFJPW9fJLW5Zd55XnZsx-9Zw4BU5ta_dlqiuCNbN7sV7nSmP2QxXP_cRIlVJX5e1BIXmh0xI6kACdgambSRyJOo6_7r7l2pkGrVEdN5VqSAFt7pq_Hy4brJIUx6-rMkPjia1_a0y4nkx8qf83Lt5VXz4jgfiPmSpXTiQDUDikTyjt8k3ZzZ939Bg_sH1rcV4pf9jhV_PsCvQfQjW8qlhm8S3EbU2X-1AuzWbYI9Y6rF67nOwrZwUveH9xnxcCFYx9tg987yKuag3h1ZUmhulfHZRMCAn6IG-NDlAEt_v4-vPcxf9YiWNyUVL1DGK6BnMABAoEee_3cXRsWjOGGbQqVYHG20EmXzck51QZ6VRkAniyEHsmJKyt1NbZ597oe77jLlzKerg-Gnd6OE3TaQNvxVqVVIEuu631297-1hzYfxqMZs-OCWWzP6gdrl_hNT4TwG5EgTU0TBpETBygY5i5nZVdI1OY8W6GxFY4sCJQBWGUsXQB_lqioHpmiSMq7OvtusWUCwTxOTd-7NHPNEaat6ubo4g7IqPlBtHfKO5oorSAVJnaKKLvFKD2qyrxA2SZKEzFrEt9OIH4q2YMTvoLyPLoxzfrf7T7k0QMdhq0RnY9g0rekKqYr4vLbyAq6LWlKCB9OzTbA8dFlMwZVP7P2VjmYRKo4RLI6DoN7Zc7Ys5EpuMCy5ojbwRVpYlVeVbgnNMAGg4bX0c7ZSghgHGSBRMMktTv4rw412_oiF6YpFooNMgvNDkaIZt6x7jMASA1guli8JWujq_jtu6oKCCG7Nwbclab9HQBZisdU9dXEWX3sY2tjKTQHQjcCACnsLu6ZizPjUMpMLXEQzH4NSYK8kgCt7qjYZezWH-qlajzj3bl_a7eDbgLuyUwu40P9bRVZbONzi3KKKj3Hap6KG6TlrHvMnDMHaIzr52XfdEl-5-qIn8bkJevfWjYoHLPXXuCkjRG9FZBJK2BFJ6Z1FdFVp1hLdguQozgFtxDIhwMxweVZPb-zj37aIitg0dBirwmkQ5O3KSlu1dnToxME3RW05RU2DdwZcodsmuJ1MeWqf5mViHr_t9xlAWkGKsNybxlqmZ_NlyhT5hfqfWqnRKm5DXkub1--JjmhKF_mWeCK48O9aGK53-h8ihjZzOu-lV4ZjkQt0JI9J0z7MEg3vHEBWXwiD_Yb7q1FAFdLLj2qwy2FhNFG6DjS38mT8KnOejv6x5nsr45Je9Am-Sfw9Ldqvwa0nhPFvUrfPQ3wuByzq9VuGNpCODMdBbUjifpyAL2J55PijbwbuCPq-DWfXrl2bUGZB7i-Qls-YgGmpqhpCZQc1UCRvRXzV07Bwohiyi1VtSWDkJ9Lx6xxgOK9lSxmy-IJ167Ure-T9OUwUjE7t1HQFf0-TcIpPnR3kVR_GBrLj4WnxqhfRFAvWeRHpdPbRs2yGil_H73RduVNqOhGO6CkvKQ2dWcOKA-jNVZdzB7vFys3XZ4pE5LkflQl0XXLysJEtLtNkOEiXbHXz9ETuD-HXaQxUo1fifwXF0JXG9t4RsHmE7x-gX8yFsM-FtP0f3vT4lBzkgnbLXieaDC71IPPJtOqmcAnwoDDZnrrddB02xRUGLzcoSxlEz5LcrPlgob-Tg_VUsYg1OvZgIsLW0pRRPGaX8qRLvzhFOB486it6Tq4ctM5sgwdLyyUPuf3zKVWCKAK2kPwg5HQMwV9jpM1youT9iJ3VzpDEAalx9q91bTn6DtXYQi81xx3UJNopMtEE9R_mLsc6q5pq57PL0pbixgd94zC-QYFBD78DqNnNQXsCbP_1rWOS1QW2ZmiS8JJc3Hb9SiDZU7egjFixhj5NradppOKnOGTnbCuxq-v4QHgSbArsei0q0s2XpDobnVxqoHoupRPQD71dJ1KjwNZWxHmA_2neB1Y_sMPnaFZINsQf40BveXsPR8BLSSaqM6C4zJDhP_k-2gE_2Rtt2jxzrPbKnX0co8rqUgiuGeRp-0QLBGKS2OR7qn3mfLDQRUtege7lhkRiBoGnOG84hk2uJP4u0j2D6BVEyga0XTrSXflKz3Q4cNgFkPP_Hfc-o3iXsaHIGa9njY-jzngo9cVaR4dsRPLNRCSjIoxUqEJwHF8J8tTT2UdM-oqAXUhEXXfA99zvZbRDbdznAadbBPQEIqOs-keB-Vpmbf1PN4rFZ9JGWrcyh23y0ZBpifJZ6vv3VMZp61dHylHp5JqN1Bwfwl93arAAXxB2Yi_RRNqK2oVriVJLzFFx-L3JccMRB-daNtaGwz1LN1WlwpFNOEruzrj4vSlpuVcw1XBC4FPg6YYMRd7qbaxAaec9OYtxTQ5cxUYrwTavB_TzWES0VOrnq1sUFQYogR4psZaq_hgqRmerQq1N4sVvkR4RqErPwy64fXouYb4BDe8reqyoHuBGsvmfVn1omhXfvuR2mCsScWoGuetbTnzZTTWsAurHZI7TtUlDKxwQyDwGLZ8QAEklV1v-29mWkh6E5BqxTHjetB5iMD4Dazk9bFfd99zx7Tdko-Ss3811Ko98RZgoZojGdmq6zClhz02-W5_uCRvUW8N8Ip9pkIVqpV2w4EqNjTYxjgmAy32RSvVa0S2R8WawPx_op-lZFa4kyGPbHnGxZHx-4xrVGhlJXkpoyp5UqXBiDm6B1gJtGAcYC1YLSTXKDD5tJEk1TyUFArKYm-Lds9Oxy04CCweeWMVh4bUnjcqjkC0LxmCOHtdVQuTWVLt8LrZLz_6Vkew9FTsv52TC8Ub5tq2Pc-BgqJJ_zPCsGTr884x7NhIeR4v9tdtsc1kf6y0WtnzqTIhjAZ7Lpxqkihqctku7qkE8ZbiC_7kzJlZMetOiKnuaDjejL2C_s9CBGDj9hR4BLHo97lD4SKDqOtti4FZt41Cp8soEppV88ia4840GviYqbz_t8TsRHmdasylNZ-4I0XgLLthiYFnYTm7-Oh7LrGlID1WHg7V6cyvZB61FYefR-fZ-zdco6HpW5NrC4mkgpiB5qm0E4J_hl7J8TI7_Mq6MAR2II110dYeZvl7tO_71nYhhHbwu270x5ch6ZrY58ZGx5Due2DNHZgYL0KEO5UIqfybAopENVAwHnoqx_4G5i322JNBd9ggqJDSEyM1ssG8VtKP8z21oEc8tXu9L5oFVWzxcQwOtZoulkADdaN_Dm-CBga8RqPDYeqw0-yi1N66i6LAIRKX9nTwPGm4xOhvPo3TVc9O_ocsBZJbl7SNmu7493qlzx6GVqK676sAXvV1WSDKsO20PwKt-KE3-uVtO5mA4xO5hpZw4q2FzT_1gF2KjXZR_cJnTNZWwdrxULGLY7ui-QDNwJk9Ry_ODKa1Xrg9Fo8P3612yrt7iFGMSqrgIIaXSvLa5LCb89YFHqDz0ndJWKjpjp5tx_Knel2fGMRkft9S0yZFGUCkNnOZRfoDAI9lbj0kRVmMtLQo7FYZnPh8KLKA282dKgDVcchMlPaY6lHDfD4We_mZj5LLh1uPffQbwYzqktXT7V0XN8gBkKim5cEy-DaVbdToJno3mHSqMtr8K9MRzTSaTE0TJ8OtpSc5x8amwnGTwdorsPk3sILHcMMVb9nA2sXvtUKtKf24b2sOv-3SHEiRrzRuGrMS9rWMV1S95s2VFGwjs6ja&cid=CAQSPABygQiDcuXU6onK1VPr8mRwAPKUf3Hmsv6FuKWQrtxXw-qg_c2O2YNBsWwSzMhHD7-k0OuRB1ljWxB8YRgB&dc_eid=31075529&dv3_ver=m202301300101&rfl=https%3A%2F%2Fmbantul.my.id&ds=l&xdt=1&iif=1&cor=12748047110943478000&adk=3225955939&idt=58&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9dccd0ba234b19ebeea1829a621f9f73e1b0f27e07360e471a4f9ca6b20bf8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNTB3d4BMAE&v=APEucNUkLvUHu7LZE1bpS1fGOHvVSsuC_D85OGvAUPQ-omMcK_7pEI1Zx2CSZnznSrMWKVYlRGy4Y5LByGiO7i220ZQS9r-ZePXk3W-DtUl5tyoK-rczcco5AwwV_4jelJNRVtqpE45I5rwHCL6RkqFGY8qmTCXaXONU0BubnLm-aAdhUlcnaKM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 13:05:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKlfJbk-iLKH2F5nVLb4RgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNTB3d4BMAE&v=APEucNUkLvUHu7LZE1bpS1fGOHvVSsuC_D85OGvAUPQ-omMcK_7pEI1Zx2CSZnznSrMWKVYlRGy4Y5LByGiO7i220ZQS9r-ZePXk3W-DtUl5tyoK-rczcco5AwwV_4jelJNRVtqpE45I5rwHCL6RkqFGY8qmTCXaXONU0BubnLm-aAdhUlcnaKM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 13:05:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHMU063sg8XFAwsQRKzlNg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BB65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBKkj0Hj35RP9cr-_A3W-zw&google_cver=1

43 B
840 B

15ms
14ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBKkj0Hj35RP9cr-_A3W-zw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNTB3d4BMAE&v=APEucNUkLvUHu7LZE1bpS1fGOHvVSsuC_D85OGvAUPQ-omMcK_7pEI1Zx2CSZnznSrMWKVYlRGy4Y5LByGiO7i220ZQS9r-ZePXk3W-DtUl5tyoK-rczcco5AwwV_4jelJNRVtqpE45I5rwHCL6RkqFGY8qmTCXaXONU0BubnLm-aAdhUlcnaKM

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
an-x-request-uuid: 33af0f63-0cf7-41ba-94b0-88c3e82499c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.201; 80.255.10.201; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBKkj0Hj35RP9cr-_A3W-zw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BB65
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEwNDE5ODYwNTAyNjEwMTY0

170 B
243 B

18ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEwNDE5ODYwNTAyNjEwMTY0

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
an-x-request-uuid: 4f92f76c-fee3-4ce6-9a25-2e7a7b70460a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEwNDE5ODYwNTAyNjEwMTY0
x-proxy-origin: 80.255.10.201; 80.255.10.201; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 3089 30 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq_Tihc9hh6qIwT4Ec0EXKPE-AT66rfqa-kewO1WKIp0YSwBDIpDkDS3JZ9qHKp9wu9wxQIAWHuASxkhsejLE1BpCQSxtekgPCDfQYi5QQ-U61d9jDH9FeKssAh9z16qnwa5wTAG2ETYlL5QFo_sE61NweBH5YbjYwmWwL2EFQMZPRHBM&cry=1&dbm_d=AKAmf-BedkBzXm6X6mxFJPW9fJLW5Zd55XnZsx-9Zw4BU5ta_dlqiuCNbN7sV7nSmP2QxXP_cRIlVJX5e1BIXmh0xI6kACdgambSRyJOo6_7r7l2pkGrVEdN5VqSAFt7pq_Hy4brJIUx6-rMkPjia1_a0y4nkx8qf83Lt5VXz4jgfiPmSpXTiQDUDikTyjt8k3ZzZ939Bg_sH1rcV4pf9jhV_PsCvQfQjW8qlhm8S3EbU2X-1AuzWbYI9Y6rF67nOwrZwUveH9xnxcCFYx9tg987yKuag3h1ZUmhulfHZRMCAn6IG-NDlAEt_v4-vPcxf9YiWNyUVL1DGK6BnMABAoEee_3cXRsWjOGGbQqVYHG20EmXzck51QZ6VRkAniyEHsmJKyt1NbZ597oe77jLlzKerg-Gnd6OE3TaQNvxVqVVIEuu631297-1hzYfxqMZs-OCWWzP6gdrl_hNT4TwG5EgTU0TBpETBygY5i5nZVdI1OY8W6GxFY4sCJQBWGUsXQB_lqioHpmiSMq7OvtusWUCwTxOTd-7NHPNEaat6ubo4g7IqPlBtHfKO5oorSAVJnaKKLvFKD2qyrxA2SZKEzFrEt9OIH4q2YMTvoLyPLoxzfrf7T7k0QMdhq0RnY9g0rekKqYr4vLbyAq6LWlKCB9OzTbA8dFlMwZVP7P2VjmYRKo4RLI6DoN7Zc7Ys5EpuMCy5ojbwRVpYlVeVbgnNMAGg4bX0c7ZSghgHGSBRMMktTv4rw412_oiF6YpFooNMgvNDkaIZt6x7jMASA1guli8JWujq_jtu6oKCCG7Nwbclab9HQBZisdU9dXEWX3sY2tjKTQHQjcCACnsLu6ZizPjUMpMLXEQzH4NSYK8kgCt7qjYZezWH-qlajzj3bl_a7eDbgLuyUwu40P9bRVZbONzi3KKKj3Hap6KG6TlrHvMnDMHaIzr52XfdEl-5-qIn8bkJevfWjYoHLPXXuCkjRG9FZBJK2BFJ6Z1FdFVp1hLdguQozgFtxDIhwMxweVZPb-zj37aIitg0dBirwmkQ5O3KSlu1dnToxME3RW05RU2DdwZcodsmuJ1MeWqf5mViHr_t9xlAWkGKsNybxlqmZ_NlyhT5hfqfWqnRKm5DXkub1--JjmhKF_mWeCK48O9aGK53-h8ihjZzOu-lV4ZjkQt0JI9J0z7MEg3vHEBWXwiD_Yb7q1FAFdLLj2qwy2FhNFG6DjS38mT8KnOejv6x5nsr45Je9Am-Sfw9Ldqvwa0nhPFvUrfPQ3wuByzq9VuGNpCODMdBbUjifpyAL2J55PijbwbuCPq-DWfXrl2bUGZB7i-Qls-YgGmpqhpCZQc1UCRvRXzV07Bwohiyi1VtSWDkJ9Lx6xxgOK9lSxmy-IJ167Ure-T9OUwUjE7t1HQFf0-TcIpPnR3kVR_GBrLj4WnxqhfRFAvWeRHpdPbRs2yGil_H73RduVNqOhGO6CkvKQ2dWcOKA-jNVZdzB7vFys3XZ4pE5LkflQl0XXLysJEtLtNkOEiXbHXz9ETuD-HXaQxUo1fifwXF0JXG9t4RsHmE7x-gX8yFsM-FtP0f3vT4lBzkgnbLXieaDC71IPPJtOqmcAnwoDDZnrrddB02xRUGLzcoSxlEz5LcrPlgob-Tg_VUsYg1OvZgIsLW0pRRPGaX8qRLvzhFOB486it6Tq4ctM5sgwdLyyUPuf3zKVWCKAK2kPwg5HQMwV9jpM1youT9iJ3VzpDEAalx9q91bTn6DtXYQi81xx3UJNopMtEE9R_mLsc6q5pq57PL0pbixgd94zC-QYFBD78DqNnNQXsCbP_1rWOS1QW2ZmiS8JJc3Hb9SiDZU7egjFixhj5NradppOKnOGTnbCuxq-v4QHgSbArsei0q0s2XpDobnVxqoHoupRPQD71dJ1KjwNZWxHmA_2neB1Y_sMPnaFZINsQf40BveXsPR8BLSSaqM6C4zJDhP_k-2gE_2Rtt2jxzrPbKnX0co8rqUgiuGeRp-0QLBGKS2OR7qn3mfLDQRUtege7lhkRiBoGnOG84hk2uJP4u0j2D6BVEyga0XTrSXflKz3Q4cNgFkPP_Hfc-o3iXsaHIGa9njY-jzngo9cVaR4dsRPLNRCSjIoxUqEJwHF8J8tTT2UdM-oqAXUhEXXfA99zvZbRDbdznAadbBPQEIqOs-keB-Vpmbf1PN4rFZ9JGWrcyh23y0ZBpifJZ6vv3VMZp61dHylHp5JqN1Bwfwl93arAAXxB2Yi_RRNqK2oVriVJLzFFx-L3JccMRB-daNtaGwz1LN1WlwpFNOEruzrj4vSlpuVcw1XBC4FPg6YYMRd7qbaxAaec9OYtxTQ5cxUYrwTavB_TzWES0VOrnq1sUFQYogR4psZaq_hgqRmerQq1N4sVvkR4RqErPwy64fXouYb4BDe8reqyoHuBGsvmfVn1omhXfvuR2mCsScWoGuetbTnzZTTWsAurHZI7TtUlDKxwQyDwGLZ8QAEklV1v-29mWkh6E5BqxTHjetB5iMD4Dazk9bFfd99zx7Tdko-Ss3811Ko98RZgoZojGdmq6zClhz02-W5_uCRvUW8N8Ip9pkIVqpV2w4EqNjTYxjgmAy32RSvVa0S2R8WawPx_op-lZFa4kyGPbHnGxZHx-4xrVGhlJXkpoyp5UqXBiDm6B1gJtGAcYC1YLSTXKDD5tJEk1TyUFArKYm-Lds9Oxy04CCweeWMVh4bUnjcqjkC0LxmCOHtdVQuTWVLt8LrZLz_6Vkew9FTsv52TC8Ub5tq2Pc-BgqJJ_zPCsGTr884x7NhIeR4v9tdtsc1kf6y0WtnzqTIhjAZ7Lpxqkihqctku7qkE8ZbiC_7kzJlZMetOiKnuaDjejL2C_s9CBGDj9hR4BLHo97lD4SKDqOtti4FZt41Cp8soEppV88ia4840GviYqbz_t8TsRHmdasylNZ-4I0XgLLthiYFnYTm7-Oh7LrGlID1WHg7V6cyvZB61FYefR-fZ-zdco6HpW5NrC4mkgpiB5qm0E4J_hl7J8TI7_Mq6MAR2II110dYeZvl7tO_71nYhhHbwu270x5ch6ZrY58ZGx5Due2DNHZgYL0KEO5UIqfybAopENVAwHnoqx_4G5i322JNBd9ggqJDSEyM1ssG8VtKP8z21oEc8tXu9L5oFVWzxcQwOtZoulkADdaN_Dm-CBga8RqPDYeqw0-yi1N66i6LAIRKX9nTwPGm4xOhvPo3TVc9O_ocsBZJbl7SNmu7493qlzx6GVqK676sAXvV1WSDKsO20PwKt-KE3-uVtO5mA4xO5hpZw4q2FzT_1gF2KjXZR_cJnTNZWwdrxULGLY7ui-QDNwJk9Ry_ODKa1Xrg9Fo8P3612yrt7iFGMSqrgIIaXSvLa5LCb89YFHqDz0ndJWKjpjp5tx_Knel2fGMRkft9S0yZFGUCkNnOZRfoDAI9lbj0kRVmMtLQo7FYZnPh8KLKA282dKgDVcchMlPaY6lHDfD4We_mZj5LLh1uPffQbwYzqktXT7V0XN8gBkKim5cEy-DaVbdToJno3mHSqMtr8K9MRzTSaTE0TJ8OtpSc5x8amwnGTwdorsPk3sILHcMMVb9nA2sXvtUKtKf24b2sOv-3SHEiRrzRuGrMS9rWMV1S95s2VFGwjs6ja&cid=CAQSPABygQiDcuXU6onK1VPr8mRwAPKUf3Hmsv6FuKWQrtxXw-qg_c2O2YNBsWwSzMhHD7-k0OuRB1ljWxB8YRgB&dc_eid=31075529&dv3_ver=m202301300101&rfl=https%3A%2F%2Fmbantul.my.id&ds=l&xdt=1&iif=1&cor=12748047110943478000&adk=3225955939&idt=58&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3089 41 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 3089 43 KB
18 KB 519ms
169ms Script
application/javascript 107.6.90.94
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 107.6.90.94 Santa Clara, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Sat, 08 Jul 2023 13:05:41 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Sat, 08 Jul 2023 16:05:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DE0D 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 23:27:48 GMT
etag: 48472445140208031
expires: Sat, 08 Jul 2023 23:27:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3089 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf78d15a96143473950bbf96243ec0113754a1389709747101e24cc7f108e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E7F7 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 163971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F5D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?O-9Zyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DE0D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekQxSFVucmgxUWk3RDc1&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cver=1&google_push=AaAOQGE0q26Ueetf6uu9uTXystANw6t9loMv8W07Qi1kmNR...

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekQxSFVucmgxUWk3RDc1&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cver=1&google_push=AaAOQGE0q26Ueetf6uu9uTXystANw6t9loMv8W07Qi1kmNRZe18s6OdiwH-o3LS4pmhwk0rp9tbOwQlKX4gTf3n4bNNDeCOqxg8

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 13:05:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0619b9270e7789dc9@us-west-2b@dxedge-app-us-west-2-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekQxSFVucmgxUWk3RDc1&google_gid=CAESELsSiZ2GoDII1qJIhMPpbyY&google_cver=1&google_push=AaAOQGE0q26Ueetf6uu9uTXystANw6t9loMv8W07Qi1kmNRZe18s6OdiwH-o3LS4pmhwk0rp9tbOwQlKX4gTf3n4bNNDeCOqxg8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DE0D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIh2fFnxUiNbB5aUOOeU4Jg&google_push=AaAOQGGg3xkHm_02ASwf4AGQwvOP9-PshV4OZFG-zCfoWx_kgFuGU6PyPP...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIh2fFnxUiNbB5aUOOeU4Jg&google_push=AaAOQGGg3xkHm_02ASwf4AGQwvOP9-PshV4OZFG-zCfoWx_kgFuGU6PyPPFD5HIyb62Rg-Vlc1-1BW7_-jixaDfM4MW6OQeFn4o

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688821541.381399,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIh2fFnxUiNbB5aUOOeU4Jg&google_push=AaAOQGGg3xkHm_02ASwf4AGQwvOP9-PshV4OZFG-zCfoWx_kgFuGU6PyPPFD5HIyb62Rg-Vlc1-1BW7_-jixaDfM4MW6OQeFn4o
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DE0D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAJJ2K9wOwr_SwkwK9Q1qDo&google_cver=1&google_push=AaAOQGH4iugrF9-Ihjvi0w8bMUYn6rjdiDlEY7wZrWD7O1YkINKJxYky79nDHS89atG8XxtKEbJiZE1Nb_0kqOkE3tZAhgRpPEU
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C36945FD60ED4BCC85DF5D4CC76E34CC&google_push=AaAOQGH4iugrF9-Ihjvi0w8bMUYn6rjdiDlEY7wZrWD7O1YkINKJxYky79nDHS89atG8XxtKEbJiZE1Nb_0kqOk...

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C36945FD60ED4BCC85DF5D4CC76E34CC&google_push=AaAOQGH4iugrF9-Ihjvi0w8bMUYn6rjdiDlEY7wZrWD7O1YkINKJxYky79nDHS89atG8XxtKEbJiZE1Nb_0kqOkE3tZAhgRpPEU

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 08 Jul 2023 13:05:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C36945FD60ED4BCC85DF5D4CC76E34CC&google_push=AaAOQGH4iugrF9-Ihjvi0w8bMUYn6rjdiDlEY7wZrWD7O1YkINKJxYky79nDHS89atG8XxtKEbJiZE1Nb_0kqOkE3tZAhgRpPEU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 07 Jul 2023 13:05:41 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DE0D 70 B
265 B 99ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIKrPAbt4a1_1ojdGXvpgTA&google_cver=1&google_push=AaAOQGHZWmabyNpLdi7QV-TXPC6eE6A2PB-e1mqgrxL4B46XkXoQcQMR4mYB7w6gwoyPL9VscH3NwaKmmjhKbSn3h6Q57GPeZB4
Requested by: Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DE0D 0
173 B 46ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKeUDfx5PT_-QdHZalbJP_M&google_cver=1&google_push=AaAOQGHwQCzR9PfZ6Q_Pt6iGOXSWXYRDEQBJ0P2QXMBSLfyuMCW9JVIUIeAlvWsnX5bqZrNzrolUDQemRVFZhTG1MiBOnKG4Aj4
Requested by: Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DE0D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=X8-6HZ6SQBq7djVNSswteg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=X8-6HZ6SQBq7djVNSswteg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFF0HYwVJKLS_XT-sIqpX--V-qBTTtKpJFL3qxwd_nITPPlxXuKFb6aPfn6UbBwdLQJXlsGW7GmvXPzpyiHVkpH_rvJen0

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=X8-6HZ6SQBq7djVNSswteg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFF0HYwVJKLS_XT-sIqpX--V-qBTTtKpJFL3qxwd_nITPPlxXuKFb6aPfn6UbBwdLQJXlsGW7GmvXPzpyiHVkpH_rvJen0
date: Sat, 08 Jul 2023 13:05:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame DE0D 0
45 B 111ms
17ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKmi4OzH6Cme4mEpb-jJv2s&google_cver=1&google_push=AaAOQGEoKcMIExo0hGgW7rJU8sKW6lTYdGyiwm8eiQkB5_c-byx6hOy368vyStjLSekzcl8bncBo0rLtWPMyDhJInwuQ3k90qQ0
Requested by: Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DE0D 0
50 B 17ms
15ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7QGs8gPy6WjEf-PiTUZl_EzJ2DCSko9MSMnCG8a_-XzaNr2TG-6hEuN-ON6ViqNctjlue

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame E7F7 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 10:54:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7F7 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk9KdJV-pZKOzDZSQ3wPqyI-IBQAAAAA4AeAEAg&bg=!Q0ClQBTNAAb90kgr3dI7ADkAdvg8WpkkW6ARtkc3M2wSWybkkNivnwc3wUPuFO4JgB-mGp7eeOJQbXa4VaV4Lx_1V0Tfg-06GGwCAAAARFIAAAAGaAEHmQMkEt-io43b3HLWu3SBtVWLJuwQgTTPr1seY4mKAT9-2RpLWd2mBu0kNgAUPj8XkkAFO0ZTb1SzKBBV92Rpc2jRCf_yjXrAyOLdufaK_bpPy7Ntpfv2VSUh5DW2fUVtT0sG2gBnxHVmPkjoQD3bshGKKldZwPR6_7ZwfAi5q0YV94SZC655XQTQrPmkp6gVv_NHwYfdh0S4LFjFnVt6FLaXM1MJ7XSjsPaLzdJaacbDDxDvqd4m_Mj8gSUXnQT513Emr77YZPsiSoAsOMYtUbq-UrkXBiPyUcrVk9wqAO80xGRfZKMkDkGvbosISHN1LCzPsLFKVF9QQoqhquilHzCq0aWDRLzD3bsS_h9fsU-iYn-1BTJ6TacUmIcWDAvZE9ndnxLd25UFqaXUwi1kSJ9l_kYZT0idwYphO0za8MQLmm-7kbYNh1M7L3o8hnlT-ih6fYCPHbFSV6IZPE71z5bkVclza0QupmnraP_LV9SLSVJszWeLnvnGL8_fEFGq9KmcgKQtyEPAjxjC3TT0khaNJRtnQYJvMtNATd2uzgSAqXkusDZqh7pD_gFZu8m2eiVsENqANj540PfPn0Ec5Xucb4xyr2J2Rg3-7sx1R_4Q9rHFnj8FClSWzyttloHfzMbU52XXvbH1FGlwALGX6wrhA65w2Hs9EotekqW-io-MZgwLVj2rng5wiL_2sMYB-VU06gFfcQBIK_usgLwxL-cr-pv3Vo6eP7JuIWiESEBxJ3EPdXPgQ18Zz6DS_QE-QRvsXzSQoCALLe_NkxT5kBoEcyTnR9mR5cCXY6ZAqgPCOIAW-5Sbppqkmwkuzq9hMVMQpWdHFM17msPXzMudSfj-btW3DMfKnv_Fl6yxy8N765Xpx-gpjokB4yGtFqsabQX8TtMBIBXzjQ7ZZ8JI6QyhFiS7h-4ef-2ld5_A2LVmFSSQJMAVajtBoh5KVqr-jYmBMV_ywxtezqoOwCEvjMAHU8S7gurhKTam8jmj2nKPNG-Xyp3pO6nU5sZMO4HZ9jFGsH0djOK_iRBhn4xiWQZp32iAn3koEiwKYDsM75Nt9MuWvLGo

Requested by

Host: 7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
URL: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8778 0
0 44ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=3807978727143595&bg=!FxSlFEDNAAb90kgr3dI7ADkAdvg8WpvAtD4byKnrwiL2LvyybUwk5xRR43RkmNVsDOazeUhAYScgdCCwsboAk0amkaKR4tM8CvECAAAAl1IAAAAGaAEHCgAwYK-TL6CqnYZ1FAon-uJj7vHQS2Oxur6aKjM6Mvjmgh3550AfWDzDFw-iZxwn9P1rmQLPSvUDPGuC82F9meX5EoTqyI4vChxv4RMdjg_Yi79zOSNcUkMAEKNuLml0qpjhRaj0zwWv-BnSsnZ1kR7X2TKhQaVNrMH5dMBUIrjiwMoSKdCXEzdD-dcnhBKMutDL-kPBjiGlzczUIbvGxHq1tlq2dHGfgG1ildpmcI9wyXlHlOirjvL7LOj1j7_KBqP3sT7LC3EKsFpLh5FLwMbZ0jjMGRVEi7ZJhbd5Jel1Pg_Dy8cKuQP17f04y1UAE1FES1sXMW0St-JlqUt3afq_qRqHDlFDgu321lyfXBFGKQ8rSehVWXYGP-P-X9QdPu-FfERz2aa3EGdxM34vpHzMmpceXu0xMYv-sbCMQbvaLIysigQUdWdGdQaFjNBb9zfYrY3EBDZkaDDVhSskZF-cNqBTXjsp9gQMYXrzz7SWrrAJbAr9j2gPWveTMmw4wSJjgz4xvgis5U_n6G0EC1M-EDif2CTdoZ-pl0X8-i5QVzY7F2FH5CiNclpPT8L1TfIdvSJf2WZICQgVqFmMetIjCfGPlXh2c6F6fSIy6nLdD00ypWqQqYG1pnR387szKGQKGxMefvBqiERdgT3LTXVpDFuIuC6UtlukEG2CCLc8f9J1pykNhZhIymKBVF6Noy_eJOjlsgXtLBvwg7tlIC3NkKMGxzrOWpWN4XqVmC-O_jXy18h8H7w07Jo7Gj3-Pl7coVX6QzHmk4pg5P4mF5kCL5bKVS1-Fdyp5fZOAVkIiYvLakBzP2lhBN6v6Uus7DXzvxI5Z_npiVxa2Ywu_yU4KmimuAXp6DsbyHt98Z9Lh7NRMY51oyHIjmylGdRZh9gbTR-eJLRUv2Dy26oZsHdWvIWQD4yy2GNKdwA90zWG3BP67jUU3l1b8wMIu0ZdMkhGDFcomMKn3aLWHiVmULMvZFj5EppYlxhBJwyyPFEWG6YEEYtyYjyPbVetkRGvqIA-EAs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame 3089 20 KB
7 KB 368ms
86ms Script
application/javascript 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D20) /
Resource Hash: 6b6e60142056a80251c1cf0fa9204219d00fb3e8d981c643e69163c29c505a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 17:15:25 GMT
server: ECS (nyb/1D20)
age: 127
etag: "6491dead-4ef0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7288
expires: Sat, 08 Jul 2023 13:15:42 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame D819 2 KB
1 KB 360ms
85ms Document
text/html 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D23) /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 594
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Sat, 08 Jul 2023 13:05:42 GMT
etag: "63e39f33-744+gzip"
expires: Sat, 08 Jul 2023 13:15:42 GMT
last-modified: Wed, 08 Feb 2023 13:10:11 GMT
server: ECS (nyb/1D23)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3089 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssP6hzvAzhR9miuSSdxjn4prIcys5DINrxv-Ng5v-7dYpRO4sKmYzFMXp5GnrFeoO_IxOBZuenh1Ng65UGX8AbFjuC5CdaupyFHWErWTNgkuANbrL3FqsLYLD7eJ3NVQkvVDiQKhp59CFsK&sai=AMfl-YSRXeyM6vJHg0SvvvMhXbZGGTKhycdOQ2-0ETfd74EnaY2Hn5HLM8doqBpPuZd__8P9x6Ys9tWjKaPlSlRnFrJtqWsd4cTvOqfT6hJsD7vSmkaVgRxqhsxcqEWn&sig=Cg0ArKJSzEHoiZ2CDA9oEAE&cid=CAQSPABygQiDcuXU6onK1VPr8mRwAPKUf3Hmsv6FuKWQrtxXw-qg_c2O2YNBsWwSzMhHD7-k0OuRB1ljWxB8YRgB&id=lidar2&mcvt=1000&p=116,632,366,932&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2353456063&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688821541052&rpt=240&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag236612 Show response
ads.revjet.com/ Frame 3089 201 KB
33 KB 187ms
187ms Script
text/javascript 107.6.90.94
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236612?_plc_id=111756809&_key=ecf&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5AxdJF-pZNHoI9nL7_UP08qMwA30nbm0cc6x47DEEcCDgOyQAhABIJm1iUNglYKAgJgHoAG5rJCLKcgBCakCtmvPTG1msj6oAwHIA5sEqgSMAk_QNiQVRNdUkF_KMruC2ktdu9r44CoA5TA8CR2mfXsD0OVaNAp_7wctjc9i-nTGcfPOyxRTrcXDFkfoEFEroEqsBAQVlX_1QvPLBMJoIuZGrLKJKlEghdvIZzBP_fmNVEhdBV0_fmjg1cz_PLT6LofcYNJve2RNeW7riDnrai_KE6la7VwRphMQlpF3ZoTKLNqg7Qe4NT97AB63Elg8a-UjYoBDz-OetxwOINmzM1fldmAr-rCMD0q8kapPm-04dpiaczdzBghV_yYq6LEYhUkHcnJzgmaDeeWRK-2j3NQrvG_-Z_mg-q6ftIzvZje1jfXc6ex-KNU-yNf4IJdjHSfjJEFtvsiZknJFSOPABKmR_KevBOAEA5AGAaAGTYAHueTg6gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxArATxP74E9gTDYgUBdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPABygQiDcuXU6onK1VPr8mRwAPKUf3Hmsv6FuKWQrtxXw-qg_c2O2YNBsWwSzMhHD7-k0OuRB1ljWxB8YRgB%26sig%3DAOD64_0Km7xyuw24VthhBrqfMFQ24R6R9Q%26client%3Dca-pub-5111137191506013%26dbm_c%3DAKAmf-D-MVrgxWcRbThETaAv7RPY5JVjWl6I0lWQoWrkL4dE3jfKEz236kvfrkOJFU5soAzYD67gFMlQysfaRrgIA8XMjv1cbVvSikVVQ7SdcDcE4ezQA56ILTERkuJlYJflQiwIM4z9FKO8EFOF2CdeC60phqhDXfBT7KCeqa3_-7ov35ABjL8%26cry%3D1%26dbm_d%3DAKAmf-CHANU1dRG50Y8gnKSiG2rhcE0mShbAt4KbS9dD01SAfPPDeKtYQdX4ZRP8kbGVFY5GBDvPRdXCXWKk7Az-OXEgV3eynLxSCjxPtYVuR0WNGGo3qE6XTtmBifbK1d2zgW_F3V7bDcytdMcqI6cabDE98IgRp4R0K0YbRjjkguKEgcHO4nuPNxZv33H_da_e6tm-1SMwGzpddPCIJAUJ6wqrnO1BJT7kIosmHpILaSR_95atbwJLdORbNSATm-cVEnuhTOKEMeHA2HibtPke3_fi4lFPbHs9AZMBB5qNxv_aahETV2O-V3AmS7GNe5z-RqJHmc1ReZJhAnzKmeCHiXvT8ttRmcGykYa80SSnhwynLQKgsXqG9mxP-VWhO3RMYx_vGms4YkVqAFEP7chS7Hu6rmJZZu6PebnF3i_CG3P5PUDtlEdb1ODALXgpycaPC8OlGAd_53bwufumlPyLKL7_CRvcTXhUV4fjHNLPF1wIKjKgAr0iQ7w4NWBGiIrCaR3cxKQlwarQ5-hWzJQhPvHE8-84w-PnEHjN_1OJyc_3N4myjt4%26adurl%3D&dv360_cmp_id=20318504604&dv360_li_id=1013572237&dv360_crv_id=467099860&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&_js_site_ref=https%3A%2F%2Fmbantul.my.id%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=193cef074af4542d5415_1688821542335&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fmbantul.my.id%2Chttps%3A%2F%2Fmbantul.my.id%2Chttps%3A%2F%2Fmbantul.my.id&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1688821542337
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 107.6.90.94 Santa Clara, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9408479ab84423bf3f90fccfc6fef952318979e6079588e6e61d1c31a8a7072f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip52971
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 6287 167 KB
49 KB 430ms
173ms Script
application/javascript 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D25) /
Resource Hash: d73c41339127fc7c07b24b52089d5aad8caf7addaaf284fc71347a86487cf49c

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Origin: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:43 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 09:05:05 GMT
server: ECS (nyb/1D25)
age: 280
etag: "646b3041-29ce3+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50436
expires: Sat, 08 Jul 2023 13:15:43 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 6287 43 B
170 B 563ms
171ms Image
image/gif 72.251.234.22

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=979de7d8137f38fd6a23d0ab2dad428c&__adt=8240603961418564557&__ade=1&vid=5077623867101130263
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.234.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Jul 2023 13:05:43 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 square.jpg
cdn.revjet.com/s3/csp/1680014892294/ Frame 6287 866 KB
867 KB 87ms
86ms Image
image/jpeg 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680014892294/square.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D06) /
Resource Hash: 0c95ec12dc6c2ab6093951c6b917ff6c896553f1ce59a5ed02baf1235baedc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
x-amz-version-id: 3fPaQivslqxi3yIkxxJfWm_vcpkRhCV.
age: 1139
x-amz-request-id: 89DV2W517N0B2894
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 886632
x-amz-id-2: aF2iwqJJVx76GAi4cVUr8Qt/LceSSk+Csi4c54pS8JZeduk1U/MGB+atFPNVafVrh1jDddYW9tA=
last-modified: Tue, 28 Mar 2023 14:48:27 GMT
server: ECS (nyb/1D06)
etag: "7edde919394f0ebd665a2aba0ea6ccbf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Sat, 08 Jul 2023 14:05:42 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 6287 56 KB
15 KB 87ms
85ms Script
application/javascript 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D16) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
last-modified: Thu, 25 May 2023 21:15:20 GMT
server: ECS (nyb/1D16)
age: 435
etag: "646fcfe8-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Sat, 08 Jul 2023 13:15:42 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 6287 632 B
647 B 257ms
256ms Image
image/svg+xml 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1DD2) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 428
x-amz-request-id: 5ZA042TKTGMPP99H
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: ncEjq516MKml4qz0P1ehP3PdUSXpoGG/N0W+kxeeUTt4aIAr2Xtd2JFD/4m+Z5MyH4sjAv7M244=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (nyb/1DD2)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 08 Jul 2023 14:05:42 GMT

GET
H2 200 Logo-Wordmark-noShadow.svg
cdn.revjet.com/s3/csp/1679927261226/ Frame 6287 7 KB
4 KB 257ms
256ms Image
image/svg+xml 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1679927261226/Logo-Wordmark-noShadow.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2F) /
Resource Hash: 27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
x-amz-version-id: _LI8vXFq5W37Tvc9LZcnQweHjqGcRfe8
age: 3478
x-amz-request-id: 7N5XYN2MJB58QTMQ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3634
x-amz-id-2: Xb8IR4Hm2LETLr3+r/GfJYIdVuRUEWKsYuyOzp7zd0LKYFra7JlEbG4OIKNZJ2TF54Fvj2Rm2Pc=
last-modified: Mon, 27 Mar 2023 14:27:43 GMT
server: ECS (nyb/1D2F)
etag: "66704ffec01c0a05020997e7776a8b76+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 08 Jul 2023 14:05:42 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 6287 7 KB
4 KB 257ms
256ms Image
image/svg+xml 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D16) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 427
x-amz-request-id: DVKJ6B9XXQZ606TA
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: kVNfkgfCTYX0NapAKmn+mhojUK3X+D/amvYgWqc3a4CNzbfZTFvKWFgbiMlbPI0oXGXhBH+Fd2c=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (nyb/1D16)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 08 Jul 2023 14:05:42 GMT

GET
H2

200

B29257362.357505515;dc_pre=CMX3lMGW__8CFabtuwgdjfYOTA;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688821542436
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 6287
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505515;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16888215...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505515;dc_pre=CMX3lMGW__8CFabtuwgdjfYOTA;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

28ms
28ms

Image
image/gif

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505515;dc_pre=CMX3lMGW__8CFabtuwgdjfYOTA;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688821542436

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 13:05:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505515;dc_pre=CMX3lMGW__8CFabtuwgdjfYOTA;dc_trk_aid=548397857;dc_trk_cid=185252476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688821542436
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 6287 43 B
169 B 558ms
171ms Image
image/gif 72.251.234.22

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=979de7d8137f38fd6a23d0ab2dad428c&__adt=8240603961418564557&__ade=1&vid=5077623867101130263
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.234.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Jul 2023 13:05:43 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6287 34 KB
34 KB 329ms
86ms Font
font/woff2 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D11) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Origin: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:43 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (nyb/1D11)
age: 64
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Sat, 08 Jul 2023 13:15:43 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame 6287 34 KB
34 KB 411ms
258ms Font
font/woff2 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2E) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Origin: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:43 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (nyb/1D2E)
age: 48
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Sat, 08 Jul 2023 13:15:43 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 6287 286 B
443 B 247ms
247ms Image
image/svg+xml 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2F) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:42 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 1206
x-amz-request-id: 6DZYPXVZF9T4F75M
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: eZTs22FN3k3M0KZ4MsI98NomTCp1WMVa1MbTP5rBmnJL0pfV3Rkmp0Kmti2COf2kDNSzzRoNGSg=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (nyb/1D2F)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 08 Jul 2023 14:05:42 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6287 36 KB
36 KB 322ms
171ms Font
font/woff2 192.229.163.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1E) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com/
Origin: https://7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:05:43 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (nyb/1D1E)
age: 64
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Sat, 08 Jul 2023 13:15:43 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
compass.adop.cc/	1970-01-20 13:07:34	Name: ADOP_P_U Value: https%3A%2F%2Fmbantul.my.id%2F
compass.adop.cc/	1970-01-20 15:16:37	Name: ADOP_CID Value: DE-230708130539-1307d0a23fe44dd8
.mbantul.my.id/	1970-01-20 13:07:01	Name: lotame_domain_check Value: mbantul.my.id
.criteo.com/	1970-01-20 22:28:37	Name: uid Value: 87a1e2bf-e376-4e94-a91a-038257fe90ed
.openx.net/	1970-01-20 21:52:37	Name: i Value: 53c94f86-c0a7-4e21-946b-b63608226aa3\|1688821539
.mbantul.my.id/	1970-01-20 22:28:37	Name: cto_bundle Value: b0zi318zV3lZeDFxNjRCblE3UjZrWkhxeVR4S1o5WWo0bGtoZ1klMkZza1FmN2d3Y01jMEY0VFRkaDV1bmlqak5sU0lqemM1WnBtcmV1dkh0WTV0VFpEeWJqOE05NzNJeW5jdU9HTG1SVUFMSXRqaTBCMGF4R1o0aGRjOUlkMCUyRk5EVW5aRGRqbEhvTFlqRU1kWUNNOGNzV1JTbmd3JTNEJTNE
.mbantul.my.id/	1970-01-20 22:28:37	Name: __gads Value: ID=f87b71d968528482:T=1688821539:RT=1688821539:S=ALNI_MaYjClfJkPI9XazNjrE8D3WuRRWoA
.mbantul.my.id/	1970-01-20 22:28:37	Name: __gpi Value: UID=00000c38abac9f8c:T=1688821539:RT=1688821539:S=ALNI_MYbNyRuD6UubIhR1CwECUNboPuf4w
.doubleclick.net/	1970-01-20 22:28:37	Name: IDE Value: AHWqTUmBJ2VDOgHW8eBxDStUYmRXzrOvrAUaPa851ID95MOc6hrBBN4YuPIJlmByvoA
.doubleclick.net/	1970-01-20 17:26:13	Name: APC Value: Aa3gxNpKnpM8cAe6azN6F9dfOt4eiMsN2VxTlaYsXXlpaQTQm1xbag
.casalemedia.com/	1970-01-20 21:52:37	Name: CMID Value: ZKlfJbk-iLKH2F5nVLb4RgAA
.casalemedia.com/	1970-01-20 15:16:37	Name: CMPS Value: 1214
.casalemedia.com/	1970-01-20 15:16:37	Name: CMPRO Value: 1214
.adnxs.com/	1970-01-20 15:16:37	Name: uuid2 Value: 810419860502610164
.adnxs.com/	1970-01-20 15:16:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ghe)n-!]tbPl1M>e)ZlrFUfJ+tGXxp)KFX>)<!cHt>p6.ySe'm/ISbriaaU]E=>+vY3If)y3KL9D3I?+]u*lM+
.blismedia.com/	1970-01-20 21:52:41	Name: b Value: 64A95F259C9ECE70D917F892BLIS
.simpli.fi/	1970-01-20 21:54:03	Name: suid Value: C36945FD60ED4BCC85DF5D4CC76E34CC
.everesttech.net/	1970-01-20 21:52:37	Name: everest_g_v2 Value: g_surferid~ZKlfJQANbCugTgAD
.pubmatic.com/	1970-01-20 13:08:27	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 21:52:37	Name: KADUSERCOOKIE Value: 5FCFBA1D-9E92-401A-BB76-354D4ACC2D7A
.w55c.net/	1970-01-20 22:38:42	Name: wfivefivec Value: zD1HUnrh1Qi7D75
.w55c.net/	1970-01-20 13:50:13	Name: matchgoogle Value: 5
.revjet.com/	1970-01-20 22:43:01	Name: trx Value: 5077623867101130263
.revjet.com/	1970-01-20 13:08:27	Name: ads Value: 979de7d8137f38fd6a23d0ab2dad428c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a56577e993229eae4b18af2b2053238.safeframe.googlesyndication.com
ad.doubleclick.net
ads.revjet.com
adservice.google.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revjet.com
cm.g.doubleclick.net
compass.adop.cc
data.adop.cc
dsum-sec.casalemedia.com
esp.rtbhouse.com
f3a6616f724f23d550eaacd2621c844e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
link.bicolink.net
link.deimoney.com
match.adsrvr.org
mbantul.my.id
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pix.revjet.com
pm.w55c.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
sync-tm.everesttech.net
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
104.36.113.112
107.6.90.94
142.250.185.102
151.101.194.49
162.19.138.116
172.217.18.2
178.250.1.11
18.66.97.3
185.80.39.216
185.86.139.102
185.89.210.101
192.229.163.26
2406:da12:fbe:4200:8604:c7bd:e790:fec2
2600:9000:2250:8600:a:e047:753:be1
2606:4700:10::ac43:266a
2606:4700:20::681a:16d
2606:4700:20::681a:21b
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:4780:3:c141::17
2a04:4e42:600::485
34.102.146.192
34.120.135.53
34.96.105.8
34.96.70.87
35.161.135.248
35.190.39.111
35.204.74.118
35.244.159.8
35.71.131.137
52.52.46.51
65.9.66.68
72.251.234.22
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
0407c967f9b56d97e40232370eda7a905d27c980d1ddcfdf55c719bae9c3b444
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62
0c95ec12dc6c2ab6093951c6b917ff6c896553f1ce59a5ed02baf1235baedc25
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
15b18f906b7ca778339817ae6b31289687188a5cb4ca6904865544e48324686c
1b89348e896a3b64c79b0f13abc7c07991037fe7e49ec613342c69c7f856f6a3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bf78d15a96143473950bbf96243ec0113754a1389709747101e24cc7f108e8d
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875
297f279516658fdb281b4f566dab3e78ea87a1af7667f4efc08c447214240b02
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3b77f198376837ddf26aed4ddc2df1b49732f92fe6cc3d546f6764b6c0d5beb9
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4243d4cac056c22addd90b984dfbb64f673c5b7a21ec6f962317785465f34734
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508443b6bcb778348686389c6bd25cf7fe1c6bbf34f89f758d705a2150291dc6
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
6411862ee2887391f85fee0fae9abe94db1b3c13a1ac2923cebe5514b2e30912
69a96aca6038f225c998327f9124227d8b6624f9003e90798fb92fe9a5a29673
6b6e60142056a80251c1cf0fa9204219d00fb3e8d981c643e69163c29c505a22
7488f77b5d8abc14769a44374621fa4306bbacaa4eb2a16042a4af3cbca3d680
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7ef95be91d86f9966514318f916f538a6a1673c935957d1c6d15615771fba2a0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
80157e620c3368503e0e3398c25e19b536418a23ab8ad0cbef723cc8a18ff83e
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8ce49ee6ee73f1ae54213878144d4e5ea677d7f9ffcf93c87b8018e8a286bd10
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fff4a9e4bdbdaddcdefd60315747dfdc9485ca3325a5bb3da5486c3b9df78d6
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904
9408479ab84423bf3f90fccfc6fef952318979e6079588e6e61d1c31a8a7072f
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9eec758a3dea05c2ef2973559b8a4850811fac2d7357488b02c616ce6c360f84
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1d95f36c52f56b2d4245402fe500aa821959f0e38e10ff9df0f0143f8d04522
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aec1a29738e6f71a2cbf5ff28c851ce376e42bb4973aae1634fb946fa3824a18
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
be1cad02e422428fc3923f2a1e4d959658f2cf44ccaa8aca9ecd3399b0d71dd6
be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c839215cc800cb891638b3eae0ac3d4aac02b61759562aa8a2a78a42b911ff62
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
ce6ca0d2a539e9ccce23f126c8f44d6f532fdb2ef911d364293720a1c3da2705
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d73c41339127fc7c07b24b52089d5aad8caf7addaaf284fc71347a86487cf49c
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dccd0ba234b19ebeea1829a621f9f73e1b0f27e07360e471a4f9ca6b20bf8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45
f4b637b013f0d972b825bbc098cbee14a9d8afcb8bd3fc1386850f8fa0af65fa
f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

mbantul.my.id Open in urlscan Pro 2606:4700:20::681a:16d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

93 %HTTPS

47 %IPv6

31 Domains

46 Subdomains

40 IPs

7 Countries

3667 kBTransfer

6844 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:16d Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

93 %
HTTPS

47 %
IPv6

31
Domains

46
Subdomains

40
IPs

7
Countries

3667 kB
Transfer

6844 kB
Size

24
Cookies

159 HTTP transactions
4 data transactions