urlscan.io logo urlscan.io
SecurityTrails logo

www.haibunda.com Open in urlscan Pro
104.18.1.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.haibunda.com/
Submission Tags: falconsandbox
Submission: On October 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 8 countries across 46 domains to perform 353 HTTP transactions. The main IP is 104.18.1.84, located in and belongs to CLOUDFLARENET, US. The main domain is www.haibunda.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 6th 2021. Valid for: a year.
This is the only time www.haibunda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.18.1.84 13335 (CLOUDFLAR...)
37 203.190.242.172 24211 (DETIK-AS-...)
9 103.49.221.172 24211 (DETIK-AS-...)
9 142.250.186.98 15169 (GOOGLE)
15 104.18.202.4 13335 (CLOUDFLAR...)
27 103.49.221.102 24211 (DETIK-AS-...)
1 142.250.185.195 15169 (GOOGLE)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 104.16.94.65 13335 (CLOUDFLAR...)
1 14 3.122.214.165 16509 (AMAZON-02)
3 142.250.185.72 15169 (GOOGLE)
13 142.250.185.174 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
3 9 13.35.253.71 16509 (AMAZON-02)
10 27 142.250.181.226 15169 (GOOGLE)
2 2 76.223.111.131 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 46.228.164.13 56396 (AMOBEE)
2 4 185.94.180.125 35220 (SPOTX-AMS)
2 172.217.23.110 15169 (GOOGLE)
2 157.240.20.19 32934 (FACEBOOK)
1 13.32.29.129 16509 (AMAZON-02)
1 13.35.253.107 16509 (AMAZON-02)
1 44.239.69.74 16509 (AMAZON-02)
1 142.250.184.226 15169 (GOOGLE)
2 142.250.185.162 15169 (GOOGLE)
5 142.250.184.225 15169 (GOOGLE)
3 173.194.76.154 15169 (GOOGLE)
2 142.250.184.195 15169 (GOOGLE)
3 157.240.20.35 32934 (FACEBOOK)
4 142.250.185.228 15169 (GOOGLE)
9 142.250.185.226 15169 (GOOGLE)
39 142.250.186.66 15169 (GOOGLE)
22 142.250.185.97 15169 (GOOGLE)
7 142.250.186.130 15169 (GOOGLE)
7 203.190.242.244 24211 (DETIK-AS-...)
8 142.250.185.194 15169 (GOOGLE)
19 142.250.185.70 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
3 4 185.33.221.52 29990 (ASN-APPNEX)
1 143.204.209.31 16509 (AMAZON-02)
1 103.49.221.173 24211 (DETIK-AS-...)
10 203.190.242.102 24211 (DETIK-AS-...)
4 6 35.244.159.8 15169 (GOOGLE)
4 184.31.88.106 16625 (AKAMAI-AS)
1 2 34.249.16.8 16509 (AMAZON-02)
1 34.96.105.8 15169 (GOOGLE)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 1 35.227.252.103 15169 (GOOGLE)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 2 72.251.249.14 29791 (VOXEL-DOT...)
1 142.250.186.67 15169 (GOOGLE)
1 87.248.118.23 203220 (YAHOO-DEB)
1 142.250.186.134 15169 (GOOGLE)
3 13.32.29.2 16509 (AMAZON-02)
4 104.244.36.20 7415 (ADSAFE-1)
3 13.35.253.87 16509 (AMAZON-02)
1 213.19.147.44 26120 (RHYTHMONE)
2 2 54.247.138.82 16509 (AMAZON-02)
2 2 151.101.2.49 54113 (FASTLY)
1 51.89.21.5 16276 (OVH)
1 216.58.195.3 15169 (GOOGLE)
1 1 193.0.160.129 ()
1 72.251.249.9 ()
2 2 37.157.2.236 ()
1 64.158.223.137 ()
353 56
16    104.18.1.84 (None, )

ASN13335 (CLOUDFLARENET, US)
www.haibunda.com
37    203.190.242.172 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-172-242.190.203.detik.com
cdn.haibunda.com
cdnstatic.detik.com
9    103.49.221.172 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-172-221-49-103.detik.com
cdn.detik.net.id
9    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
15    104.18.202.4 (None, )

ASN13335 (CLOUDFLARENET, US)
static.vidy.com
api.vidy.com
27    103.49.221.102 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-102-221-49-103.detik.com
akcdn.detik.net.id
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
14    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
3    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
13    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
fundingchoicesmessages.google.com
analytics.google.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
9    13.35.253.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-71.fra6.r.cloudfront.net
sb.scorecardresearch.com
ads.scorecardresearch.com
27    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net
www.google-analytics.com
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    13.32.29.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-129.fra56.r.cloudfront.net
certify-js.alexametrics.com
1    13.35.253.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-107.fra6.r.cloudfront.net
certify.alexametrics.com
1    44.239.69.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-69-74.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
adservice.google.de
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.com
5    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
3    173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.de
3    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
4    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
39    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
22    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
7    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
7    203.190.242.244 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-244-242.190.203.detik.com
newrevive.detik.com
8    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
19    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
s0.2mdn.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    143.204.209.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-31.fra53.r.cloudfront.net
choices.truste.com
1    103.49.221.173 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-173-221-49-103.detik.com
connect.detik.com
10    203.190.242.102 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-102-242.190.203.detik.com
images.detik.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
2    34.249.16.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-16-8.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
3    13.32.29.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-2.fra56.r.cloudfront.net
static.adsafeprotected.com
4    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
3    13.35.253.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-87.fra6.r.cloudfront.net
choices.trustarc.com
1    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    54.247.138.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-138-82.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com
id5-sync.com
1    216.58.195.3 (Bluffdale, United States)

ASN15169 (GOOGLE, US)
PTR: atl14s64-in-f3.1e100.net
csi.gstatic.com
1    193.0.160.129 (None, )

ASN- ()
p.rfihub.com
1    72.251.249.9 (None, )

ASN- ()
ce.lijit.com
2    37.157.2.236 (None, )

ASN- ()
dmp.adform.net
1    64.158.223.137 (None, )

ASN- ()
eyeota-match.dotomi.com
Apex Domain
Subdomains		 Transfer
66 googlesyndication.com
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
386 KB
56 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
ad.doubleclick.net
309 KB
51 haibunda.com
www.haibunda.com
cdn.haibunda.com
963 KB
36 detik.net.id
cdn.detik.net.id
akcdn.detik.net.id
712 KB
20 detik.com
cdnstatic.detik.com
kayumanis.detik.com Failed
newrevive.detik.com
connect.detik.com
images.detik.com
194 KB
19 2mdn.net
s0.2mdn.net
639 KB
19 google.com
fundingchoicesmessages.google.com
adservice.google.com
analytics.google.com
www.google.com
68 KB
15 vidy.com
static.vidy.com
api.vidy.com
336 KB
14 eyeota.net
ps.eyeota.net
9 KB
9 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
96 KB
9 scorecardresearch.com
sb.scorecardresearch.com
ads.scorecardresearch.com
6 KB
7 openx.net
us-u.openx.net
rtb.openx.net
2 KB
7 googletagservices.com
www.googletagservices.com
206 KB
4 rubiconproject.com
pixel.rubiconproject.com
2 KB
4 teads.tv
sync.teads.tv
688 B
4 adnxs.com
ib.adnxs.com
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 google.de
adservice.google.de
www.google.de
2 KB
4 spotxchange.com
sync.search.spotxchange.com
2 KB
3 trustarc.com
choices.trustarc.com
15 KB
3 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
3 pubmatic.com
image6.pubmatic.com
1 KB
3 facebook.com
www.facebook.com
660 B
3 googletagmanager.com
www.googletagmanager.com
130 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
116 KB
2 adform.net
dmp.adform.net
924 B
2 everesttech.net
sync-tm.everesttech.net
633 B
2 demdex.net
dpm.demdex.net
2 KB
2 de17a.com
d5p.de17a.com
726 B
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
2 facebook.net
connect.facebook.net
171 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 yahoo.com
cms.analytics.yahoo.com
ads.yahoo.com
1 KB
2 adsrvr.org
match.adsrvr.org
900 B
2 taboola.com
cdn.taboola.com
144 KB
1 dotomi.com
eyeota-match.dotomi.com
104 B
1 rfihub.com
p.rfihub.com
753 B
1 id5-sync.com
id5-sync.com
1 KB
1 1rx.io
sync.1rx.io
107 B
1 blismedia.com
tr.blismedia.com
142 B
1 truste.com
choices.truste.com
10 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 turn.com
d.turn.com
438 B
1 mathtag.com
sync.mathtag.com
628 B
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 jsdelivr.net
cdn.jsdelivr.net
11 KB
353 46
Domain Requested by
39 pagead2.googlesyndication.com 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
bid.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
ad.doubleclick.net
pagead2.googlesyndication.com
35 cdn.haibunda.com www.haibunda.com
cdn.haibunda.com
27 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
www.haibunda.com
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
27 akcdn.detik.net.id www.haibunda.com
22 tpc.googlesyndication.com 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
ad.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
19 s0.2mdn.net 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
www.haibunda.com
s0.2mdn.net
ad.doubleclick.net
16 www.haibunda.com www.haibunda.com
cdn.haibunda.com
static.cloudflareinsights.com
14 ps.eyeota.net 1 redirects www.haibunda.com
ps.eyeota.net
12 fundingchoicesmessages.google.com www.haibunda.com
10 images.detik.com www.haibunda.com
9 securepubads.g.doubleclick.net www.haibunda.com
securepubads.g.doubleclick.net
9 cdn.detik.net.id www.haibunda.com
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.haibunda.com
ad.doubleclick.net
8 googleads.g.doubleclick.net 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
www.haibunda.com
8 sb.scorecardresearch.com 3 redirects www.haibunda.com
8 static.vidy.com www.haibunda.com
static.vidy.com
7 api.vidy.com static.vidy.com
7 newrevive.detik.com www.haibunda.com
newrevive.detik.com
7 www.googletagservices.com 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
6 us-u.openx.net 4 redirects googleads.g.doubleclick.net
5 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 dt.adsafeprotected.com 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
4 pixel.rubiconproject.com 4 redirects
4 sync.teads.tv googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.google.com www.haibunda.com
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 sync.search.spotxchange.com 2 redirects www.haibunda.com
googleads.g.doubleclick.net
3 choices.trustarc.com choices.truste.com
www.haibunda.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
3 image6.pubmatic.com 3 redirects
3 www.facebook.com www.haibunda.com
3 www.googletagmanager.com www.haibunda.com
www.googletagmanager.com
2 dmp.adform.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 dpm.demdex.net 2 redirects
2 ap.lijit.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pixel.adsafeprotected.com 1 redirects 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
2 www.google.de www.haibunda.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 connect.facebook.net www.haibunda.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 match.adsrvr.org 2 redirects
2 cdn.taboola.com www.haibunda.com
cdn.taboola.com
2 cdnstatic.detik.com www.haibunda.com
1 ads.scorecardresearch.com
1 eyeota-match.dotomi.com
1 ce.lijit.com
1 p.rfihub.com 1 redirects
1 csi.gstatic.com pagead2.googlesyndication.com
1 id5-sync.com
1 sync.1rx.io
1 ad.doubleclick.net www.googletagservices.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 fonts.gstatic.com static.vidy.com
1 rtb.openx.net 1 redirects
1 tr.blismedia.com 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
1 connect.detik.com cdn.detik.net.id
1 choices.truste.com 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
1 analytics.google.com www.googletagmanager.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.haibunda.com
1 certify.alexametrics.com www.haibunda.com
1 certify-js.alexametrics.com www.haibunda.com
1 d.turn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 static.cloudflareinsights.com www.haibunda.com
1 cdn.jsdelivr.net www.haibunda.com
1 www.gstatic.com www.haibunda.com
0 kayumanis.detik.com Failed cdn.detik.net.id
353 74
Subject Issuer Validity Valid
*.haibunda.com
Thawte RSA CA 2018		 2021-07-06 -
2022-07-29		 a year crt.sh
*.detik.net.id
Thawte RSA CA 2018		 2021-01-30 -
2022-02-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.detik.com
Thawte RSA CA 2018		 2020-11-14 -
2021-12-14		 a year crt.sh
vidy.com
Cloudflare Inc ECC CA-3		 2021-06-20 -
2022-06-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-24 -
2021-10-22		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-08-26 -
2021-11-24		 3 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 30 frames:

Primary Page: https://www.haibunda.com/
Frame ID: 37DFC16BCAE3A7FF9B6F092EB30BA874
Requests: 198 HTTP requests in this frame

Frame: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3AC0C52F78EE4458ED857C3633E6E10
Requests: 1 HTTP requests in this frame

Frame: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A34C7743A2CD2754D7269DEF84CBB866
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
Frame ID: D4039242FA1719BB451564D7799E2DED
Requests: 5 HTTP requests in this frame

Frame: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28134F4CCC3738838B1D630102CC6574
Requests: 15 HTTP requests in this frame

Frame: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 73E9ACE6D3B7F6B31007AF3E765F4E33
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 78C498995BE1095589911A3338F54640
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
Frame ID: 7C0182E64C8B5FA6C218EEFC6A4BACDC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
Frame ID: 338BB2F0A86C260A4A3F2DA713CE08B1
Requests: 5 HTTP requests in this frame

Frame: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D45D13D9A4D9B8AEFCF417CC5BA1BFCD
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 369740B4F134FA062CAEE7F3E0DB498A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 249EE3ABD309802CE21551ED056E027D
Requests: 9 HTTP requests in this frame

Frame: https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166
Frame ID: 775F781B954DD38AF7550CE7EC77DA9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhivg6GyATAB&v=APEucNWG08TqXJ8IRMaji4sfxv5deyuSKSBS_mA-d3rcer0oS497DnWjRigS-TLl4dBZVw1Urs3SnqqxwAn2RV-NXwLT0h09aLoZy_cDDf5tKQ_mibeeLfzJHbOttIcWsZ9Flo1XU-8VyiXlP7cjOekcrZvqJOpocQxcKWtkU60esgamYVgPuc4
Frame ID: FA167D49B06738C13F62C6953B27B7BE
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 54AAA039F1A2E046763779F6798B16B8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Frame ID: 7C4FDB574407670B2C596CFB0136FEA2
Requests: 10 HTTP requests in this frame

Frame: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
Frame ID: F9398CCE5A9BD83CF5FFB85A9A773CBF
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/10774078/1632247291206/index.html
Frame ID: AD49D546B737D388B357B6DBC368841D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EA345E6C93A19E5E2A6CB023D799D975
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87AED16F71C91403C5C0D3F71E6AEB96
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B8BF4B10D8C2281A1C2AFB8C2FCE5B6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F60AE44E71957FF71CF7E97E67E8D27
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Frame ID: 3FC75A36D69ABCDDD1A55F7B38B15ADE
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 591D3391E77A0A9DB7A8D337433063C0
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F1414AC720598965CF175957C135A164
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Frame ID: B6839DFD3C83D8535DACC38E43423DEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0768922BA251F08E64413EE1038F1FF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Frame ID: 9BD0B528B119667B04209593BB0DAFF8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A278928B321C5A5A376FFE3D27D8DAB2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 393E29C43C188897B9D5A9F001E58FFB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Informasi Terkini Kehamilan, Parenting, dan Mom Life - Haibunda.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

353
Requests

99 %
HTTPS

0 %
IPv6

46
Domains

74
Subdomains

56
IPs

8
Countries

4555 kB
Transfer

10682 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Request Chain 42
  • https://sb.scorecardresearch.com/cs/8443234/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 50
  • https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195212&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195212&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Request Chain 51
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195213&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195213&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjM5QjJWV2lxWS14YTNNYjlReUI0U0VSWUp4Q01jOFJRNWQwRFVNQWJOcms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjM5QjJWV2lxWS14YTNNYjlReUI0U0VSWUp4Q01jOFJRNWQwRFVNQWJOcms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKoKrujny3ei20oO-ao_ziQ&google_cver=1
Request Chain 53
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=9d958f07-ad96-4b23-b55e-5b5921b4530a&bid=1e2n4ou
Request Chain 54
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3Dmli4m40 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=aa736167-bba3-4400-a338-84efce50bcd1&referrer_pid=mli4m40
Request Chain 55
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-_mCF2CdE2pUs63KeShFQO3wPYZBsgOBKpyc-~A
Request Chain 56
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=mli4m40 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3921684288155743935&newuser=1&referrer_pid=mli4m40
Request Chain 59
  • https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=f8688d80-2cac-11ec-8fb6-1ee5b9e10406
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
Request Chain 115
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWe7pFB505cfGknj8uCgeQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Vls9KeAtypt7EwmDXnRI&google_cver=1
Request Chain 117
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxODgzNTY4OTE1NjczMzQ5Mg%3D%3D
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
Request Chain 169
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
Request Chain 173
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
Request Chain 210
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDojz4xuEAMGBdWrJmW0x7s&google_cver=1&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S5_35Diw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDojz4xuEAMGBdWrJmW0x7s&google_cver=1&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S5_35Diw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S5_35Diw
Request Chain 211
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGS93ZreOH88Quik3N2hKCc&google_cver=1&google_push=AYg5qPLGrPp5Sb_v7f50UUsPgPZrHm6yysXM_7rELnQhxvDn58X_j7IWqMFvyXXPPBHoqkiFZcaSMNK7hIRr0b89pb2E2o6KysO8WA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLGrPp5Sb_v7f50UUsPgPZrHm6yysXM_7rELnQhxvDn58X_j7IWqMFvyXXPPBHoqkiFZcaSMNK7hIRr0b89pb2E2o6KysO8WA&google_hm=D2ekCDJCytMfvR4h5NgywA==
Request Chain 212
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEISqMoK-oeRbBe4GSnOKmk4&google_cver=1&google_push=AYg5qPLzN5_xNkdBUNAwoT2Rqw094I2e2IGZK-NvneX3gAj9sB2EYcP9A_40OPwtRxrK1oY01zrrqwPGKjMbm0f5XDVdMSTnpxHwCg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEISqMoK-oeRbBe4GSnOKmk4&google_cver=1&google_push=AYg5qPLzN5_xNkdBUNAwoT2Rqw094I2e2IGZK-NvneX3gAj9sB2EYcP9A_40OPwtRxrK1oY01zrrqwPGKjMbm0f5XDVdMSTnpxHwCg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzN5_xNkdBUNAwoT2Rqw094I2e2IGZK-NvneX3gAj9sB2EYcP9A_40OPwtRxrK1oY01zrrqwPGKjMbm0f5XDVdMSTnpxHwCg
Request Chain 213
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPK5kQ6JgvlAQ-jG8UmhzPywbpW9Try4f35gggpXIE8vdtsQN2DqYxDPr1ScvkjUyEblU2siqgbvEwnIWoNwMvJZBdnsi2IvIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKNlYtSy04TE0z&google_push=AYg5qPK5kQ6JgvlAQ-jG8UmhzPywbpW9Try4f35gggpXIE8vdtsQN2DqYxDPr1ScvkjUyEblU2siqgbvEwnIWoNwMvJZBdnsi2IvIQ
Request Chain 214
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1
Request Chain 215
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC_OqLvF24zZgAR0qUZMs54&google_cver=1&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoSLM9LfPX2DPA9w HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC_OqLvF24zZgAR0qUZMs54&google_cver=1&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoSLM9LfPX2DPA9w&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoSLM9LfPX2DPA9w&google_hm=3abf4206829fcdf9d480e5c1
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC1_93RFsj_X2CRNbmvS4TE&google_cver=1
Request Chain 235
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Zjg2ODhkNDktMmNhYy0xMWVjLThmYjYtMWVlNWI5ZTEwNDA2
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPJtB3mc6bxj0uFC3dFmPe9CecIy4hxUoxru-Af6K9iff6RWZpJFJP7tIYkiovhuK3W2CGIzz9Wkk3qo8tWmr1VzFGKrnSnp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKUkotMi03R0pO&google_push=AYg5qPJtB3mc6bxj0uFC3dFmPe9CecIy4hxUoxru-Af6K9iff6RWZpJFJP7tIYkiovhuK3W2CGIzz9Wkk3qo8tWmr1VzFGKrnSnp
Request Chain 290
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPIN_pE55CZzDVHmCHFw051wVDBfMmvp7IbmiN3tbaOsegtaM2JeGNDlREQAuhnnYTQnKqaCSIFzckoDBPMu8IFSkWR5FsuZwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKVVotMUstM1BWRQ==&google_push=AYg5qPIN_pE55CZzDVHmCHFw051wVDBfMmvp7IbmiN3tbaOsegtaM2JeGNDlREQAuhnnYTQnKqaCSIFzckoDBPMu8IFSkWR5FsuZwg
Request Chain 300
  • https://pixel.adsafeprotected.com/rfw/st/787359/56365162/skeleton.js?adsafe_url=https%3A%2F%2Fwww.haibunda.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1d050119-b022-306c-21fb-78cfe712f062,c:qZym8Z,sl:na,em:true,fr:false,thd:1,mn:app04ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:255,fm:sLMX8Dk+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C164%7C171%7C1721%7C173%7C174%7C18*.787359-56365162%7C181%7C182%7C183%7C184%7C19%7C1a,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:280,oid:f940729f-2cac-11ec-a206-061b2abdf756,v:19.8.248,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 312
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEISqMoK-oeRbBe4GSnOKmk4&google_cver=1&google_push=AYg5qPKuzLgcEWvvwatXaanx-911lTgJvK0Y1irK_DM4-apzw8q-85nPAft48rl9Jh7BAm1PYozjCMg2xqH1MTJpxFLCsB391bgGHA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuzLgcEWvvwatXaanx-911lTgJvK0Y1irK_DM4-apzw8q-85nPAft48rl9Jh7BAm1PYozjCMg2xqH1MTJpxFLCsB391bgGHA
Request Chain 313
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPKGAL_GtOMwrhWzF626Fj_cVJJGyt0ZbavTMmdaeJoyufFPVJ19RvjM_R4KqieoZqBc1YC3eBCdxPo6uMKYl724gIY4aVRqmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdLMlQtQS1JNEFJ&google_push=AYg5qPKGAL_GtOMwrhWzF626Fj_cVJJGyt0ZbavTMmdaeJoyufFPVJ19RvjM_R4KqieoZqBc1YC3eBCdxPo6uMKYl724gIY4aVRqmg
Request Chain 344
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17c7d34f5d2-3b700000010f4cbc&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=17c7d34f5d2-3b700000010f4cbc&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40 HTTP 302
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=84845405550385095110125245531547188001&referrer_pid=mli4m40
Request Chain 345
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40&_test=YWe7qAAI7FA6DAAR HTTP 302
  • https://ps.eyeota.net/match?uid=YWe7qAAI7FA6DAAR&bid=0rijhbu&referrer_pid=mli4m40&_test=YWe7qAAI7FA6DAAR
Request Chain 347
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dmli4m40 HTTP 302
  • https://ps.eyeota.net/match?uid=5318835689156733492&bid=2cr76e1&referrer_pid=mli4m40
Request Chain 351
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5108559721294392773&bid=omt9pi0
Request Chain 353
  • https://dmp.adform.net/serving/cookie/match/?party=1009 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1009 HTTP 302
  • https://ps.eyeota.net/match?uid=1261105975588933098&bid=9gdtmu1

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.haibunda.com/ 		54 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4847ba103f5eb7d917279c5836d06f7b27809e35a1db90a51726e5652ba5047a
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

:method
GET
:authority
www.haibunda.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Oct 2021 05:09:54 GMT
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
x-xss-protection
'1;mode=block'
strict-transport-security
"max-age=31536000; includeSubDomains" always
s
fe-publish4
x-cached
EXPIRED
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69de4c542ac3fadc-DUS
content-encoding
gzip
haibunda.wp.style.css
cdn.haibunda.com/css/ 		216 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
1e0d978a09a9776d2cc6602d706e880504e526634b88ed33497bcde232fcc7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 09:36:56 GMT
server
static6
cache-status
HIT
etag
W/"607414b8-35fa2"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
haibunda.cb.css
cdn.haibunda.com/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
a5403de584447c64021ad774ebc8fb49a14783e66afc4d41bbe83aa4ae6a181b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Aug 2021 03:14:56 GMT
server
static6
cache-status
HIT
etag
W/"61109db0-3396"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.min.js
cdn.detik.net.id/libs/detik-vertical/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Jun 2021 07:01:24 GMT
server
static3
cache-status
HIT
etag
W/"60bdc444-15d9d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtmdl.js
cdn.detik.net.id/libs/detik-vertical/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/detik-vertical/js/gtmdl.js?v=haibunda.3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:26 GMT
server
static3
cache-status
HIT
etag
W/"5db2a88e-e65"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detik.ads.css
cdn.detik.net.id/commerce/desktop/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/commerce/desktop/css/detik.ads.css
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 03:46:21 GMT
server
static3
cache-status
HIT
etag
W/"5ddf430d-255c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
dtk_commerce.js
cdn.detik.net.id/commerce/commerce/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/commerce/commerce/dtk_commerce.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
519f36dfb169cf61d16bab3b2e62107657910c4daa039cc3692d7b9e6a9c4a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 26 Nov 2020 04:20:38 GMT
server
static3
cache-status
HIT
etag
W/"5fbf2d16-919"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
7da1fcac471eef864205c27bfb83a14bbe292ba6aa29bb87fc095ecdccff9bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1015 / 258 of 1000 / last-modified: 1634162835"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27151
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Oct 2021 05:09:55 GMT
portal.dc.js
cdn.detik.net.id/libs/js-itportal/ 		1010 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/js-itportal/portal.dc.js?v=1.0
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 04 Mar 2020 10:11:15 GMT
server
static3
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
cache-control
max-age=315360000
barrier_3
HIT
etag
W/"5e5f7ec3-3f2"
expires
Thu, 31 Dec 2037 23:55:55 GMT
eyeotadtk.js
cdnstatic.detik.com/live/js/ 		312 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.detik.com/live/js/eyeotadtk.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:54 GMT
content-encoding
gzip
last-modified
Thu, 17 May 2018 07:29:06 GMT
server
static6
barrier_2
MISS
cache-status
HIT
etag
W/"5afd2f42-138"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
middle-cache
MISS
barrier_1
Static
barrier_3
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.min.js
static.vidy.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/embed.min.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1632151585
age
2074
x-guploader-uploadid
ADPycduucp1E7RaHqI00UwArDe8EfcmSwzdrsFkFYgo4HS71F6jevOr9EHHE9aSkC9nhqPBTW0tiZow7JQ3494_d-IY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 15:27:31 GMT
server
cloudflare
etag
W/"b145d7539e78b5b1784435a21008f41b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=6c3BQg==, md5=sUXXU554tbF4RDWiEAj0Gw==
x-goog-generation
1632151650900589
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Type, *
cache-control
public,s-maxage=14400,max-age=1800
x-goog-stored-content-length
4803
cf-ray
69de4c561d3a21b7-DUS
expires
Thu, 14 Oct 2021 07:33:57 GMT
972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png
akcdn.detik.net.id/community/media/visual/2019/07/23/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2019/07/23/972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png?d=1
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 04:44:40 GMT
server
static14
cache-status
HIT
etag
W/"5d3690b8-211e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
expires
Thu, 31 Dec 2037 23:55:55 GMT
login_loader.gif
cdn.haibunda.com/images/ 		77 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/login_loader.gif?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Apr 2020 09:23:47 GMT
server
static6
cache-status
HIT
etag
W/"5ea947a3-13516"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
search-icon.png
cdn.haibunda.com/images/ 		525 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/search-icon.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-20d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
fb-icon.png
cdn.haibunda.com/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/fb-icon.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-3a3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter-icon.png
cdn.haibunda.com/images/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/twitter-icon.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-3ee"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
instagram-icon.png
cdn.haibunda.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/instagram-icon.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-a20"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
close.png
cdn.haibunda.com/images/ 		225 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/close.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-e1"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
accept-ranges
bytes
content-length
225
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
cdn.haibunda.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/logo.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-2f8e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
pushnotif.css
cdn.haibunda.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/css/pushnotif.css?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-858"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
ico_haibunda.png
cdn.haibunda.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/ico_haibunda.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-8d2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
pushnotif.js
cdn.haibunda.com/js/ 		2 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/js/pushnotif.js?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Jun 2021 07:05:50 GMT
server
static6
cache-status
HIT
etag
W/"60dac64e-717"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer_logo_haibunda.png
cdn.haibunda.com/images/ 		13 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/footer_logo_haibunda.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 07:02:40 GMT
server
static6
cache-status
HIT
etag
W/"5f55db10-3311"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer_logo2.png
cdn.haibunda.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/footer_logo2.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 07:02:40 GMT
server
static6
cache-status
HIT
etag
W/"5f55db10-1a35"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
foot_fb.png
cdn.haibunda.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/foot_fb.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 07:02:40 GMT
server
static6
cache-status
HIT
etag
W/"5f55db10-89e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
foot_tw.png
cdn.haibunda.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/foot_tw.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 07:02:40 GMT
server
static6
cache-status
HIT
etag
W/"5f55db10-b87"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
foot_ig.png
cdn.haibunda.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/foot_ig.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 07:02:40 GMT
server
static6
cache-status
HIT
etag
W/"5f55db10-1933"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
foot_yt.png
cdn.haibunda.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/foot_yt.png?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Sep 2020 07:02:40 GMT
server
static6
cache-status
HIT
etag
W/"5f55db10-b21"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
haibunda-wp-js.min.js
cdn.haibunda.com/js/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/js/haibunda-wp-js.min.js?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
a50d16fb94114f97b8afe54fe017441606825bce1a6cb8fd2390ebd8130d64e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Jun 2021 07:05:50 GMT
server
static6
cache-status
HIT
etag
W/"60dac64e-1d755"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
imgLiquid-min.js
cdn.haibunda.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/js/imgLiquid-min.js?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-13f7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase.js
www.gstatic.com/firebasejs/3.6.6/ 		294 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/3.6.6/firebase.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 04:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98890
x-xss-protection
0
last-modified
Wed, 18 Jan 2017 00:39:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Oct 2022 04:23:19 GMT
firebase.js
cdn.haibunda.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/js/firebase.js?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2019 05:11:48 GMT
server
static6
cache-status
HIT
etag
W/"5df1cc14-14d6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detik-vertical.js
cdn.haibunda.com/js/ 		1 MB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
e857e1d16831ed7b4062e04ed3b0fe4a4fc19fd08247262f9606af84d427d404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Aug 2021 03:06:45 GMT
server
static6
cache-status
HIT
etag
W/"612856c5-10a778"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
refresh.js
cdn.detik.net.id/libs/detik-vertical/js/ 		1 KB
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/detik-vertical/js/refresh.js?v=haibunda.3.4.3
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:26 GMT
server
static3
cache-status
HIT
etag
W/"5db2a88e-430"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detikLiveUserCounterResponse.js
cdn.detik.net.id/libs/livecounter/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=343af093
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Jul 2021 08:01:26 GMT
server
static3
cache-status
HIT
etag
W/"60f7d456-921a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2985916
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19149-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69de4c5c6e2c2151-DUS
callback-revive.js
cdnstatic.detik.com/live/_rmbassets/ 		168 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.detik.com/live/_rmbassets/callback-revive.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
last-modified
Wed, 28 Apr 2021 07:59:13 GMT
server
static6
barrier_2
HIT
cache-status
HIT
etag
"608915d1-a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
middle-cache
HIT
accept-ranges
bytes
barrier_1
Static
barrier_3
HIT
content-length
168
expires
Thu, 31 Dec 2037 23:55:55 GMT
connectdetik
www.haibunda.com/ 		262 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/connectdetik?fn=onLoginClient
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

:path
/connectdetik?fn=onLoginClient
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-cached
EXPIRED
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/javascript
s
fe-publish3
cf-ray
69de4c5c4ab7fadc-DUS
x-xss-protection
'1;mode=block'
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
69de4c5c7aaec4db-DUS
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
  • https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
96599bd39102b2ec5a0c7a166a560e76000b104c855d23d8859dc14b253c2f78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Type
application/javascript
Content-Length
1210
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
gtm.js
www.googletagmanager.com/ 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f910f1c8bd60acf750e371ec208651b3096064c2bab465b1fc4fae27072d71dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32804
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 05:09:55 GMT
AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0=
fundingchoicesmessages.google.com/f/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
4df8a16f99fb02290855b373aff0add9ea8bed5b2a19c005e823df0b98c0e7f0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-E9rz8E3cLsosPxLJhr+86g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-E9rz8E3cLsosPxLJhr+86g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-E9rz8E3cLsosPxLJhr+86g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-E9rz8E3cLsosPxLJhr+86g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/detik-haibunda/ 		145 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a57b6024ed8047c77fabdfd4ade936b8ecfb56b673b4d016a155e8340fce65e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zOVm1VOWJ_8jt2enKX6QdYvYtUdW8deo
content-encoding
gzip
etag
"a1fb1f408d2078d60798ff06f1cf41a4"
age
12877
x-cache
HIT
content-length
23548
x-amz-id-2
oAe/0SKaRsEwWbH1kConkk/RGZt61M74vZmEYC3GpmuJYtUMRsXRg2U2GZiFZxrOiLoDuMuMB4I=
x-served-by
cache-hhn4034-HHN
last-modified
Wed, 13 Oct 2021 09:11:11 GMT
server
AmazonS3
x-timer
S1634188195.262113,VS0,VE0
date
Thu, 14 Oct 2021 05:09:55 GMT
vary
Accept-Encoding
x-amz-request-id
4DY02V0AF20NMMB8
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
4
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/8443234/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:40:34 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1921
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
PbOdPHPsVFFlvAxibwGSzmMeMzZETQJHBaX7xLb1S21zXjoshTe8-g==

Redirect headers

date
Thu, 14 Oct 2021 05:09:55 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-cs/default/beacon.js
content-length
52
x-amz-cf-id
NtA-jNj7AbbQh0Sfb3Ry2G3WQlWh423mUrAO-iQwl7KMtHIKdOW_Ew==
gtm.js
www.googletagmanager.com/ 		152 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
77cff592ac027370de6581af2f41b94988d35b9453b8a8d3b738948d8f21eeec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49919
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 05:09:55 GMT
opensans-semibold.ttf
cdn.haibunda.com/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/opensans-semibold.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-822c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
accept-ranges
bytes
content-length
33324
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-new.png
cdn.haibunda.com/images/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/icon-new.png
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Feb 2020 07:18:08 GMT
server
static6
cache-status
HIT
etag
W/"5e576d30-34e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
montserrat-regular.ttf
cdn.haibunda.com/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/montserrat-regular.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-ade4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
accept-ranges
bytes
content-length
44516
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
search-btn.png
cdn.haibunda.com/images/ 		764 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/search-btn.png
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-2fc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
montserrat-light.ttf
cdn.haibunda.com/fonts/ 		188 KB
188 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/montserrat-light.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-2ee74"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
accept-ranges
bytes
content-length
192116
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
impl.20211013-3-RELEASE.js
cdn.taboola.com/libtrc/ 		593 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211013-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
04dbad6e437e7cbe82519a875b4e909246fb0fc328fd67582279ac675ac0f3e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
0WMKUF_uGRpqd_wk18gO2o7yfqVQtipk
content-encoding
br
etag
"01947e42a61eadc9e452cc63e6eb1f5f"
age
16269
x-cache
HIT
content-length
123397
x-amz-id-2
p4uXKz83hyKbTEKtoTQSeGB9/V8ScS/Qxd1U4MoOUy7esDzhSFYnKKSj2k1JLQwsTEbByg4h1sY=
x-served-by
cache-hhn4034-HHN
last-modified
Wed, 13 Oct 2021 08:35:58 GMT
server
AmazonS3-br
x-timer
S1634188195.296984,VS0,VE0
date
Thu, 14 Oct 2021 05:09:55 GMT
vary
Accept-Encoding
x-amz-request-id
HABSQNH51PHCPYG1
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
51
x-cache-hits
4369
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195212&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195212&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195212&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
HRkSooU3Ld_i5l_acDX7zs7E-kWhWM4R3ZhgzPytdtUn8rRkOt1G0A==

Redirect headers

date
Thu, 14 Oct 2021 05:09:55 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195212&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length
261
x-amz-cf-id
hi-Sufwhg9NEciricXZCzt7odsQCAKo2g70JAY41UB6rL0TjLcee-Q==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195213&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenti...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195213&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parent...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195213&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
gI7TePrm3LXsaoCPe5RUSL9DKUUWGwrw_GIBDvSLf7SnBi5VUPNDdg==

Redirect headers

date
Thu, 14 Oct 2021 05:09:55 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1634188195213&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length
267
x-amz-cf-id
2VphZQ5jvRGJMos_qDTjw3837vjtdgHzqLABvUzSXal8Og5CXZ0Cbw==
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjM5QjJWV2lxWS14YTNNYjlReUI0U0VSWUp4Q01jOFJRNWQwRFVNQWJOcms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjM5QjJWV2lxWS14YTNNYjlReUI0U0VSWUp4Q01jOFJRNWQwRFVNQWJOcms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKoKrujny3ei20oO-ao_ziQ&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKoKrujny3ei20oO-ao_ziQ&google_cver=1
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKoKrujny3ei20oO-ao_ziQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=9d958f07-ad96-4b23-b55e-5b5921b4530a&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=9d958f07-ad96-4b23-b55e-5b5921b4530a&bid=1e2n4ou
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=9d958f07-ad96-4b23-b55e-5b5921b4530a&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
match
ps.eyeota.net/
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3Dmli4m40
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=aa736167-bba3-4400-a338-84efce50bcd1&referrer_pid=mli4m40
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=7vi0rg0&uid=aa736167-bba3-4400-a338-84efce50bcd1&referrer_pid=mli4m40
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ps.eyeota.net/match?bid=7vi0rg0&uid=aa736167-bba3-4400-a338-84efce50bcd1&referrer_pid=mli4m40
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 14 Oct 2021 05:09:54 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-_mCF2CdE2pUs63KeShFQO3wPYZBsgOBKpyc-~A
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-_mCF2CdE2pUs63KeShFQO3wPYZBsgOBKpyc-~A
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Thu, 14 Oct 2021 05:09:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-_mCF2CdE2pUs63KeShFQO3wPYZBsgOBKpyc-~A
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
match
ps.eyeota.net/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=mli4m40
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3921684288155743935&newuser=1&referrer_pid=mli4m40
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3921684288155743935&newuser=1&referrer_pid=mli4m40
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3921684288155743935&newuser=1&referrer_pid=mli4m40
pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
AGSKWxU51Pia0_m-9vBT4Wpj9G59NplVQzp-YC2R7YnXW3Cr429hPAMJQNh5tJmzjy-p-ZqPv9jQ_1KEN7FdU21MX5w=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU51Pia0_m-9vBT4Wpj9G59NplVQzp-YC2R7YnXW3Cr429hPAMJQNh5tJmzjy-p-ZqPv9jQ_1KEN7FdU21MX5w=?pvid=3D750AB0-33E5-4713-963A-3C1F46E4A15F&anonid=11541263-435D-427D-85FF-7753DA5A4901
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rsWJN-cqKQQ.es5.O/d=1/rs=AJlcJMwb3Q7YG5Bn-gqw5G9lSBM7A6b_bw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-V4pRsiBAPapivnNDUbHAVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-V4pRsiBAPapivnNDUbHAVA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-V4pRsiBAPapivnNDUbHAVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-V4pRsiBAPapivnNDUbHAVA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVsRKJ6RKwz_LxDegS3eZTE1tOzOzhV-chOxa0r6WbDN2w3lTT0y5L9Jyl5fB-2RGFwmZGMH4-zlolK4MaZ8hg=
fundingchoicesmessages.google.com/f/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVsRKJ6RKwz_LxDegS3eZTE1tOzOzhV-chOxa0r6WbDN2w3lTT0y5L9Jyl5fB-2RGFwmZGMH4-zlolK4MaZ8hg=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MTg4MTk1LDMzNTAwMDAwMF0sIjNENzUwQUIwLTMzRTUtNDcxMy05NjNBLTNDMUY0NkU0QTE1RiIsIjExNTQxMjYzLTQzNUQtNDI3RC04NUZGLTc3NTNEQTVBNDkwMSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rsWJN-cqKQQ.es5.O/d=1/rs=AJlcJMwb3Q7YG5Bn-gqw5G9lSBM7A6b_bw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e0882f7de221cc2984512973b7e465149c3603a242cd635a22a7bd88ec94fb16
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rZpYMjlSQDQ9emAnP7UeuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rZpYMjlSQDQ9emAnP7UeuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rZpYMjlSQDQ9emAnP7UeuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rZpYMjlSQDQ9emAnP7UeuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=f8688d80-2cac-11ec-8fb6-1ee5b9e10406
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=f8688d80-2cac-11ec-8fb6-1ee5b9e10406
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Thu, 14 Oct 2021 05:09:55 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
49
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Thu, 14 Oct 2021 05:09:55 GMT
Server
nginx
Location
/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=f8688d80-2cac-11ec-8fb6-1ee5b9e10406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
113
Connection
keep-alive
Content-Length
0
pubads_impl_2021100701.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126551
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Oct 2021 05:09:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		398 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.haibunda.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
283b069e9ffec726e1b1132f6c8a2395d298305db72af2a0a4256779acdcd111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176
x-xss-protection
0
expires
Thu, 14 Oct 2021 05:09:55 GMT
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d9199b794a988969d37ae713e7a0cb5836b835c6f1ebb81df8bd2ccdfbbc128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49524
x-xss-protection
0
expires
Thu, 14 Oct 2021 05:09:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f110.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
1378
date
Thu, 14 Oct 2021 04:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 14 Oct 2021 06:46:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25966
x-xss-protection
0
pragma
public
x-fb-debug
n89P5KG53Q8LpTPZ0lzRr9Y56m/Q5ENQ4x4ZV73Srr6OamN3Xb05ZA9a791LV+MDckcftfu1C09rdUkgWVFtTg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 14 Oct 2021 05:09:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
14641349
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 421d6f0c8b018cdf0b78f7d15df10d0c.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
3s8dHkkakY0Ic7vq9TZv8ArvtXJ3z_KKfqsqjURGHvdbhjXr0luFWw==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 02:23:48 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
9985
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
1oAqkmOTJtikqoLQcC2PxBCAHMDlXjCVo0W2UPF4yzpaPqbtGgGX2A==
b
sb.scorecardresearch.com/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=8443234&ns__t=1634188195453&ns_c=UTF-8&cv=3.5&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c7=https%3A%2F%2Fwww.haibunda.com%2F&c9=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
jfOyrpokCRcLMdV12TrlP2e_vp04Xncq88ir3YBMrPXNBNhL7C1ZVg==
x-cache
Miss from cloudfront
304159643041671
connect.facebook.net/signals/config/ 		492 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/304159643041671?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
aa1a2ccc694d4b92241fba3d2e041394933d9c70e6236181b5e35ef1043aeeb0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
147806
x-xss-protection
0
pragma
public
x-fb-debug
vq/HKejQL2XPXqct8e8ff2wkqe6J1b4fY58mA8RgtSANjtoNET2TW8rW6NqpF/WWEh78qZHKTFmEnmnSM0QeyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 14 Oct 2021 05:09:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&time=1634188195502&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.haibunda.com%2F&random_number=18441427221&sess_cookie=66b4e10b17c7d34f6ab6890d862&sess_cookie_flag=1&user_cookie=66b4e10b17c7d34f6ab6890d862&user_cookie_flag=1&dynamic=true&domain=haibunda.com&account=iSYNs1rcy520uW&jsv=20130128&user_lang=en-US
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-107.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:06:47 GMT
Via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
188
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA6-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
Ypv4DC5krcqyZ_4AB2oOtmC5xeUoyto1YhqV9hLjqUWvfAVa3Lij1A==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.69.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-69-74.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
server
Server
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=870493493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&ul=en-us&de=UTF-8&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=366876621&gjid=1074345932&cid=1803330638.1634188196&tid=UA-891770-244&_gid=1110583574.1634188196&_r=1&gtm=2wgab0WGBMBG8&cd1=47&cd6=kehamilan%2C%20menyusui%2C%20parenting%2C%20nama%20bayi%2C%20mom%27s%20life%2C%20motherhood%2C%20cerita%20bunda%2C%20resep%2C%20tips%20%2C%20video%2C%20referensi%20produk%2C%20rekomendasi%20tempat&cd16=wp&cd17=desktop&cd19=1.567&cd48=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&z=18852380
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f110.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU51Pia0_m-9vBT4Wpj9G59NplVQzp-YC2R7YnXW3Cr429hPAMJQNh5tJmzjy-p-ZqPv9jQ_1KEN7FdU21MX5w=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU51Pia0_m-9vBT4Wpj9G59NplVQzp-YC2R7YnXW3Cr429hPAMJQNh5tJmzjy-p-ZqPv9jQ_1KEN7FdU21MX5w=?pvid=3D750AB0-33E5-4713-963A-3C1F46E4A15F&anonid=11541263-435D-427D-85FF-7753DA5A4901
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rsWJN-cqKQQ.es5.O/d=1/rs=AJlcJMwb3Q7YG5Bn-gqw5G9lSBM7A6b_bw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3LFlWVoahfqCTsu39BtChw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3LFlWVoahfqCTsu39BtChw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3LFlWVoahfqCTsu39BtChw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3LFlWVoahfqCTsu39BtChw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=68723348199892&correlator=2343961233258178&output=ldjh&impl=fif&eid=31063082%2C31063114%2C31061165%2C31062525&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=4905536%2CHaiBunda_desktop%2Cballon_ads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634188195&dt=1634188195583&dlt=1634188194108&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3381077581&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2110&msz=1600x0&ga_vid=1803330638.1634188196&ga_sid=1634188196&ga_hid=870493493&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9d9aaffbd2cfb2e92028bd7708f759d9a89d26133b85d68db2676366670765de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=68723348199892&correlator=2343961233258178&output=ldjh&impl=fif&eid=31063082%2C31063114%2C31061165%2C31062525&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=4905536%2CHaiBunda_desktop%2Cbottomframe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634188195&dt=1634188195592&dlt=1634188194108&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=528661791&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1803330638.1634188196&ga_sid=1634188196&ga_hid=870493493&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ed335d00f40004ed4c60d31939670a02e27ada8a49df0b5c683859339b2ee1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7904
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=68723348199892&correlator=2343961233258178&output=ldjh&impl=fif&eid=31063082%2C31063114%2C31061165%2C31062525&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=4905536%2CHaiBunda_desktop%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=pos%3Dbillboard&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634188195&dt=1634188195596&dlt=1634188194108&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=221&adks=3438090239&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=1803330638.1634188196&ga_sid=1634188196&ga_hid=870493493&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9a878fe7ce38e605ae9f4f5f5f9793387031316d7cbea9d4f329a2c1bce1b24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9041
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=68723348199892&correlator=2343961233258178&output=ldjh&impl=fif&eid=31063082%2C31063114%2C31061165%2C31062525&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634188195&dt=1634188195599&dlt=1634188194108&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=675&adks=2630211830&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1803330638.1634188196&ga_sid=1634188196&ga_hid=870493493&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0c5c2c5ceb7fadc463aeeeb7a57d23f13befce6c982b9d573281a94ba5391ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10161
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=68723348199892&correlator=2343961233258178&output=ldjh&impl=fif&eid=31063082%2C31063114%2C31061165%2C31062525&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634188195&dt=1634188195605&dlt=1634188194108&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=960&adks=2451876870&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1803330638.1634188196&ga_sid=1634188196&ga_hid=870493493&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f88099ba509ed744afae8a295837192554f15a979d242baaf6ec574823e023b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9108
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3AC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 14 Oct 2021 05:09:55 GMT
expires
Fri, 14 Oct 2022 05:09:55 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		4 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-891770-244&cid=1803330638.1634188196&jid=366876621&gjid=1074345932&_gid=1110583574.1634188196&_u=YEBAAUAAAAAAAC~&z=2009455683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Oct 2021 05:09:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
165 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LW7SH9Y4G8&gtm=2oeab0&_p=870493493&sr=1600x1200&_gaz=1&ul=en-us&cid=1803330638.1634188196&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sid=1634188195&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LW7SH9Y4G8&cid=1803330638.1634188196&gtm=2oeab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LW7SH9Y4G8&cid=1803330638.1634188196&gtm=2oeab0&aip=1&z=1699720984
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1634188195689&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634188195688.2120743811&it=1634188195467&coo=false&exp=p0&rqm=GET
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 14 Oct 2021 05:09:55 GMT
/
www.facebook.com/tr/ 		44 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1634188195694&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634188195688.2120743811&it=1634188195467&coo=false&exp=p0&rqm=GET
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 14 Oct 2021 05:09:55 GMT
/
kayumanis.detik.com/api/validation/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-891770-244&cid=1803330638.1634188196&jid=366876621&_u=YEBAAUAAAAAAAC~&z=2054848410
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-891770-244&cid=1803330638.1634188196&jid=366876621&_u=YEBAAUAAAAAAAC~&z=2054848410
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A34C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 14 Oct 2021 05:09:55 GMT
expires
Fri, 14 Oct 2022 05:09:55 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame D403 		624 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmgDdcQualuJNDbbCOvrL1wF4bpbS2S9GUoeSI2Jocw0oq0zUXFVv4p2pYylR4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 05:09:56 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A34C 		53 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AArLEuzjsL9XIBBSWRjNAi1DHayZam5BKshVX_zoiVEMzf5i5y5gIRPK_zpAL01bxQqkSx2rU6kO9yg41raFqjhGJTfZTC4k4s4AXo13LFwkrVwI57ZWi7ubVF7gJyt7uM7eTvYziZpHulMLYICGbFSQGkEQ&dbm_d=AKAmf-DTJTbcVLj38VfeAZj-UzTBvntZiwrqUXdgCqSMvn7JcdEx5syFs-j2Kr9MgJlDBsyWNQiUVtMQMI67OTHvR9H4Puj_Zx8c8v5LbeyHcczPE0QOd_RfRm6l1wfJPB9v9q3-fietzQIlZ606E0E5d1-Nle_iTfB8WwP2h0zsjaxkeN3F8XoVwtmiAX7HCDB0Z_5SW6JdKqNod8lHa6hWQ8UEtT3B9keotXJyMf1Re27zCed3k4z5mBNOgroPU2dP5nlP8ZNxnK-mgHXnjHJFpgmm7qALoHNrr0woempyRNavbGFuGP7jO9sbm6oQaucf6boYv--NcE0I-OgtCVmRsF1nJSNzDXasWsv37zp-I1skQtv8zxmD3HfEY9AVQ5rmG9yC8jfsrV6-bNr-WSQWRAbkqGvqrVv_MYKHSGiF0FL0fJbQlRahb7g46Jh1ajQRjl6b67ZqRrYN2RbKa8KZgOJOR_8J5YI4ZV7ST2cfpuD7862JYl6RJaCzpG5oWblTpX2yu_dHpWn8FuIErNiNxu8Xqd2x8IWEVu3ZJB3dD2ywSwSMxN5qT7EIUcqwLmU4duE77-k66jkJ0gNF6JF57Bwn0CmJHru8-Aw0HTPFeFEzu78YdFV7OZ6A8xdGzuLBuMC20Kw2KtzYST7-HTCIYugQZkpspcWQiIL3cE9v4lG2zaq72iOMvb2cYn5Sn9SpzfkDR2JsPdquQGp_usoAjZmGrkJasHz5Y-C6_I27BcmRokC5bzhqYhgel5QBcmbJXJd4z-Sn1bt5YshNuGjT6UsmXZP7Sic6SuxhLildz48DFYa1CFxBj6nxcgmVSvcVFa7CtM-3MYTN_PIDJgDgMKnfh5Z83vH_LttaEhDbg8iRnrvsn7QzW3yYJHAt8DuI43twsPlEIR_0_kdTSNONAkp7lh3Dapg4VlFl1q9bHERHYwtKzd-XSiJIovuHpZ7VI-bh3jvsDt2HA6njPTJdMJl4B_1fo6Jo8drVgfKL6mQ_jQ1zXt5nXB2QW_7IqFkdTbKZvnRLm5DrHVh2MlO5Yln11w_FNLxNaANfAmwMoszYfQAtFWNSWHwm5ZByjunwlDzZsxJjnS7yJZmEhER6WpYn-BK27HWEkfxqQCVJBm4plehpJgTj7HppuvzflZsOvaMGsqmyNbL1MJtir-g5CsyVDgaUzCb892MRxDHsG2FbQfd4l2PBumNlBADykNEjTbAcDAutwnRMRHoI6FeRkWzbe9fkC_WztQBvlxtFwcd7pmdUt87F_WsfHli-_JxQ0z_3gLAiyh1zsblelzgj9bamnoW9t8f7pbcXNtir2a6t4qdVXPcMZDlUWgRz0Bt3UhP8_501aK3KQrqt1CsCN4TeEMhrxrBkm1IeuO5PJdfMFeasxlROB2r1bq8qfIvIHdJMU0GXdgWqyvgHm2zxRi9hhFFAf5d0mv1-uB-OY9rXz_jWEMdQpJYaQLkTFpM9mCdfULcJtsn1ZxZRX-5oCKEtUD1BuqDehEHOfgGFnA4bXCjqcQDTlg-KWHpLl3sh9J3R_BUGx1v7zU9LmWJ8XGAkKKmHQ2Uvml5-7TK4q4_WfBimQz3SdV-Ye_hmu4cEPMXoJwGYtx4Oj4GCMl0LzRA3acM41RTQdEB-BecHo8SDbBA6LjD_hjP2479PvqERYx4B2TGWrixnT8Prf6izwm5vuo_XZlWvI33mNunmUxt-9BbAx5Xs1LdNBaJh3ngCyfxhAlL8wLtYPoVYndsYEesU8CSg3YYaOg1ggkR060DBTmcvqarYGah3CgGPge1w1nqQ0AyNcIH3_7ypeClBkrvIWeUl7ZCi7eVNSVgQ2Wh2Z41ZaBUN7D8LodOpay6_dRPIEjyt6_tpU_49gLIrtt1VX-PUx88D5hRjKelDOGi18L4IJFWdtnVtNlgl-F_TinjxYfQNRNhRJ9WQVXD5QetoQxG5WmteOZXIyWroKHqmruhowesuNHXVAMuaEaFo2rgLow72kXMbz_bHRnIXEuZhUdIh3i2PHq9TuSbJL-4Ne4rSdWglJX7vdsFqUXeLeZa5g68t4R_M4OaAD64Yt_NnxxIWSYiQA3AZb-AQ0RYSJ_ib5RMAKNbaS0mlg0VgXtmYpa0MfyreZqaxEUIX6hOzBQGV-JNZSjuFYXU3G7TUorefd6iLwaDMhC8E63LaiIFyYUK0jHZ3eai5lloZdg2-O3Pv9TCxnSN3VYcbBvJ0sQCXOZvzrdLwknGfX2H26ftHLwb2uS5tGRlJfD88ili_vOgZj0EyROtasgc5fiJ958mUHul136hq0e7vQy3zINeMjIQJKvAXlvqRkV1ASJx5NImn4edMypYP01Hxzb6VbEiMGGxW6hPvo36OdIi77KUx54_uKzkozEpxZl-aUcR6UxFBiOM3K6bF4ra8026vPbXnxdZrpRG1icvRWg7VugEVfOUbNKuwQ1jIoIegU_JealY-fLiE996oN1LDfNENwSU--GnTa6Bxi5tmwMylCU3UXuuYEC8xmpCen2dixMkXmzDZafu2rh-b-x70X-W-D2NClAcK3GHebuUPILUe7F4l_-ESRDvHr_rtgGfk1fI0nWpbB5IueRxksZiJt39mjFVBPegn3ckzibbWHCmcpTpxkrBOVyOsfZhH7I5wJDrTEm4k-GkUXKGnfWe-ScjoaalyU6gbpV8JEEFeWgdE5QhMIgrurGDOeUKh4v-m338rxYjO3PKmHdZsK26o-zgesahs88b7WLP7vm1dbhzOsEP3kku_dOC3fforoQFq3MVd7onEQOwnldKgfoqMdgvYVh6B1xTd7TCb1lmS2ZGTI8AUS3c7_T9QfYrAVlP_A0rcFL9f2R7cIPH4kYoXikXJaY7Rw4X0xfu6mduxfnKdXsG04aW-JBEKPQ_ibOc1VkKp1TmadiM7sECzAkVvw7dnH2Ij09MzyA-62pBf41xHDX18mTWKZhJeQ1yMs9l719IJ-__qb-PZpeU_GQ5EzV-hpiCQlNWDGXef3U8mUNFUGx0cXyIyYcnAy8L6MMW51vW3WJpJ03av2RSUwvartW8rCJVY1tVfGIBEV5vM3Ew7HrskCp2K7Qn4mfmsSLYPwOkiYyWkHAQdQFnXN6P-rZTNo3kr4VCiMqXko32mnsb81kIoaASJ&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6564ff8dd8458bbfac2b6cba30d04e3edc702faa2a69bd402d15576e31b160ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A34C 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqPQlSfMzcqMFTIDcMDN8SEmS_m7syAAs4md0oekzeTlw3t-p_GYDfiEuzuUwWD5uouPRm38eV8BcpBXgYh8gZ6D-dWsC3WfoZZOXR6-E8_wB9lYg
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame A34C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:09:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame A34C 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:50:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A34C 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 05:09:56 GMT
api
www.haibunda.com/ 		42 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4bf07d6d4bf8faeda179ee61aac72edce4aaf39c688a3e24aba0df52dd851df
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
beritautama%2F47
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=0063de51c83a8286:T=1634188195:S=ALNI_MarnvyhV9J93Kh3w-83FvIa50b0Dw
content-length
11
:path
/api
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
beritautama%2F47
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish4
cf-ray
69de4c61884cfadc-DUS
x-xss-protection
'1;mode=block'
api
www.haibunda.com/ 		56 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f66b0a888ddd15b3125ff82c043a8d503aff0ee0452b410cb034e2f8e59f03
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
search
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=0063de51c83a8286:T=1634188195:S=ALNI_MarnvyhV9J93Kh3w-83FvIa50b0Dw
content-length
34
:path
/api
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
search
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish3
cf-ray
69de4c61985afadc-DUS
x-xss-protection
'1;mode=block'
api
www.haibunda.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c5c8b3ad3d42a16f7d354e09c0f497c8c9cdd25aff3ad0c8c61abb4180fe7c
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
author%2Fkolom
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=0063de51c83a8286:T=1634188195:S=ALNI_MarnvyhV9J93Kh3w-83FvIa50b0Dw
content-length
28
:path
/api
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
author%2Fkolom
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish2
cf-ray
69de4c61985cfadc-DUS
x-xss-protection
'1;mode=block'
api
www.haibunda.com/ 		958 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea4bc5c4ef75dc66dda955e8126f9b5603f5b1d573b28f667e174d4dcd3db90
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
tags%2F47
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=0063de51c83a8286:T=1634188195:S=ALNI_MarnvyhV9J93Kh3w-83FvIa50b0Dw
content-length
2
:path
/api
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
tags%2F47
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish1
cf-ray
69de4c619866fadc-DUS
x-xss-protection
'1;mode=block'
api
www.haibunda.com/ 		68 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd5a93f153bb1df6cd878a66bc4a5c222dd1d13adf3898ff88b06ef2ba72b9
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
mostpop%2F47
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=0063de51c83a8286:T=1634188195:S=ALNI_MarnvyhV9J93Kh3w-83FvIa50b0Dw
content-length
11
:path
/api
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
mostpop%2F47
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish1
cf-ray
69de4c61a871fadc-DUS
x-xss-protection
'1;mode=block'
api
www.haibunda.com/ 		251 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e62384c9295d26c070cd4f6e326fbd2a3d4bb46f733bc30ad6c5692f03575a
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
nonheadline%2F47
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=0063de51c83a8286:T=1634188195:S=ALNI_MarnvyhV9J93Kh3w-83FvIa50b0Dw
content-length
21
:path
/api
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
nonheadline%2F47
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish3
cf-ray
69de4c61b88ffadc-DUS
x-xss-protection
'1;mode=block'
right-arrow.png
cdn.haibunda.com/images/ 		504 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/right-arrow.png
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
W/"5db2a88f-1f8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
asyncjs.php
newrevive.detik.com/delivery/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncjs.php
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
revive4
p3p
CP="CUR ADM OUR NOR STA NID"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1;mode=block
expire
Thu, 14 Oct 2021 06:09:56 GMT
x-cached
MISS
detikconnect_auto_login.js
cdn.detik.net.id/libs/dc/v1/ 		993 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/connectdetik?fn=onLoginClient
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Oct 2021 03:30:43 GMT
server
static3
cache-status
HIT
etag
W/"6167a463-3e1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
container.html
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2813 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 14 Oct 2021 05:09:55 GMT
expires
Fri, 14 Oct 2022 05:09:55 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
thetracker-haibunda-v3.min.js
cdn.detik.net.id/loganalysistracker/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/loganalysistracker/thetracker-haibunda-v3.min.js?v=3.1
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-172-221-49-103.detik.com
Software
static3 /
Resource Hash
6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Feb 2021 02:34:34 GMT
server
static3
cache-status
HIT
etag
W/"6018ba3a-185f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
container.html
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 73E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 14 Oct 2021 05:09:55 GMT
expires
Fri, 14 Oct 2022 05:09:55 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame A34C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AArLEuzjsL9XIBBSWRjNAi1DHayZam5BKshVX_zoiVEMzf5i5y5gIRPK_zpAL01bxQqkSx2rU6kO9yg41raFqjhGJTfZTC4k4s4AXo13LFwkrVwI57ZWi7ubVF7gJyt7uM7eTvYziZpHulMLYICGbFSQGkEQ&dbm_d=AKAmf-DTJTbcVLj38VfeAZj-UzTBvntZiwrqUXdgCqSMvn7JcdEx5syFs-j2Kr9MgJlDBsyWNQiUVtMQMI67OTHvR9H4Puj_Zx8c8v5LbeyHcczPE0QOd_RfRm6l1wfJPB9v9q3-fietzQIlZ606E0E5d1-Nle_iTfB8WwP2h0zsjaxkeN3F8XoVwtmiAX7HCDB0Z_5SW6JdKqNod8lHa6hWQ8UEtT3B9keotXJyMf1Re27zCed3k4z5mBNOgroPU2dP5nlP8ZNxnK-mgHXnjHJFpgmm7qALoHNrr0woempyRNavbGFuGP7jO9sbm6oQaucf6boYv--NcE0I-OgtCVmRsF1nJSNzDXasWsv37zp-I1skQtv8zxmD3HfEY9AVQ5rmG9yC8jfsrV6-bNr-WSQWRAbkqGvqrVv_MYKHSGiF0FL0fJbQlRahb7g46Jh1ajQRjl6b67ZqRrYN2RbKa8KZgOJOR_8J5YI4ZV7ST2cfpuD7862JYl6RJaCzpG5oWblTpX2yu_dHpWn8FuIErNiNxu8Xqd2x8IWEVu3ZJB3dD2ywSwSMxN5qT7EIUcqwLmU4duE77-k66jkJ0gNF6JF57Bwn0CmJHru8-Aw0HTPFeFEzu78YdFV7OZ6A8xdGzuLBuMC20Kw2KtzYST7-HTCIYugQZkpspcWQiIL3cE9v4lG2zaq72iOMvb2cYn5Sn9SpzfkDR2JsPdquQGp_usoAjZmGrkJasHz5Y-C6_I27BcmRokC5bzhqYhgel5QBcmbJXJd4z-Sn1bt5YshNuGjT6UsmXZP7Sic6SuxhLildz48DFYa1CFxBj6nxcgmVSvcVFa7CtM-3MYTN_PIDJgDgMKnfh5Z83vH_LttaEhDbg8iRnrvsn7QzW3yYJHAt8DuI43twsPlEIR_0_kdTSNONAkp7lh3Dapg4VlFl1q9bHERHYwtKzd-XSiJIovuHpZ7VI-bh3jvsDt2HA6njPTJdMJl4B_1fo6Jo8drVgfKL6mQ_jQ1zXt5nXB2QW_7IqFkdTbKZvnRLm5DrHVh2MlO5Yln11w_FNLxNaANfAmwMoszYfQAtFWNSWHwm5ZByjunwlDzZsxJjnS7yJZmEhER6WpYn-BK27HWEkfxqQCVJBm4plehpJgTj7HppuvzflZsOvaMGsqmyNbL1MJtir-g5CsyVDgaUzCb892MRxDHsG2FbQfd4l2PBumNlBADykNEjTbAcDAutwnRMRHoI6FeRkWzbe9fkC_WztQBvlxtFwcd7pmdUt87F_WsfHli-_JxQ0z_3gLAiyh1zsblelzgj9bamnoW9t8f7pbcXNtir2a6t4qdVXPcMZDlUWgRz0Bt3UhP8_501aK3KQrqt1CsCN4TeEMhrxrBkm1IeuO5PJdfMFeasxlROB2r1bq8qfIvIHdJMU0GXdgWqyvgHm2zxRi9hhFFAf5d0mv1-uB-OY9rXz_jWEMdQpJYaQLkTFpM9mCdfULcJtsn1ZxZRX-5oCKEtUD1BuqDehEHOfgGFnA4bXCjqcQDTlg-KWHpLl3sh9J3R_BUGx1v7zU9LmWJ8XGAkKKmHQ2Uvml5-7TK4q4_WfBimQz3SdV-Ye_hmu4cEPMXoJwGYtx4Oj4GCMl0LzRA3acM41RTQdEB-BecHo8SDbBA6LjD_hjP2479PvqERYx4B2TGWrixnT8Prf6izwm5vuo_XZlWvI33mNunmUxt-9BbAx5Xs1LdNBaJh3ngCyfxhAlL8wLtYPoVYndsYEesU8CSg3YYaOg1ggkR060DBTmcvqarYGah3CgGPge1w1nqQ0AyNcIH3_7ypeClBkrvIWeUl7ZCi7eVNSVgQ2Wh2Z41ZaBUN7D8LodOpay6_dRPIEjyt6_tpU_49gLIrtt1VX-PUx88D5hRjKelDOGi18L4IJFWdtnVtNlgl-F_TinjxYfQNRNhRJ9WQVXD5QetoQxG5WmteOZXIyWroKHqmruhowesuNHXVAMuaEaFo2rgLow72kXMbz_bHRnIXEuZhUdIh3i2PHq9TuSbJL-4Ne4rSdWglJX7vdsFqUXeLeZa5g68t4R_M4OaAD64Yt_NnxxIWSYiQA3AZb-AQ0RYSJ_ib5RMAKNbaS0mlg0VgXtmYpa0MfyreZqaxEUIX6hOzBQGV-JNZSjuFYXU3G7TUorefd6iLwaDMhC8E63LaiIFyYUK0jHZ3eai5lloZdg2-O3Pv9TCxnSN3VYcbBvJ0sQCXOZvzrdLwknGfX2H26ftHLwb2uS5tGRlJfD88ili_vOgZj0EyROtasgc5fiJ958mUHul136hq0e7vQy3zINeMjIQJKvAXlvqRkV1ASJx5NImn4edMypYP01Hxzb6VbEiMGGxW6hPvo36OdIi77KUx54_uKzkozEpxZl-aUcR6UxFBiOM3K6bF4ra8026vPbXnxdZrpRG1icvRWg7VugEVfOUbNKuwQ1jIoIegU_JealY-fLiE996oN1LDfNENwSU--GnTa6Bxi5tmwMylCU3UXuuYEC8xmpCen2dixMkXmzDZafu2rh-b-x70X-W-D2NClAcK3GHebuUPILUe7F4l_-ESRDvHr_rtgGfk1fI0nWpbB5IueRxksZiJt39mjFVBPegn3ckzibbWHCmcpTpxkrBOVyOsfZhH7I5wJDrTEm4k-GkUXKGnfWe-ScjoaalyU6gbpV8JEEFeWgdE5QhMIgrurGDOeUKh4v-m338rxYjO3PKmHdZsK26o-zgesahs88b7WLP7vm1dbhzOsEP3kku_dOC3fforoQFq3MVd7onEQOwnldKgfoqMdgvYVh6B1xTd7TCb1lmS2ZGTI8AUS3c7_T9QfYrAVlP_A0rcFL9f2R7cIPH4kYoXikXJaY7Rw4X0xfu6mduxfnKdXsG04aW-JBEKPQ_ibOc1VkKp1TmadiM7sECzAkVvw7dnH2Ij09MzyA-62pBf41xHDX18mTWKZhJeQ1yMs9l719IJ-__qb-PZpeU_GQ5EzV-hpiCQlNWDGXef3U8mUNFUGx0cXyIyYcnAy8L6MMW51vW3WJpJ03av2RSUwvartW8rCJVY1tVfGIBEV5vM3Ew7HrskCp2K7Qn4mfmsSLYPwOkiYyWkHAQdQFnXN6P-rZTNo3kr4VCiMqXko32mnsb81kIoaASJ&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:07:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame A34C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AArLEuzjsL9XIBBSWRjNAi1DHayZam5BKshVX_zoiVEMzf5i5y5gIRPK_zpAL01bxQqkSx2rU6kO9yg41raFqjhGJTfZTC4k4s4AXo13LFwkrVwI57ZWi7ubVF7gJyt7uM7eTvYziZpHulMLYICGbFSQGkEQ&dbm_d=AKAmf-DTJTbcVLj38VfeAZj-UzTBvntZiwrqUXdgCqSMvn7JcdEx5syFs-j2Kr9MgJlDBsyWNQiUVtMQMI67OTHvR9H4Puj_Zx8c8v5LbeyHcczPE0QOd_RfRm6l1wfJPB9v9q3-fietzQIlZ606E0E5d1-Nle_iTfB8WwP2h0zsjaxkeN3F8XoVwtmiAX7HCDB0Z_5SW6JdKqNod8lHa6hWQ8UEtT3B9keotXJyMf1Re27zCed3k4z5mBNOgroPU2dP5nlP8ZNxnK-mgHXnjHJFpgmm7qALoHNrr0woempyRNavbGFuGP7jO9sbm6oQaucf6boYv--NcE0I-OgtCVmRsF1nJSNzDXasWsv37zp-I1skQtv8zxmD3HfEY9AVQ5rmG9yC8jfsrV6-bNr-WSQWRAbkqGvqrVv_MYKHSGiF0FL0fJbQlRahb7g46Jh1ajQRjl6b67ZqRrYN2RbKa8KZgOJOR_8J5YI4ZV7ST2cfpuD7862JYl6RJaCzpG5oWblTpX2yu_dHpWn8FuIErNiNxu8Xqd2x8IWEVu3ZJB3dD2ywSwSMxN5qT7EIUcqwLmU4duE77-k66jkJ0gNF6JF57Bwn0CmJHru8-Aw0HTPFeFEzu78YdFV7OZ6A8xdGzuLBuMC20Kw2KtzYST7-HTCIYugQZkpspcWQiIL3cE9v4lG2zaq72iOMvb2cYn5Sn9SpzfkDR2JsPdquQGp_usoAjZmGrkJasHz5Y-C6_I27BcmRokC5bzhqYhgel5QBcmbJXJd4z-Sn1bt5YshNuGjT6UsmXZP7Sic6SuxhLildz48DFYa1CFxBj6nxcgmVSvcVFa7CtM-3MYTN_PIDJgDgMKnfh5Z83vH_LttaEhDbg8iRnrvsn7QzW3yYJHAt8DuI43twsPlEIR_0_kdTSNONAkp7lh3Dapg4VlFl1q9bHERHYwtKzd-XSiJIovuHpZ7VI-bh3jvsDt2HA6njPTJdMJl4B_1fo6Jo8drVgfKL6mQ_jQ1zXt5nXB2QW_7IqFkdTbKZvnRLm5DrHVh2MlO5Yln11w_FNLxNaANfAmwMoszYfQAtFWNSWHwm5ZByjunwlDzZsxJjnS7yJZmEhER6WpYn-BK27HWEkfxqQCVJBm4plehpJgTj7HppuvzflZsOvaMGsqmyNbL1MJtir-g5CsyVDgaUzCb892MRxDHsG2FbQfd4l2PBumNlBADykNEjTbAcDAutwnRMRHoI6FeRkWzbe9fkC_WztQBvlxtFwcd7pmdUt87F_WsfHli-_JxQ0z_3gLAiyh1zsblelzgj9bamnoW9t8f7pbcXNtir2a6t4qdVXPcMZDlUWgRz0Bt3UhP8_501aK3KQrqt1CsCN4TeEMhrxrBkm1IeuO5PJdfMFeasxlROB2r1bq8qfIvIHdJMU0GXdgWqyvgHm2zxRi9hhFFAf5d0mv1-uB-OY9rXz_jWEMdQpJYaQLkTFpM9mCdfULcJtsn1ZxZRX-5oCKEtUD1BuqDehEHOfgGFnA4bXCjqcQDTlg-KWHpLl3sh9J3R_BUGx1v7zU9LmWJ8XGAkKKmHQ2Uvml5-7TK4q4_WfBimQz3SdV-Ye_hmu4cEPMXoJwGYtx4Oj4GCMl0LzRA3acM41RTQdEB-BecHo8SDbBA6LjD_hjP2479PvqERYx4B2TGWrixnT8Prf6izwm5vuo_XZlWvI33mNunmUxt-9BbAx5Xs1LdNBaJh3ngCyfxhAlL8wLtYPoVYndsYEesU8CSg3YYaOg1ggkR060DBTmcvqarYGah3CgGPge1w1nqQ0AyNcIH3_7ypeClBkrvIWeUl7ZCi7eVNSVgQ2Wh2Z41ZaBUN7D8LodOpay6_dRPIEjyt6_tpU_49gLIrtt1VX-PUx88D5hRjKelDOGi18L4IJFWdtnVtNlgl-F_TinjxYfQNRNhRJ9WQVXD5QetoQxG5WmteOZXIyWroKHqmruhowesuNHXVAMuaEaFo2rgLow72kXMbz_bHRnIXEuZhUdIh3i2PHq9TuSbJL-4Ne4rSdWglJX7vdsFqUXeLeZa5g68t4R_M4OaAD64Yt_NnxxIWSYiQA3AZb-AQ0RYSJ_ib5RMAKNbaS0mlg0VgXtmYpa0MfyreZqaxEUIX6hOzBQGV-JNZSjuFYXU3G7TUorefd6iLwaDMhC8E63LaiIFyYUK0jHZ3eai5lloZdg2-O3Pv9TCxnSN3VYcbBvJ0sQCXOZvzrdLwknGfX2H26ftHLwb2uS5tGRlJfD88ili_vOgZj0EyROtasgc5fiJ958mUHul136hq0e7vQy3zINeMjIQJKvAXlvqRkV1ASJx5NImn4edMypYP01Hxzb6VbEiMGGxW6hPvo36OdIi77KUx54_uKzkozEpxZl-aUcR6UxFBiOM3K6bF4ra8026vPbXnxdZrpRG1icvRWg7VugEVfOUbNKuwQ1jIoIegU_JealY-fLiE996oN1LDfNENwSU--GnTa6Bxi5tmwMylCU3UXuuYEC8xmpCen2dixMkXmzDZafu2rh-b-x70X-W-D2NClAcK3GHebuUPILUe7F4l_-ESRDvHr_rtgGfk1fI0nWpbB5IueRxksZiJt39mjFVBPegn3ckzibbWHCmcpTpxkrBOVyOsfZhH7I5wJDrTEm4k-GkUXKGnfWe-ScjoaalyU6gbpV8JEEFeWgdE5QhMIgrurGDOeUKh4v-m338rxYjO3PKmHdZsK26o-zgesahs88b7WLP7vm1dbhzOsEP3kku_dOC3fforoQFq3MVd7onEQOwnldKgfoqMdgvYVh6B1xTd7TCb1lmS2ZGTI8AUS3c7_T9QfYrAVlP_A0rcFL9f2R7cIPH4kYoXikXJaY7Rw4X0xfu6mduxfnKdXsG04aW-JBEKPQ_ibOc1VkKp1TmadiM7sECzAkVvw7dnH2Ij09MzyA-62pBf41xHDX18mTWKZhJeQ1yMs9l719IJ-__qb-PZpeU_GQ5EzV-hpiCQlNWDGXef3U8mUNFUGx0cXyIyYcnAy8L6MMW51vW3WJpJ03av2RSUwvartW8rCJVY1tVfGIBEV5vM3Ew7HrskCp2K7Qn4mfmsSLYPwOkiYyWkHAQdQFnXN6P-rZTNo3kr4VCiMqXko32mnsb81kIoaASJ&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:56:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A34C 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJW-kAO5bOdfbWWDOqAaMdlxjsNPQTFsVjQPlDzDTUhcM_6NlzjBlUcYy0u_odzYwkn1Ww2ALQn3Xh1j8fnJB-4xMl0Z7Ww_Ovyxnr7N0rp_wKaSjg7_TF4lCnuvjSYW8LTg_nn91k4VnUVqp0OOYv_0EgusCMvFpTuI3ldQN8nodaldnJ5R0hBiW-FTfv7SaKFpSUJIlJ259F53G6jk46tp5kn9kkX4cpoFaGvaRUMVTjTuRwjIKCjxN9moOIUZTMhZCvGCipUU0JW_qcyfAYrasdzAoW50NgKvucZpLuTjlxPw81AvuycdVqCrqSV411tNxWlz9TxkK1NpVdSCPZef1mHo6cYnL0LEKG6WNEqDYRG8stf_qJxYd_uKkZswCjKJ4j1CGjyTbttKQVvWBggCugdM6eIwRHWyC3wQIxsyVnKkFH5k5v3i4mtt21uFCN6BPbMdbJi14cEDRzdZbw2_oehqy-51K5Lv4hfnRaDcnLHarQi4NjIvviJwEw7RCkJVno09Nqio4Um5caa644rrfhrE2-MlYPYGsfy4UxtmyvZ2_rhJQt4366sUmQf2eiHROrpTg31IEXeOXz8If_9xTReNAn0SmvqLxHAYahcIBoYVOSQtUgcWhj9-eXl_8zYtHDwLG5EUtMPi7XYvybCiTpNODRnvAfdTsbxfWi_RIGexLLF7sJD7SwHF6OpJs7lQv5juGXR-cshIzKcGxJLRSnOYKmb2dSta9QkDKDuA8qtn0lXouL15lE36Pi95kvt52UXmjqjL1MD8asL-dNbJsZI9v3UmRXAFWQ6MrDgOh7p5MlSkGep8KAF0-YEN_X8Bm8voDjf2vt3em0p16Tjt88MVkFmlBTqONr01zGK8i00wYOo2R-hJLjldqKbh9m-cRfwzxJXUwg7wBN-rvLWJ-dOiFrYvL4L56HjUIEqsS1CmJum-khRlyh1ANWndNh5lrKpWm6OamaV9XEmnaFlOpWEkue0DR2aJ3amNvLWiPDj9xvARI-H0Qc7YBVtynn2MGS9jcafw900kSg0v5zI-oKtSwm-bp8VypM3Ar_ugISY4_AquJeiX_QxITpQZ9DUu76FIlXH-twqA_GOFAYUrjSIuSmxXorsXClRhJ4DXU0jhni1unNAKCf2h3xNWqBDktksf7iaISo9djIOG4l9-HwsXRN6XKV11oaSYO2zSMmSPnRegzGb6q2y-CrbWOed2boyHazdW-Xuav7AsY&sai=AMfl-YQZVo2Rte-y_4dR1vY3nnMy627uWJ5mqnCkSiYBlQRM_snzbq8Xx3okiPYYn845a5WGOPat6DW_QwkEcGjJmLC-z4xc31Htq5gBEYZRUxK4kPwtQstBvvwjUiJkZX996cQRQZkFyIb6koR6UaxMOGRWyJKsVw&sig=Cg0ArKJSzLhG3hG3eXUNEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20211011.21767&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AArLEuzjsL9XIBBSWRjNAi1DHayZam5BKshVX_zoiVEMzf5i5y5gIRPK_zpAL01bxQqkSx2rU6kO9yg41raFqjhGJTfZTC4k4s4AXo13LFwkrVwI57ZWi7ubVF7gJyt7uM7eTvYziZpHulMLYICGbFSQGkEQ&dbm_d=AKAmf-DTJTbcVLj38VfeAZj-UzTBvntZiwrqUXdgCqSMvn7JcdEx5syFs-j2Kr9MgJlDBsyWNQiUVtMQMI67OTHvR9H4Puj_Zx8c8v5LbeyHcczPE0QOd_RfRm6l1wfJPB9v9q3-fietzQIlZ606E0E5d1-Nle_iTfB8WwP2h0zsjaxkeN3F8XoVwtmiAX7HCDB0Z_5SW6JdKqNod8lHa6hWQ8UEtT3B9keotXJyMf1Re27zCed3k4z5mBNOgroPU2dP5nlP8ZNxnK-mgHXnjHJFpgmm7qALoHNrr0woempyRNavbGFuGP7jO9sbm6oQaucf6boYv--NcE0I-OgtCVmRsF1nJSNzDXasWsv37zp-I1skQtv8zxmD3HfEY9AVQ5rmG9yC8jfsrV6-bNr-WSQWRAbkqGvqrVv_MYKHSGiF0FL0fJbQlRahb7g46Jh1ajQRjl6b67ZqRrYN2RbKa8KZgOJOR_8J5YI4ZV7ST2cfpuD7862JYl6RJaCzpG5oWblTpX2yu_dHpWn8FuIErNiNxu8Xqd2x8IWEVu3ZJB3dD2ywSwSMxN5qT7EIUcqwLmU4duE77-k66jkJ0gNF6JF57Bwn0CmJHru8-Aw0HTPFeFEzu78YdFV7OZ6A8xdGzuLBuMC20Kw2KtzYST7-HTCIYugQZkpspcWQiIL3cE9v4lG2zaq72iOMvb2cYn5Sn9SpzfkDR2JsPdquQGp_usoAjZmGrkJasHz5Y-C6_I27BcmRokC5bzhqYhgel5QBcmbJXJd4z-Sn1bt5YshNuGjT6UsmXZP7Sic6SuxhLildz48DFYa1CFxBj6nxcgmVSvcVFa7CtM-3MYTN_PIDJgDgMKnfh5Z83vH_LttaEhDbg8iRnrvsn7QzW3yYJHAt8DuI43twsPlEIR_0_kdTSNONAkp7lh3Dapg4VlFl1q9bHERHYwtKzd-XSiJIovuHpZ7VI-bh3jvsDt2HA6njPTJdMJl4B_1fo6Jo8drVgfKL6mQ_jQ1zXt5nXB2QW_7IqFkdTbKZvnRLm5DrHVh2MlO5Yln11w_FNLxNaANfAmwMoszYfQAtFWNSWHwm5ZByjunwlDzZsxJjnS7yJZmEhER6WpYn-BK27HWEkfxqQCVJBm4plehpJgTj7HppuvzflZsOvaMGsqmyNbL1MJtir-g5CsyVDgaUzCb892MRxDHsG2FbQfd4l2PBumNlBADykNEjTbAcDAutwnRMRHoI6FeRkWzbe9fkC_WztQBvlxtFwcd7pmdUt87F_WsfHli-_JxQ0z_3gLAiyh1zsblelzgj9bamnoW9t8f7pbcXNtir2a6t4qdVXPcMZDlUWgRz0Bt3UhP8_501aK3KQrqt1CsCN4TeEMhrxrBkm1IeuO5PJdfMFeasxlROB2r1bq8qfIvIHdJMU0GXdgWqyvgHm2zxRi9hhFFAf5d0mv1-uB-OY9rXz_jWEMdQpJYaQLkTFpM9mCdfULcJtsn1ZxZRX-5oCKEtUD1BuqDehEHOfgGFnA4bXCjqcQDTlg-KWHpLl3sh9J3R_BUGx1v7zU9LmWJ8XGAkKKmHQ2Uvml5-7TK4q4_WfBimQz3SdV-Ye_hmu4cEPMXoJwGYtx4Oj4GCMl0LzRA3acM41RTQdEB-BecHo8SDbBA6LjD_hjP2479PvqERYx4B2TGWrixnT8Prf6izwm5vuo_XZlWvI33mNunmUxt-9BbAx5Xs1LdNBaJh3ngCyfxhAlL8wLtYPoVYndsYEesU8CSg3YYaOg1ggkR060DBTmcvqarYGah3CgGPge1w1nqQ0AyNcIH3_7ypeClBkrvIWeUl7ZCi7eVNSVgQ2Wh2Z41ZaBUN7D8LodOpay6_dRPIEjyt6_tpU_49gLIrtt1VX-PUx88D5hRjKelDOGi18L4IJFWdtnVtNlgl-F_TinjxYfQNRNhRJ9WQVXD5QetoQxG5WmteOZXIyWroKHqmruhowesuNHXVAMuaEaFo2rgLow72kXMbz_bHRnIXEuZhUdIh3i2PHq9TuSbJL-4Ne4rSdWglJX7vdsFqUXeLeZa5g68t4R_M4OaAD64Yt_NnxxIWSYiQA3AZb-AQ0RYSJ_ib5RMAKNbaS0mlg0VgXtmYpa0MfyreZqaxEUIX6hOzBQGV-JNZSjuFYXU3G7TUorefd6iLwaDMhC8E63LaiIFyYUK0jHZ3eai5lloZdg2-O3Pv9TCxnSN3VYcbBvJ0sQCXOZvzrdLwknGfX2H26ftHLwb2uS5tGRlJfD88ili_vOgZj0EyROtasgc5fiJ958mUHul136hq0e7vQy3zINeMjIQJKvAXlvqRkV1ASJx5NImn4edMypYP01Hxzb6VbEiMGGxW6hPvo36OdIi77KUx54_uKzkozEpxZl-aUcR6UxFBiOM3K6bF4ra8026vPbXnxdZrpRG1icvRWg7VugEVfOUbNKuwQ1jIoIegU_JealY-fLiE996oN1LDfNENwSU--GnTa6Bxi5tmwMylCU3UXuuYEC8xmpCen2dixMkXmzDZafu2rh-b-x70X-W-D2NClAcK3GHebuUPILUe7F4l_-ESRDvHr_rtgGfk1fI0nWpbB5IueRxksZiJt39mjFVBPegn3ckzibbWHCmcpTpxkrBOVyOsfZhH7I5wJDrTEm4k-GkUXKGnfWe-ScjoaalyU6gbpV8JEEFeWgdE5QhMIgrurGDOeUKh4v-m338rxYjO3PKmHdZsK26o-zgesahs88b7WLP7vm1dbhzOsEP3kku_dOC3fforoQFq3MVd7onEQOwnldKgfoqMdgvYVh6B1xTd7TCb1lmS2ZGTI8AUS3c7_T9QfYrAVlP_A0rcFL9f2R7cIPH4kYoXikXJaY7Rw4X0xfu6mduxfnKdXsG04aW-JBEKPQ_ibOc1VkKp1TmadiM7sECzAkVvw7dnH2Ij09MzyA-62pBf41xHDX18mTWKZhJeQ1yMs9l719IJ-__qb-PZpeU_GQ5EzV-hpiCQlNWDGXef3U8mUNFUGx0cXyIyYcnAy8L6MMW51vW3WJpJ03av2RSUwvartW8rCJVY1tVfGIBEV5vM3Ew7HrskCp2K7Qn4mfmsSLYPwOkiYyWkHAQdQFnXN6P-rZTNo3kr4VCiMqXko32mnsb81kIoaASJ&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 14 Oct 2021 05:09:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A34C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AArLEuzjsL9XIBBSWRjNAi1DHayZam5BKshVX_zoiVEMzf5i5y5gIRPK_zpAL01bxQqkSx2rU6kO9yg41raFqjhGJTfZTC4k4s4AXo13LFwkrVwI57ZWi7ubVF7gJyt7uM7eTvYziZpHulMLYICGbFSQGkEQ&dbm_d=AKAmf-DTJTbcVLj38VfeAZj-UzTBvntZiwrqUXdgCqSMvn7JcdEx5syFs-j2Kr9MgJlDBsyWNQiUVtMQMI67OTHvR9H4Puj_Zx8c8v5LbeyHcczPE0QOd_RfRm6l1wfJPB9v9q3-fietzQIlZ606E0E5d1-Nle_iTfB8WwP2h0zsjaxkeN3F8XoVwtmiAX7HCDB0Z_5SW6JdKqNod8lHa6hWQ8UEtT3B9keotXJyMf1Re27zCed3k4z5mBNOgroPU2dP5nlP8ZNxnK-mgHXnjHJFpgmm7qALoHNrr0woempyRNavbGFuGP7jO9sbm6oQaucf6boYv--NcE0I-OgtCVmRsF1nJSNzDXasWsv37zp-I1skQtv8zxmD3HfEY9AVQ5rmG9yC8jfsrV6-bNr-WSQWRAbkqGvqrVv_MYKHSGiF0FL0fJbQlRahb7g46Jh1ajQRjl6b67ZqRrYN2RbKa8KZgOJOR_8J5YI4ZV7ST2cfpuD7862JYl6RJaCzpG5oWblTpX2yu_dHpWn8FuIErNiNxu8Xqd2x8IWEVu3ZJB3dD2ywSwSMxN5qT7EIUcqwLmU4duE77-k66jkJ0gNF6JF57Bwn0CmJHru8-Aw0HTPFeFEzu78YdFV7OZ6A8xdGzuLBuMC20Kw2KtzYST7-HTCIYugQZkpspcWQiIL3cE9v4lG2zaq72iOMvb2cYn5Sn9SpzfkDR2JsPdquQGp_usoAjZmGrkJasHz5Y-C6_I27BcmRokC5bzhqYhgel5QBcmbJXJd4z-Sn1bt5YshNuGjT6UsmXZP7Sic6SuxhLildz48DFYa1CFxBj6nxcgmVSvcVFa7CtM-3MYTN_PIDJgDgMKnfh5Z83vH_LttaEhDbg8iRnrvsn7QzW3yYJHAt8DuI43twsPlEIR_0_kdTSNONAkp7lh3Dapg4VlFl1q9bHERHYwtKzd-XSiJIovuHpZ7VI-bh3jvsDt2HA6njPTJdMJl4B_1fo6Jo8drVgfKL6mQ_jQ1zXt5nXB2QW_7IqFkdTbKZvnRLm5DrHVh2MlO5Yln11w_FNLxNaANfAmwMoszYfQAtFWNSWHwm5ZByjunwlDzZsxJjnS7yJZmEhER6WpYn-BK27HWEkfxqQCVJBm4plehpJgTj7HppuvzflZsOvaMGsqmyNbL1MJtir-g5CsyVDgaUzCb892MRxDHsG2FbQfd4l2PBumNlBADykNEjTbAcDAutwnRMRHoI6FeRkWzbe9fkC_WztQBvlxtFwcd7pmdUt87F_WsfHli-_JxQ0z_3gLAiyh1zsblelzgj9bamnoW9t8f7pbcXNtir2a6t4qdVXPcMZDlUWgRz0Bt3UhP8_501aK3KQrqt1CsCN4TeEMhrxrBkm1IeuO5PJdfMFeasxlROB2r1bq8qfIvIHdJMU0GXdgWqyvgHm2zxRi9hhFFAf5d0mv1-uB-OY9rXz_jWEMdQpJYaQLkTFpM9mCdfULcJtsn1ZxZRX-5oCKEtUD1BuqDehEHOfgGFnA4bXCjqcQDTlg-KWHpLl3sh9J3R_BUGx1v7zU9LmWJ8XGAkKKmHQ2Uvml5-7TK4q4_WfBimQz3SdV-Ye_hmu4cEPMXoJwGYtx4Oj4GCMl0LzRA3acM41RTQdEB-BecHo8SDbBA6LjD_hjP2479PvqERYx4B2TGWrixnT8Prf6izwm5vuo_XZlWvI33mNunmUxt-9BbAx5Xs1LdNBaJh3ngCyfxhAlL8wLtYPoVYndsYEesU8CSg3YYaOg1ggkR060DBTmcvqarYGah3CgGPge1w1nqQ0AyNcIH3_7ypeClBkrvIWeUl7ZCi7eVNSVgQ2Wh2Z41ZaBUN7D8LodOpay6_dRPIEjyt6_tpU_49gLIrtt1VX-PUx88D5hRjKelDOGi18L4IJFWdtnVtNlgl-F_TinjxYfQNRNhRJ9WQVXD5QetoQxG5WmteOZXIyWroKHqmruhowesuNHXVAMuaEaFo2rgLow72kXMbz_bHRnIXEuZhUdIh3i2PHq9TuSbJL-4Ne4rSdWglJX7vdsFqUXeLeZa5g68t4R_M4OaAD64Yt_NnxxIWSYiQA3AZb-AQ0RYSJ_ib5RMAKNbaS0mlg0VgXtmYpa0MfyreZqaxEUIX6hOzBQGV-JNZSjuFYXU3G7TUorefd6iLwaDMhC8E63LaiIFyYUK0jHZ3eai5lloZdg2-O3Pv9TCxnSN3VYcbBvJ0sQCXOZvzrdLwknGfX2H26ftHLwb2uS5tGRlJfD88ili_vOgZj0EyROtasgc5fiJ958mUHul136hq0e7vQy3zINeMjIQJKvAXlvqRkV1ASJx5NImn4edMypYP01Hxzb6VbEiMGGxW6hPvo36OdIi77KUx54_uKzkozEpxZl-aUcR6UxFBiOM3K6bF4ra8026vPbXnxdZrpRG1icvRWg7VugEVfOUbNKuwQ1jIoIegU_JealY-fLiE996oN1LDfNENwSU--GnTa6Bxi5tmwMylCU3UXuuYEC8xmpCen2dixMkXmzDZafu2rh-b-x70X-W-D2NClAcK3GHebuUPILUe7F4l_-ESRDvHr_rtgGfk1fI0nWpbB5IueRxksZiJt39mjFVBPegn3ckzibbWHCmcpTpxkrBOVyOsfZhH7I5wJDrTEm4k-GkUXKGnfWe-ScjoaalyU6gbpV8JEEFeWgdE5QhMIgrurGDOeUKh4v-m338rxYjO3PKmHdZsK26o-zgesahs88b7WLP7vm1dbhzOsEP3kku_dOC3fforoQFq3MVd7onEQOwnldKgfoqMdgvYVh6B1xTd7TCb1lmS2ZGTI8AUS3c7_T9QfYrAVlP_A0rcFL9f2R7cIPH4kYoXikXJaY7Rw4X0xfu6mduxfnKdXsG04aW-JBEKPQ_ibOc1VkKp1TmadiM7sECzAkVvw7dnH2Ij09MzyA-62pBf41xHDX18mTWKZhJeQ1yMs9l719IJ-__qb-PZpeU_GQ5EzV-hpiCQlNWDGXef3U8mUNFUGx0cXyIyYcnAy8L6MMW51vW3WJpJ03av2RSUwvartW8rCJVY1tVfGIBEV5vM3Ew7HrskCp2K7Qn4mfmsSLYPwOkiYyWkHAQdQFnXN6P-rZTNo3kr4VCiMqXko32mnsb81kIoaASJ&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 13 Oct 2022 11:05:48 GMT
09082021-031335215-970x250px_de_m1.jpg
s0.2mdn.net/10647332/ Frame A34C 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10647332/09082021-031335215-970x250px_de_m1.jpg
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
4537ca040455ce1cda73f9c4bd7cec8456c5b0836cbff00f41b7fdd6cbbe8c2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 18:05:48 GMT
x-content-type-options
nosniff
age
39848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159695
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 10:13:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 18:05:48 GMT
rum
dsum-sec.casalemedia.com/ Frame D403
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 14 Oct 2021 05:09:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D403
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWe7pFB505cfGknj8uCgeQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 14 Oct 2021 05:09:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEVvzS_9XaS7Xro27eUj17k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D403
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Vls9KeAtypt7EwmDXnRI&google_cver=1
0
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Vls9KeAtypt7EwmDXnRI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:56 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
62bc0bf0-ec09-4847-8400-9d6a945c8657
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Vls9KeAtypt7EwmDXnRI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D403
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxODgzNTY4OTE1NjczMzQ5Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxODgzNTY4OTE1NjczMzQ5Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhDNgYa0AhjL0vuzATAB&v=APEucNUfDAkci4LA4wMR8lne07k4uuHKhJD4REFJltDn2HHWXtnRe6YicuQ0amB6LaiauRI4f_3vpnEytCNe3O1tx2h5yQjVPdYFMOB5pr9rVUttsXaIM0jBDReIypKh-8bLAZCOk2t-UVOpUIpuTIfAr0kpsl-w3LNxDyqS_JNzQOAxSCVxCsM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:56 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1451d0cc-6786-4a52-a4fc-2ea9d087460a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxODgzNTY4OTE1NjczMzQ5Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/ Frame 78C4 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2422
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.haibunda.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
cookie
fr=07HxMDty0iLStZuGK..BhZ7uj...1.0.BhZ7uj.
Upgrade-Insecure-Requests
1
Origin
https://www.haibunda.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.haibunda.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Thu, 14 Oct 2021 05:09:56 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7C01 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmgDdcQualuJNDbbCOvrL1wF4bpbS2S9GUoeSI2Jocw0oq0zUXFVv4p2pYylR4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 05:09:56 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2813 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7QJxf4NMjD1NRUX4SAIODc9miMIIK2OkkYrBAf37Cq8bh9iBlbzww4UatgpQhlcOzNly3a_JNu0lLY_fbNrJEBES9wbhZNW0MIIkQI9gTRY29kjisDx3Z7glroQWRwP5GnG7sngQkMG_QoxI1ujWscnw5rw&dbm_d=AKAmf-Cu-BiRCtRBpZIrfzqJgYjOd5UXphy7BzW6qAUhZzThs_ujJ4MvFZx9_gJPApB4xqktb8PkYn_KMX4dE0lW1lBWi32iwENN-lChz7-R8fD5uoKZZa8mEcGclmYnjzYWoxO7jIRjQF_lyj29k8rIur7J2nY7X6aGjFK5LQ9s7Q2s-Z34GkfyQFWCY1WlW0WZB3nncFJ2TFXeCOMdR1nfmT1oWNcctiwD2We_M17SHYEF7TVfrtFGQdTNZfR9jwRmF-8rJvZuFhK11w5v4Tki3HDCWVLSeHS_pD2YAcGkkxQBxsZxDTHcRjzBUV8DEY24xe22H7UBKyI9VV9jen5vO-yuDxJhUEX9KlbO6EBharH2X8O1Gqk-HYdazeZdn40YnkV8jE00P3UKXvfVf3eV4JQPx_gVPzxyVPdbh_-hOjpuwDJJZ-R7VU95odK2sJ8Usk_2zp0FRlYefmyLqSJ79nWzPZtQI-gR6NX20VrRSBHTU8_2kn-cpPrCLzzM221wGC8Yx9Yue0oQ2vfzz9_4oszjZFXsyMKWoBikvPb_dD-6ukGeA3bCQpUDe5nVNiE1TOJ4pXlVdNOv-8PIQYWXwhthIVg8cqm17qTCTeaUzu1x4v8Titi3XcW7rL3_ecaetQtL3mDUYugceAEwNo0xA9y63azH8W29D3zRT45Jv7QduO6h_RdKeU8i6W1fahKVsZ4pWnuDOIkGKdZ1X70_uvK20GhiaQDdPmt83J5NO57Cv2QUIz1JMLk--4576qhzfG2pzEe0yToE8c4961Gyicq-8z46db4L1kqKJIV6j0yN-mpKqcjZJfwK9jRlkFFIjADhcVP8fqyNctnT2Hc_u7hsJP2g2vq0cwZXOJ0ywCRKAyO2xbA28n5A7sBQ1biD_3lBBGkUYabL5dbWaxCvfljY0Nt4N3rp3W2rPKHl-XFhCe-H8Alvg_kJfLQydeFaEBa_Vumew7tywPpLUPlaATDXxcBsWc4AF3wfuf2Q77OQcSxMEFKCHqjfXT4cQHPsWByBp3COugX7qnfT_X-gs3lG83ChtBdGVWxo9yAMGOgz4RrE2rYEomT_155YYuAK8m_qWH2MfvixMWdJRGE9Jq2f4szO4907tmqQiCqxlllm572WxfiB7omKHcpAESUJDBaG8RTv2iFiPflSkUL8XRYhuYgPFalDN5Gh4hlasDrJNlkWdl6TIqMQIHFBCIIZY_o3gw0mA3jorN1fmrcE9o0rp2PSMUhhVILnq0hTie08bzSRlcTfu1KQT4ZhnjxBpvwezpqOxnIGQkS61B7B9ZU-gZIs8I5g8YP_DzSrgskmTJQZqqTIxZUw1JfnVDMPncFr9wJU5JC5BknTE3ORVjS9UW3ieUI134vHfEuEqgwlWjIpBMq4BB5ZmwhHGk2DlrT6HA0buYNHgNfarijKTN--bjvYhxnhy2isZt48206gEKvpQ6zlb0f1-TyVEScSTejXJH0GH3vXQppCAfGlAm1TQjuyIC2S-HzHPng-PAbZe7idWWxPmMICQQaNzCqYcLQYKJ4gJY7EPdRwl5imfdfKCy1kBNkhrzgTFEf8TM6cw-Y-UZDjEvFqGX1wKcGxS8JdUU9HFfI6f0bmY-1c0SuCbCS5RqSpcLTt_jceRVIpTMD9KkjZDXTZp5T2-A9KuXvRwyy2G-60hhMD-7KZiMpBtsEPjIn-iu1l2By_AJWpEA_8NDU2-EPPkzj5_6LvDFohJM-onLN5poNlNIB5QQ1X5DphrsiVx7mhC_8nZYZOYly2jNXFQupC3gcJuFMZr8F6tynpnoTtHtmRv8cM9vEhlJo9WUxtMvusfIJM-lwJF65c5QM8e8qiXqDCUbU59OP1FIeQuTgGEx6VeImbG8FMbwEyL-oDohsJ7VHwlsLqJqZLPctY0d5QwzVFnBhEW_ijrGYgvobQAffQrsVFioec7e7OY3zYKEuhSR2741b-byUhwTgWLG1LJ4nw1Hjn6ZMgE5YsdIu7FhlB8MXo_NbhcmrOGJK7FvQ7wuH47Id8bw76zOUBRWwYablE1Fa1ylj4t-LPKGQsXCeXu2OVhxidOF-6wL-m2QFKuCI10gcDMsh89aVaCUisbgw6aCzdv-Azt-8cPKJnAo1UmvqDDaCtWi_mvt5NxM8ShuJ0IHBQpteSZHsXFJjG-lFWiCkCy3iUDwUIOlDk-LcOKdePk7ISs1Xnj7cMV7fDDJnsQbjV8HKAbVdKPTjQfsiS_F0H4asaVRr7IbgWHoHN8eLEkjsyxXSowznLO15RYmDgbuKo9fsOoUcpJL6sBvKx4tjsbbO6GUcZjg4oZKT-U-74yws9m5gzrf8TUkLHa4KYmlSYO0JDHZjazhj8W4Kiunt7DD6mpylMnQHrHTTfje8fif1U8I_8smDI-TLQAIUAIMAs_R8V0nUY-l0W0x7xZXXYUEttU-WWOacuT7f3iuG008IpaccVZVDyEzao3XOU-f9FydOiCApWGeUQbcJhBLvLXgAqsmySJV-6TOy4zb8oD_JwvpY_AHPjmQwHBax_rTJ3D_7o2pi7vozMIOTbEzwDYoFrbV4lG6kOxfc9wYCAYiddFggMiEhUZFAdsQNpbmbaqrBYLOWXCsWZKK6rCggLny-20DxCoDoGKpIkKSExTjOb4FwZp292HfjVhqLG-RhixfhtMSggSUgqli8M0wD9XZQ8V2XNJE0TWj6vhECRKrf8NNldIi8tlH48RJiRDaTumzW70EgtlaaEAS5co46BGswPtHSRKjtjzHbPXOXs0KCrmBRmaWOSiGLwoKf7LY6Lon4xLA7KPTJ_jBXal8gyn8IKd7k2lTDcvwS9kL50ISEfKCRlS8J-AFw9kvWBhsPo6_peNbfRGw5MP9vyLgeF9xuxCbVyCDlrErUFgrCqhYG3dGqWJ-fP4q_r7HHs4vlP0B4nxqoNWO1iBvhpDFUVWeb8d7Zczu8CdUOHWslWNNzTTEMaFdJ3eGMRZg8L_YiLIteiTKdvaPp4iM2G4hpzMlbCLYjO3CHAEHyA7HjGA-0Za23Sc_ZMQWCEvtj4SWqAbuCLwaSxQ4OFHwq-NgMHBIdziT_tqVU1Tvre8_gTU4nm2W1u6om2NGAMhzTYOHAu_TEktjmr3CvC7xFZfxKLKd45_YAPG7mh__43dIhhGU6oAPJS_2wTtUC3FUueKrXk_iyeaeJo5egYaNJgtlT6MktwW8umDO0QgGP85mPAvqoTHs2tQR9MexwO7h8taVFN-2v9mRbM9obaljSTx0H1W8gr8inI&cid=CAASEuRoTDqSBTEEBFnbotPLTwu_EA&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4a77614060eb8670d30a48ab8d490772854632ad11259a8f0c0bcc019d44b26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29744
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2813 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjoaHng9LuK2OVKeniOsBwa2fBXniAi817-17ktsdSN_ABNw4EBvQLu4oChTTwsGIZ40jmoqmJwD4exlthoPmowc5Yx1wTf-9vBcxBjPLvV5OnmPs
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2813 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:01:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2813 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:30:21 GMT
l
www.google.com/ads/measurement/ Frame 2813 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_OqP0omZKQgR_cKkQJUysTBtU1fF_3kfQ4tWRfdEXS3VAyx3E8rB7Gmce0-4fupaNNgHK9zInOivDoiySebEjemqloA
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2813 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 05:09:56 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 338B 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmgDdcQualuJNDbbCOvrL1wF4bpbS2S9GUoeSI2Jocw0oq0zUXFVv4p2pYylR4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 05:09:56 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 73E9 		12 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBNgSdWpKimO5zL2sJCq_W3jUIWoSqRuH88YT0OEZTfofM9vZirzFTI2n_KgQ2rmCs8Cn5mPIFMq7d1AAP-v94IZvoShEFhm1GvSlxOiMaTDxZr8g5mB3GmRHT2Enkr2u6gvOUNwqY4S2EXT7N22gQIlkg0w&dbm_d=AKAmf-D_rsRKnkyzLG-6nhdPL5uFue-Idkf4iG_PeC6urZsYQCG7IypoiOjLkAG_UTcRQYtEsvTxPk7xlLYFMHxfoi4AGA_Ki2WZL1rNKkwMQhQV602ZaS3JE0zP1gfFH-oDJqNje5WEIH7fIXD23gXHeNo3inn2pXoiXrvJUfXdorLzD_ShdjXWJdLDCdCJ4-0_yLuo2ACCJKAGW8UayB8HZk-6uxR0jwoN1ysVps8awavxvX_2BcyuEy4oaPrfP3vM7G3F4pgzme5KIG59S6fCec0BgF4o0NMVXY6b4z2IjUHFJP4zv5qTcJokbqdYJpXQD4bpXoUvYnvn-5VG6ZmAN7z4qlEKt7Hn8hvIuZ-vc0s-TWfP356qQuPeG_rqJtBwFOliHZ2IyEMC0aDO75GLIO1c1ZVImMSb1GevGwj1tm2lxFn8h6T3bsqbXQivpDxchovIa5NYgTL3riTLCe7OytvriUar2ALVoJzr_isoAVy5rWsn5XmCexeF-vgKo13rYZ8lZXpNuGU6W92QWxUN8CjZyBa3xYZe_Fhr35yuUbtonRltQF0j7ymw9YIC9Kv78rOFNV23NSRm6ANeBlKvs-GPTmU5reRjuMggO3g0QTJGDpNYNZJNckb-OQPMO7Scv8hBqc8a7wPIIqXQPTnwZEOeQrssua-jPwJDw2l-K2qi71w0P45OdDd94a0g3Wb-4jiXoxKV7AMXKO1FaC_fiMY-XinDeVES5ZTst30I2EYN-7C5MgaHkIFOXlfen-jy_L0exbeULqaJYUv2MXof8fzD0ks7MCk6zNLL1_y4uvN1XjrUcQ0ur2qBaGJ8OMn9aJv0orKXjyZLKfm_3spbG21kDdU6YQyTQUfQXo_78gJaT4njsEO8reupdAxYyRJZR-Lp2ESNV6t2TFfBVEsjNuan4K_vflUDIFoiK59omJGx0LLTyMr0mWMvByTXTrc6UEdIJHs74KooeJmEF3TltTtjC50TsPNy39rBNxt6Bz3fsU9QqFcOGUiPyvhXyM5Pmmx1aCZ3GSi24O1P4EtY-ESulaNofhAg5oUjlxJJMWDr0KMqVe0sPf8jcC8BmRRDEUhx6dM5cgLkrzbYOO_lw3-5C6aqaCfuZN9pW3fj7MFAqKOrWMfH0zmevRYtgtfYljzBpSekE_J5d0QOmX9n_9KTPX3qWgZfl-c1LiUm6_LTzSvOmruEkjM3_nyo-1OLUAgUaMLJcxPM_Qh7phhn0ofGu_QvR62bnlUKHLGk4UzjQhxpskR4YX1UloJvFF2tnTjTiMpknCMBFCKAAJgbwwbr2EdrHpZhmRT525VfdYkHBqldw2ZJNG2HZmgIF420iR22YDeewOQCbkgGjMMRFToyFpPUUPZh3WH-vIUFRtfJijC6J4jVxYM6EnXZ9hboHER2PAlgRZCBXQnPgL8lLLcic2AiDwRW7-sSNUKcPE8FIH7CvIKsTa1CcEHqhRAYBOWR6vudYvfPWCprPzbqLSS1klLumPTz-GW94Epy9tnbranVmj7_fOIZbjHp-Hj5VRqMw6ZkjmoPx1-io1WSjsDtPEgnbBF1i-qZ86YxgHBd0cqN69d1QP3Y2IPDbQRcW9ExXTtxtok3u7c9hKxPVcsIGIqKKjFYLVfNaDUYYHyNDgfOMxe1VAW9IpfjP2K0duSrj5dEyNAm_78VL6T7Ul4QICBhYrKWO03lF4-oebPOAZab7buN8FhmJ5mxfUeekYxp0vmJFSrIz-xZA3WLcBcx15S2wDc59wvCEahCszJUaGS2ffDeW-0tSOcPanVZ1itovJ-9WRRtOluToCD2GbyuRFyZFeS0_NHInBJ6k-U70VWnW6Yk_sbwGmOd8jTPgY1scQCrikKu8rQ89IiMnJGnMA4aQis4RSBTx14ki4XqmzOF-eWN_arPNkIFdXBkkmdksi9d9-dfvN_c5pSw69tXUkNYGKshEBhUYbA3ua8GawyVWIdsmi6kYw3Ags1IXi32NijSHfFHh2lk4XJOcqNCJ2Vy0dTAs9y3BiIJuW9Y2h3sJapTRRNI1xO9QPEMVEF010E94QQ85oe8R9sJFz0_tdrkYsMFvLesGrLXSjw2cFvem1yJEiuzhj0d2zuq1me9VF7hKJAaH-_Dxzf65JRGiNSBJ9Y32QZQtrsw-WGt0VcdE454XvgM3jHgjBcpAj4cFXCwWSWas357VRvx3SiunvJJGVhQlHnxlHjb_BYba1wSmIabNcw3_RkG7BWkrIwXTCewZXWj_gZBvofjahVVd6o8kTql_t3PCmgP-k1sTBxE57k5DTq9xPn0mk0uMNe1Hi_9p6mCAQ4rC3CDnshjFdW3dRvn6TuBj_U5jkxrZICTmJHYstHjiY_vCfJfnOLkTaGPXsB3fJxBrZWwyjWyx29_ClM1BCRvLZPhamAqCHTMnX5PqVX94kDXKtKTXSqDygojKq96hkzvGN34Rem1rwA8rpHHW7mHijLZJIQLRe9Jidm6IBgItF76Ax2dISLvlB7T5i8ifNvd23gIJK2iJW1Jn_iyLIZg2776U5wKBgRBA-F9f2h1nqEYJY0mxP1mx82twZxtuc8x8LQHbiU7Q1GIduD6LM03sR-F9wpPWleecOaczyzXc8jKtIcFMFwdvG71wbKhAs7xmQZYnw85wQ0uwg&cid=CAASEuRo0pqFDhx-lnRkCUUeZkACAQ&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7c968a51f9a55a3afd87dbc9abd78a95f43dba240c508e28324d92211679a9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8800
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73E9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlOKZTkOjqj4IHuted6uYCuspK9HRwh7qXF-eZ0cB-gLu7P9ee-sp-k2HguCM2VWTklk7dtd5wEMHCpP8GwSjw9jUwfL-zlJmowCps6rkaCZmI0IM
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 73E9 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVLdPOzFTTB6sf8aEPJc2gliaLWUtovRx_Xp6s19gT5I6bmbcU&d=CnkAoCZ_4KzSK-wvs2gf9F-z5KfUsGiilIPJuQgdsDB3iU0jr5k_miLXssB2cb2703djMLnor_3IKdVudvWslbglqfBMj2jrXr1gH7-sNxJ_ry08sEaYBBdNPE7pZLUx_NfMeOy8ySX-_lXxZyQIu-kIJ_pBjaZ7J-08EtkRAKAmf-D8tgDfLYstVAJw4ddhEnTddYq34aVj8zQPoavq3sQI35TDPZd4nHK7a-txpoICgiC5gDXlGbSkFRriYYfMUtI7hreg-NfUzQTZsITrTE7D7mAF_tg2z0U7xrv4w-2XGn4Pkb7AaJB5qKc3GHlY2T18l4HzPSbamWMURucFTkABXLWvEXILCYfQtlHenznuXYWbkR6S8msq-QJx4FGDaRakQK29gYQCQrw98So6z_uFHE_8QVqTwaAiRcmQHSduNVqDW7haYXUU7yttrpbMU4kSSmSoxed1-tNSf0Zkpgok29uh6B-0K2WgXop5H9tlvOZRJT7Or8UpS_hi2o1ev5Yy_3geTGhXn-GLpoSj91iA0eAeE_Hcvne2UyVy9dKc_bnyLepm-nayXxmIYRdMSOA-4wfJdTmMwCunz7rvTfUzq3aqpWdcj0l-M5FzQEdxSpjCqtjcsbuErh8oVLQ4egZGlzgDJjrL9d5A5VVaWGbI332dlS8y1vGxEUPY93h1nlXdorUBdRiL443pDT-HPvgH4TarxMMZSx855NjF2Nz5_hgiePHgmQouOZO1soI5GvfAjQ4kXnEeEbcNXr7fTsAhErDTmA_HYVOXeyQJ2PVuN_kqOxtH34eoVY4pPQPaPXj1DTxnfG9m8JQ5WFSKexYzXr0MgaS83Ka-9_iSjePzG1Rid2-ID_grc0mNg23RcW0AVYarZZGy73hLK3qNCglC-2JrG88JQ3HzRm2pwW0ENR5r0l9MCHEFMGpcw19IlBDnOWIR-AcLSyCDpzU9xq2IS2VZ2kf_7tHDdsD7MixodG-mxMEsRrZ4yLB_I3b0jgUoSLjrg2kZ0NBvwkI3rAWyAeUAglX-W03FtmzGyIOqHz0FVmyA75_xOONDvL2yZs7lvRM6IpstN69XOk-vyDUmDj07CQhfWzLAu6cspi0SFX0fyv_V3c2T_j2hZNj18aHXvjINNItL0XCLk1tU1J51xd4HXGoghxhExg9caHe3jNPBNTbj27kZVWvd51CLEMUjtjw7wLMFakjr8jtidiRoKX7YXfRq6wKVc8Uy-ow45g3QkuFNuEzxX6y6L974UvP3sV83CkMqyfRQSaKCl9semDTtBTjBShAnL5NnAve4QhyanW4yYdmu0-EF2ggE-9pK1hvjxcRyXrsMZyw4wloo5L1oFk3CT_yEiK_tgTw563QE55g6go603zYVf0sH3_xmohBghcD8Gmb0tgCSoEZG5ygAJu_PrWsjyxAh2VDp8eMzdWBdr8yKUAfnPAuj8-IyQ9D455etTYes_IHoV32LnjAo9mhybzI7YtNLN1so--JkmvJt9RgHqh9IuFRJP3aRWNlrVfRVvHoRbvrGxal8yn-V_UeD1z-9rs-0QShL1s69j5LjQA9ctSE7vl5ivzUckeHExkEzag0fs4p_mHw6r33P3Gf7nLQ1tCU1uAlfWjKFDvD8vV-gBTKzCFoCmq8nSPV_3WLZyiWrhKQ-_tHX4FRHVUYGVY_Pp6L-xfViAJWCMLmin9ZlZ2_paEd11HgwSejrm4d41aqwKz7CtX_QyzBUUwKXCm0AErPHnnZL_wswFnRR2Fwf-f9NGQMvhGNTnePxIBHI9QWr0l84eRi1YmVJtViM8Ts6k-fVaVr4TfgOigLhPuX3pY5QQ8NPcMBgxIzoUZd9gbIS7sTF9ciG8FBPPp8orq2R7ORV73dbSvttrPFhLlW1aCy0CJgIHFybtSl590I-EnydDwghORBSRXPzebCCXgSXQ1mh_M3fzor237ws6Embf5atkIt-lNbxLxTU9UcZGfJoEgmEjjnLPf3HhQ4V0dhjTzDgtnB1BQB-1xg6JNlGbgCmHEb4-HLaAS9XgEFoq4NawWcfYR48NddpjcarP2Dxu6c-IRO0K5dUVZdRBv6wPW_S2OUAY9CCVEky6DeD0y88qYIYd-SLW4hj-MhHDgx0Y7Tl4ENAzbezKeXR2WlwzZGCwnJJ8GW-Nm5nh9hKIeewaqd-7a7qLvoBQFQDB5Eup5fUpJukdByNUQ6IureESlORx-9oaODPn8B-CopYnVRK2HoswRvoXib2Oemoe-KbA1VlX67dhBAAzI_hxd8eR7Yn2E3eYOPjD-JWweSfhp99kRwzf8Y4BNdy3doPTQPBR_OBbLwe2yoGsAkydXYsrvOKNOC90b5YFWDz_PZVZ2OfEJLCI1ptRO1nXYvGM6A62KXYkzmTKzrYgLSB3MCS047LB40VSx9flkF9BG6wCeSVO_VtK1yIRTwZlq0hiz1ROW2nUbrQpDwDi26IFrB9uhpzowiHVS3HYsqYGS7PiIRlFkbpHzDMwooDlzX51wlpm4v5XLj_dMtrkOEOdnRieh4CxNaGq3ttLGUTqTJI72MtOuEBY509X3e0CPU8I_vsts4OOwfAMIZFyyVcxgD5eiJ967NVauS5WO9HecIw1p6ODjErZk2IiPa9-rlm6Hs_kALA25L877PluqdXkDIbddn5nSQwkHXkY70FHTd52FVGzRj2pAcQxW4DgIZKO_156q52HTVCbzaKJCCjXCy6IN_tIJ7pYBjjV2UCndu1uScXe9zYR8GqiBrNV-v5l0qCfOnXUBduLGlH32p7LptlB_FckLpC1W41UfU1vLRkA4Ly1Gb-q6lglGvmX6cskROjUua2dOyhi-ZHF9yFLQGvu_r_Tg7tftLZUE1CyMGklbdqOrimaPu4KsaMna7-ttIvLMNQhGeuMzxLLqM63kbYxODkpXXN5q5Pmhe1CWeZU-jwqzaVPZTBntg2Nu5-q7VG1_B0nvdWyVRYBbhmZmHTjEbq50Rg45wknpgal4ByGrNpDpaLo4ZG32EV7aYDjIKwcrOTU3SrikWUkKRUfMpGWGVhsPlveIcyOlRyJUCa-ts2ZO_QfvWGx52SZNCIlw9eWIcSR3yxowlyT_12pykufVXpbIHbvN5PpN1mqpFueBJf8ad7vBuZFd_ujhHV9ikmyQh5v8dUYpznZrjRruv23eDbKrxog51UvdLqGhYIABIS5GjSmoUOHH6WdGQJRR5mQAIBYAE
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
cafe /
Resource Hash
33c557b7cbd41f51e27cc2feebf5302e9efcb61e5a49848bd1287a8d71b205a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18921
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.truste.com/ Frame 73E9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=2&c=digitas01cont2&w=300&h=250
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-31.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
382b616d928b60c74bd54cc04a05137230a2bf597695cc1a240e3153215c298b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 09:36:42 GMT
content-encoding
gzip
server
nginx
age
70394
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
y5ItaLrwFLHi4w9URm6B6SOnM71n_3XKdfNA2Ktbsz32dGxBMBt8Kw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 73E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:01:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 73E9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:30:21 GMT
l
www.google.com/ads/measurement/ Frame 73E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfHGc8rstNY1qT6kBI1KetUaCFX3_Tlh4h8OqqOsWGpXgfeCqb2SyzlexFuejp8PWHxyYkxWg44WZgxIwqiZCIL864aA
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73E9 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 05:09:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=haibunda.com&host=www.haibunda.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D45D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 14 Oct 2021 05:09:55 GMT
expires
Fri, 14 Oct 2022 05:09:55 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad160.
fundingchoicesmessages.google.com/f/AGSKWxW7Uo_XzBZt-6pyXmNQl1KhBNSiEKPAZm2DdW-tYLLwJ7RgxL2TyRRh6iTdoaZ8XtZooZzI-P86gtiiGzlN8jrRYzAgQAV-lKmPJMBkUwwOzlJTsODUe0nZH8JGoK7fmm8gQv91WhlTx7VsobbRC3mx7HDRW... 		54 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW7Uo_XzBZt-6pyXmNQl1KhBNSiEKPAZm2DdW-tYLLwJ7RgxL2TyRRh6iTdoaZ8XtZooZzI-P86gtiiGzlN8jrRYzAgQAV-lKmPJMBkUwwOzlJTsODUe0nZH8JGoK7fmm8gQv91WhlTx7VsobbRC3mx7HDRWJTq_-jfFhIrzWHKRGz5OgiWyOu0KPsqAl6CwwvSqdbOrSanvqqA5t-ZxUYg-Yg0Sd0vQAtppz9M_75-niw=/__header_ad__content_ad./mobilead_/affiliate_show_iframe./ad160.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
d16082a25d05eef83257ab59d8cb1f7c993ed137ba1c9c46fb43151850208976
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-T8rE35sAE9UHsL6FO9Hepg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-T8rE35sAE9UHsL6FO9Hepg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-T8rE35sAE9UHsL6FO9Hepg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-T8rE35sAE9UHsL6FO9Hepg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9baca59ba166134033ba09ce7ce746b1f19292b21d141a0514bb98dd45aefa22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22054
x-xss-protection
0
server
cafe
etag
14446634921142088721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 05:53:33 GMT
AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w5gCWC1dxj06dLiHAPRzVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-w5gCWC1dxj06dLiHAPRzVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-w5gCWC1dxj06dLiHAPRzVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-w5gCWC1dxj06dLiHAPRzVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3697 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 13 Oct 2021 11:05:49 GMT
expires
Thu, 13 Oct 2022 11:05:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.js
static.vidy.com/0.38.5/ 		767 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/0.38.5/index.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haibunda.com/
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1632151626
age
2018242
x-guploader-uploadid
ADPycdudrbLalRfpktf0avHg99gbjC-Zvg4GfuY7C6WRWkcF6Bl_jA2LRWjf-5fmoiZKoD117_FcXgs6tKnVkdDenG4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 15:27:25 GMT
server
cloudflare
etag
W/"adb6bb0bddb9236e076354be09c1d8df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=vk2y4g==, md5=rba7C925I24HY1S+CcHY3w==
x-goog-generation
1632151645319398
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
785503
cf-ray
69de4c647f1f21b7-DUS
expires
Tue, 20 Sep 2022 15:29:03 GMT
ajax-loader.gif
cdn.haibunda.com/css/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/css/ajax-loader.gif
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
left-arrow-pink.png
cdn.haibunda.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/left-arrow-pink.png
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2020 07:32:33 GMT
server
static6
cache-status
HIT
etag
W/"5f72e311-451"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
right-arrow-pink.png
cdn.haibunda.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.haibunda.com/images/right-arrow-pink.png
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Sep 2020 07:32:33 GMT
server
static6
cache-status
HIT
etag
W/"5f72e311-449"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 249E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 08:58:57 GMT
expires
Thu, 14 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72659
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A34C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84ac61489c1f02ebffc3ad3dbaf74424a7dcdab4de336b50fa400512f78905b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 73E9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBNgSdWpKimO5zL2sJCq_W3jUIWoSqRuH88YT0OEZTfofM9vZirzFTI2n_KgQ2rmCs8Cn5mPIFMq7d1AAP-v94IZvoShEFhm1GvSlxOiMaTDxZr8g5mB3GmRHT2Enkr2u6gvOUNwqY4S2EXT7N22gQIlkg0w&dbm_d=AKAmf-D_rsRKnkyzLG-6nhdPL5uFue-Idkf4iG_PeC6urZsYQCG7IypoiOjLkAG_UTcRQYtEsvTxPk7xlLYFMHxfoi4AGA_Ki2WZL1rNKkwMQhQV602ZaS3JE0zP1gfFH-oDJqNje5WEIH7fIXD23gXHeNo3inn2pXoiXrvJUfXdorLzD_ShdjXWJdLDCdCJ4-0_yLuo2ACCJKAGW8UayB8HZk-6uxR0jwoN1ysVps8awavxvX_2BcyuEy4oaPrfP3vM7G3F4pgzme5KIG59S6fCec0BgF4o0NMVXY6b4z2IjUHFJP4zv5qTcJokbqdYJpXQD4bpXoUvYnvn-5VG6ZmAN7z4qlEKt7Hn8hvIuZ-vc0s-TWfP356qQuPeG_rqJtBwFOliHZ2IyEMC0aDO75GLIO1c1ZVImMSb1GevGwj1tm2lxFn8h6T3bsqbXQivpDxchovIa5NYgTL3riTLCe7OytvriUar2ALVoJzr_isoAVy5rWsn5XmCexeF-vgKo13rYZ8lZXpNuGU6W92QWxUN8CjZyBa3xYZe_Fhr35yuUbtonRltQF0j7ymw9YIC9Kv78rOFNV23NSRm6ANeBlKvs-GPTmU5reRjuMggO3g0QTJGDpNYNZJNckb-OQPMO7Scv8hBqc8a7wPIIqXQPTnwZEOeQrssua-jPwJDw2l-K2qi71w0P45OdDd94a0g3Wb-4jiXoxKV7AMXKO1FaC_fiMY-XinDeVES5ZTst30I2EYN-7C5MgaHkIFOXlfen-jy_L0exbeULqaJYUv2MXof8fzD0ks7MCk6zNLL1_y4uvN1XjrUcQ0ur2qBaGJ8OMn9aJv0orKXjyZLKfm_3spbG21kDdU6YQyTQUfQXo_78gJaT4njsEO8reupdAxYyRJZR-Lp2ESNV6t2TFfBVEsjNuan4K_vflUDIFoiK59omJGx0LLTyMr0mWMvByTXTrc6UEdIJHs74KooeJmEF3TltTtjC50TsPNy39rBNxt6Bz3fsU9QqFcOGUiPyvhXyM5Pmmx1aCZ3GSi24O1P4EtY-ESulaNofhAg5oUjlxJJMWDr0KMqVe0sPf8jcC8BmRRDEUhx6dM5cgLkrzbYOO_lw3-5C6aqaCfuZN9pW3fj7MFAqKOrWMfH0zmevRYtgtfYljzBpSekE_J5d0QOmX9n_9KTPX3qWgZfl-c1LiUm6_LTzSvOmruEkjM3_nyo-1OLUAgUaMLJcxPM_Qh7phhn0ofGu_QvR62bnlUKHLGk4UzjQhxpskR4YX1UloJvFF2tnTjTiMpknCMBFCKAAJgbwwbr2EdrHpZhmRT525VfdYkHBqldw2ZJNG2HZmgIF420iR22YDeewOQCbkgGjMMRFToyFpPUUPZh3WH-vIUFRtfJijC6J4jVxYM6EnXZ9hboHER2PAlgRZCBXQnPgL8lLLcic2AiDwRW7-sSNUKcPE8FIH7CvIKsTa1CcEHqhRAYBOWR6vudYvfPWCprPzbqLSS1klLumPTz-GW94Epy9tnbranVmj7_fOIZbjHp-Hj5VRqMw6ZkjmoPx1-io1WSjsDtPEgnbBF1i-qZ86YxgHBd0cqN69d1QP3Y2IPDbQRcW9ExXTtxtok3u7c9hKxPVcsIGIqKKjFYLVfNaDUYYHyNDgfOMxe1VAW9IpfjP2K0duSrj5dEyNAm_78VL6T7Ul4QICBhYrKWO03lF4-oebPOAZab7buN8FhmJ5mxfUeekYxp0vmJFSrIz-xZA3WLcBcx15S2wDc59wvCEahCszJUaGS2ffDeW-0tSOcPanVZ1itovJ-9WRRtOluToCD2GbyuRFyZFeS0_NHInBJ6k-U70VWnW6Yk_sbwGmOd8jTPgY1scQCrikKu8rQ89IiMnJGnMA4aQis4RSBTx14ki4XqmzOF-eWN_arPNkIFdXBkkmdksi9d9-dfvN_c5pSw69tXUkNYGKshEBhUYbA3ua8GawyVWIdsmi6kYw3Ags1IXi32NijSHfFHh2lk4XJOcqNCJ2Vy0dTAs9y3BiIJuW9Y2h3sJapTRRNI1xO9QPEMVEF010E94QQ85oe8R9sJFz0_tdrkYsMFvLesGrLXSjw2cFvem1yJEiuzhj0d2zuq1me9VF7hKJAaH-_Dxzf65JRGiNSBJ9Y32QZQtrsw-WGt0VcdE454XvgM3jHgjBcpAj4cFXCwWSWas357VRvx3SiunvJJGVhQlHnxlHjb_BYba1wSmIabNcw3_RkG7BWkrIwXTCewZXWj_gZBvofjahVVd6o8kTql_t3PCmgP-k1sTBxE57k5DTq9xPn0mk0uMNe1Hi_9p6mCAQ4rC3CDnshjFdW3dRvn6TuBj_U5jkxrZICTmJHYstHjiY_vCfJfnOLkTaGPXsB3fJxBrZWwyjWyx29_ClM1BCRvLZPhamAqCHTMnX5PqVX94kDXKtKTXSqDygojKq96hkzvGN34Rem1rwA8rpHHW7mHijLZJIQLRe9Jidm6IBgItF76Ax2dISLvlB7T5i8ifNvd23gIJK2iJW1Jn_iyLIZg2776U5wKBgRBA-F9f2h1nqEYJY0mxP1mx82twZxtuc8x8LQHbiU7Q1GIduD6LM03sR-F9wpPWleecOaczyzXc8jKtIcFMFwdvG71wbKhAs7xmQZYnw85wQ0uwg&cid=CAASEuRo0pqFDhx-lnRkCUUeZkACAQ&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 13 Oct 2022 11:05:48 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 2813 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Origin
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 11:08:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 2813 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7QJxf4NMjD1NRUX4SAIODc9miMIIK2OkkYrBAf37Cq8bh9iBlbzww4UatgpQhlcOzNly3a_JNu0lLY_fbNrJEBES9wbhZNW0MIIkQI9gTRY29kjisDx3Z7glroQWRwP5GnG7sngQkMG_QoxI1ujWscnw5rw&dbm_d=AKAmf-Cu-BiRCtRBpZIrfzqJgYjOd5UXphy7BzW6qAUhZzThs_ujJ4MvFZx9_gJPApB4xqktb8PkYn_KMX4dE0lW1lBWi32iwENN-lChz7-R8fD5uoKZZa8mEcGclmYnjzYWoxO7jIRjQF_lyj29k8rIur7J2nY7X6aGjFK5LQ9s7Q2s-Z34GkfyQFWCY1WlW0WZB3nncFJ2TFXeCOMdR1nfmT1oWNcctiwD2We_M17SHYEF7TVfrtFGQdTNZfR9jwRmF-8rJvZuFhK11w5v4Tki3HDCWVLSeHS_pD2YAcGkkxQBxsZxDTHcRjzBUV8DEY24xe22H7UBKyI9VV9jen5vO-yuDxJhUEX9KlbO6EBharH2X8O1Gqk-HYdazeZdn40YnkV8jE00P3UKXvfVf3eV4JQPx_gVPzxyVPdbh_-hOjpuwDJJZ-R7VU95odK2sJ8Usk_2zp0FRlYefmyLqSJ79nWzPZtQI-gR6NX20VrRSBHTU8_2kn-cpPrCLzzM221wGC8Yx9Yue0oQ2vfzz9_4oszjZFXsyMKWoBikvPb_dD-6ukGeA3bCQpUDe5nVNiE1TOJ4pXlVdNOv-8PIQYWXwhthIVg8cqm17qTCTeaUzu1x4v8Titi3XcW7rL3_ecaetQtL3mDUYugceAEwNo0xA9y63azH8W29D3zRT45Jv7QduO6h_RdKeU8i6W1fahKVsZ4pWnuDOIkGKdZ1X70_uvK20GhiaQDdPmt83J5NO57Cv2QUIz1JMLk--4576qhzfG2pzEe0yToE8c4961Gyicq-8z46db4L1kqKJIV6j0yN-mpKqcjZJfwK9jRlkFFIjADhcVP8fqyNctnT2Hc_u7hsJP2g2vq0cwZXOJ0ywCRKAyO2xbA28n5A7sBQ1biD_3lBBGkUYabL5dbWaxCvfljY0Nt4N3rp3W2rPKHl-XFhCe-H8Alvg_kJfLQydeFaEBa_Vumew7tywPpLUPlaATDXxcBsWc4AF3wfuf2Q77OQcSxMEFKCHqjfXT4cQHPsWByBp3COugX7qnfT_X-gs3lG83ChtBdGVWxo9yAMGOgz4RrE2rYEomT_155YYuAK8m_qWH2MfvixMWdJRGE9Jq2f4szO4907tmqQiCqxlllm572WxfiB7omKHcpAESUJDBaG8RTv2iFiPflSkUL8XRYhuYgPFalDN5Gh4hlasDrJNlkWdl6TIqMQIHFBCIIZY_o3gw0mA3jorN1fmrcE9o0rp2PSMUhhVILnq0hTie08bzSRlcTfu1KQT4ZhnjxBpvwezpqOxnIGQkS61B7B9ZU-gZIs8I5g8YP_DzSrgskmTJQZqqTIxZUw1JfnVDMPncFr9wJU5JC5BknTE3ORVjS9UW3ieUI134vHfEuEqgwlWjIpBMq4BB5ZmwhHGk2DlrT6HA0buYNHgNfarijKTN--bjvYhxnhy2isZt48206gEKvpQ6zlb0f1-TyVEScSTejXJH0GH3vXQppCAfGlAm1TQjuyIC2S-HzHPng-PAbZe7idWWxPmMICQQaNzCqYcLQYKJ4gJY7EPdRwl5imfdfKCy1kBNkhrzgTFEf8TM6cw-Y-UZDjEvFqGX1wKcGxS8JdUU9HFfI6f0bmY-1c0SuCbCS5RqSpcLTt_jceRVIpTMD9KkjZDXTZp5T2-A9KuXvRwyy2G-60hhMD-7KZiMpBtsEPjIn-iu1l2By_AJWpEA_8NDU2-EPPkzj5_6LvDFohJM-onLN5poNlNIB5QQ1X5DphrsiVx7mhC_8nZYZOYly2jNXFQupC3gcJuFMZr8F6tynpnoTtHtmRv8cM9vEhlJo9WUxtMvusfIJM-lwJF65c5QM8e8qiXqDCUbU59OP1FIeQuTgGEx6VeImbG8FMbwEyL-oDohsJ7VHwlsLqJqZLPctY0d5QwzVFnBhEW_ijrGYgvobQAffQrsVFioec7e7OY3zYKEuhSR2741b-byUhwTgWLG1LJ4nw1Hjn6ZMgE5YsdIu7FhlB8MXo_NbhcmrOGJK7FvQ7wuH47Id8bw76zOUBRWwYablE1Fa1ylj4t-LPKGQsXCeXu2OVhxidOF-6wL-m2QFKuCI10gcDMsh89aVaCUisbgw6aCzdv-Azt-8cPKJnAo1UmvqDDaCtWi_mvt5NxM8ShuJ0IHBQpteSZHsXFJjG-lFWiCkCy3iUDwUIOlDk-LcOKdePk7ISs1Xnj7cMV7fDDJnsQbjV8HKAbVdKPTjQfsiS_F0H4asaVRr7IbgWHoHN8eLEkjsyxXSowznLO15RYmDgbuKo9fsOoUcpJL6sBvKx4tjsbbO6GUcZjg4oZKT-U-74yws9m5gzrf8TUkLHa4KYmlSYO0JDHZjazhj8W4Kiunt7DD6mpylMnQHrHTTfje8fif1U8I_8smDI-TLQAIUAIMAs_R8V0nUY-l0W0x7xZXXYUEttU-WWOacuT7f3iuG008IpaccVZVDyEzao3XOU-f9FydOiCApWGeUQbcJhBLvLXgAqsmySJV-6TOy4zb8oD_JwvpY_AHPjmQwHBax_rTJ3D_7o2pi7vozMIOTbEzwDYoFrbV4lG6kOxfc9wYCAYiddFggMiEhUZFAdsQNpbmbaqrBYLOWXCsWZKK6rCggLny-20DxCoDoGKpIkKSExTjOb4FwZp292HfjVhqLG-RhixfhtMSggSUgqli8M0wD9XZQ8V2XNJE0TWj6vhECRKrf8NNldIi8tlH48RJiRDaTumzW70EgtlaaEAS5co46BGswPtHSRKjtjzHbPXOXs0KCrmBRmaWOSiGLwoKf7LY6Lon4xLA7KPTJ_jBXal8gyn8IKd7k2lTDcvwS9kL50ISEfKCRlS8J-AFw9kvWBhsPo6_peNbfRGw5MP9vyLgeF9xuxCbVyCDlrErUFgrCqhYG3dGqWJ-fP4q_r7HHs4vlP0B4nxqoNWO1iBvhpDFUVWeb8d7Zczu8CdUOHWslWNNzTTEMaFdJ3eGMRZg8L_YiLIteiTKdvaPp4iM2G4hpzMlbCLYjO3CHAEHyA7HjGA-0Za23Sc_ZMQWCEvtj4SWqAbuCLwaSxQ4OFHwq-NgMHBIdziT_tqVU1Tvre8_gTU4nm2W1u6om2NGAMhzTYOHAu_TEktjmr3CvC7xFZfxKLKd45_YAPG7mh__43dIhhGU6oAPJS_2wTtUC3FUueKrXk_iyeaeJo5egYaNJgtlT6MktwW8umDO0QgGP85mPAvqoTHs2tQR9MexwO7h8taVFN-2v9mRbM9obaljSTx0H1W8gr8inI&cid=CAASEuRoTDqSBTEEBFnbotPLTwu_EA&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:56:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 2813 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7QJxf4NMjD1NRUX4SAIODc9miMIIK2OkkYrBAf37Cq8bh9iBlbzww4UatgpQhlcOzNly3a_JNu0lLY_fbNrJEBES9wbhZNW0MIIkQI9gTRY29kjisDx3Z7glroQWRwP5GnG7sngQkMG_QoxI1ujWscnw5rw&dbm_d=AKAmf-Cu-BiRCtRBpZIrfzqJgYjOd5UXphy7BzW6qAUhZzThs_ujJ4MvFZx9_gJPApB4xqktb8PkYn_KMX4dE0lW1lBWi32iwENN-lChz7-R8fD5uoKZZa8mEcGclmYnjzYWoxO7jIRjQF_lyj29k8rIur7J2nY7X6aGjFK5LQ9s7Q2s-Z34GkfyQFWCY1WlW0WZB3nncFJ2TFXeCOMdR1nfmT1oWNcctiwD2We_M17SHYEF7TVfrtFGQdTNZfR9jwRmF-8rJvZuFhK11w5v4Tki3HDCWVLSeHS_pD2YAcGkkxQBxsZxDTHcRjzBUV8DEY24xe22H7UBKyI9VV9jen5vO-yuDxJhUEX9KlbO6EBharH2X8O1Gqk-HYdazeZdn40YnkV8jE00P3UKXvfVf3eV4JQPx_gVPzxyVPdbh_-hOjpuwDJJZ-R7VU95odK2sJ8Usk_2zp0FRlYefmyLqSJ79nWzPZtQI-gR6NX20VrRSBHTU8_2kn-cpPrCLzzM221wGC8Yx9Yue0oQ2vfzz9_4oszjZFXsyMKWoBikvPb_dD-6ukGeA3bCQpUDe5nVNiE1TOJ4pXlVdNOv-8PIQYWXwhthIVg8cqm17qTCTeaUzu1x4v8Titi3XcW7rL3_ecaetQtL3mDUYugceAEwNo0xA9y63azH8W29D3zRT45Jv7QduO6h_RdKeU8i6W1fahKVsZ4pWnuDOIkGKdZ1X70_uvK20GhiaQDdPmt83J5NO57Cv2QUIz1JMLk--4576qhzfG2pzEe0yToE8c4961Gyicq-8z46db4L1kqKJIV6j0yN-mpKqcjZJfwK9jRlkFFIjADhcVP8fqyNctnT2Hc_u7hsJP2g2vq0cwZXOJ0ywCRKAyO2xbA28n5A7sBQ1biD_3lBBGkUYabL5dbWaxCvfljY0Nt4N3rp3W2rPKHl-XFhCe-H8Alvg_kJfLQydeFaEBa_Vumew7tywPpLUPlaATDXxcBsWc4AF3wfuf2Q77OQcSxMEFKCHqjfXT4cQHPsWByBp3COugX7qnfT_X-gs3lG83ChtBdGVWxo9yAMGOgz4RrE2rYEomT_155YYuAK8m_qWH2MfvixMWdJRGE9Jq2f4szO4907tmqQiCqxlllm572WxfiB7omKHcpAESUJDBaG8RTv2iFiPflSkUL8XRYhuYgPFalDN5Gh4hlasDrJNlkWdl6TIqMQIHFBCIIZY_o3gw0mA3jorN1fmrcE9o0rp2PSMUhhVILnq0hTie08bzSRlcTfu1KQT4ZhnjxBpvwezpqOxnIGQkS61B7B9ZU-gZIs8I5g8YP_DzSrgskmTJQZqqTIxZUw1JfnVDMPncFr9wJU5JC5BknTE3ORVjS9UW3ieUI134vHfEuEqgwlWjIpBMq4BB5ZmwhHGk2DlrT6HA0buYNHgNfarijKTN--bjvYhxnhy2isZt48206gEKvpQ6zlb0f1-TyVEScSTejXJH0GH3vXQppCAfGlAm1TQjuyIC2S-HzHPng-PAbZe7idWWxPmMICQQaNzCqYcLQYKJ4gJY7EPdRwl5imfdfKCy1kBNkhrzgTFEf8TM6cw-Y-UZDjEvFqGX1wKcGxS8JdUU9HFfI6f0bmY-1c0SuCbCS5RqSpcLTt_jceRVIpTMD9KkjZDXTZp5T2-A9KuXvRwyy2G-60hhMD-7KZiMpBtsEPjIn-iu1l2By_AJWpEA_8NDU2-EPPkzj5_6LvDFohJM-onLN5poNlNIB5QQ1X5DphrsiVx7mhC_8nZYZOYly2jNXFQupC3gcJuFMZr8F6tynpnoTtHtmRv8cM9vEhlJo9WUxtMvusfIJM-lwJF65c5QM8e8qiXqDCUbU59OP1FIeQuTgGEx6VeImbG8FMbwEyL-oDohsJ7VHwlsLqJqZLPctY0d5QwzVFnBhEW_ijrGYgvobQAffQrsVFioec7e7OY3zYKEuhSR2741b-byUhwTgWLG1LJ4nw1Hjn6ZMgE5YsdIu7FhlB8MXo_NbhcmrOGJK7FvQ7wuH47Id8bw76zOUBRWwYablE1Fa1ylj4t-LPKGQsXCeXu2OVhxidOF-6wL-m2QFKuCI10gcDMsh89aVaCUisbgw6aCzdv-Azt-8cPKJnAo1UmvqDDaCtWi_mvt5NxM8ShuJ0IHBQpteSZHsXFJjG-lFWiCkCy3iUDwUIOlDk-LcOKdePk7ISs1Xnj7cMV7fDDJnsQbjV8HKAbVdKPTjQfsiS_F0H4asaVRr7IbgWHoHN8eLEkjsyxXSowznLO15RYmDgbuKo9fsOoUcpJL6sBvKx4tjsbbO6GUcZjg4oZKT-U-74yws9m5gzrf8TUkLHa4KYmlSYO0JDHZjazhj8W4Kiunt7DD6mpylMnQHrHTTfje8fif1U8I_8smDI-TLQAIUAIMAs_R8V0nUY-l0W0x7xZXXYUEttU-WWOacuT7f3iuG008IpaccVZVDyEzao3XOU-f9FydOiCApWGeUQbcJhBLvLXgAqsmySJV-6TOy4zb8oD_JwvpY_AHPjmQwHBax_rTJ3D_7o2pi7vozMIOTbEzwDYoFrbV4lG6kOxfc9wYCAYiddFggMiEhUZFAdsQNpbmbaqrBYLOWXCsWZKK6rCggLny-20DxCoDoGKpIkKSExTjOb4FwZp292HfjVhqLG-RhixfhtMSggSUgqli8M0wD9XZQ8V2XNJE0TWj6vhECRKrf8NNldIi8tlH48RJiRDaTumzW70EgtlaaEAS5co46BGswPtHSRKjtjzHbPXOXs0KCrmBRmaWOSiGLwoKf7LY6Lon4xLA7KPTJ_jBXal8gyn8IKd7k2lTDcvwS9kL50ISEfKCRlS8J-AFw9kvWBhsPo6_peNbfRGw5MP9vyLgeF9xuxCbVyCDlrErUFgrCqhYG3dGqWJ-fP4q_r7HHs4vlP0B4nxqoNWO1iBvhpDFUVWeb8d7Zczu8CdUOHWslWNNzTTEMaFdJ3eGMRZg8L_YiLIteiTKdvaPp4iM2G4hpzMlbCLYjO3CHAEHyA7HjGA-0Za23Sc_ZMQWCEvtj4SWqAbuCLwaSxQ4OFHwq-NgMHBIdziT_tqVU1Tvre8_gTU4nm2W1u6om2NGAMhzTYOHAu_TEktjmr3CvC7xFZfxKLKd45_YAPG7mh__43dIhhGU6oAPJS_2wTtUC3FUueKrXk_iyeaeJo5egYaNJgtlT6MktwW8umDO0QgGP85mPAvqoTHs2tQR9MexwO7h8taVFN-2v9mRbM9obaljSTx0H1W8gr8inI&cid=CAASEuRoTDqSBTEEBFnbotPLTwu_EA&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:07:07 GMT
montserrat-bold.ttf
cdn.haibunda.com/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/montserrat-bold.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-acac"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
accept-ranges
bytes
content-length
44204
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-light.ttf
cdn.haibunda.com/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/opensans-light.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-91d8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
accept-ranges
bytes
content-length
37336
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
me.html
connect.detik.com/token/ Frame 775F 		288 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.49.221.173 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-173-221-49-103.detik.com
Software
Tengine /
Resource Hash
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
connect.detik.com
:scheme
https
:path
/token/me.html?autoLogin=1&clientId=10166
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

server
Tengine
date
Thu, 14 Oct 2021 05:09:57 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Cookie
serverloc
dc4
content-encoding
gzip
banner
www.haibunda.com/api/ 		12 B
88 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api/banner
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
newsfeed1
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ
content-length
2
:path
/api/banner
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
newsfeed1
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish2
cf-ray
69de4c658cddfadc-DUS
x-xss-protection
'1;mode=block'
montserrat-semibold.ttf
cdn.haibunda.com/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/montserrat-semibold.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-af50"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
accept-ranges
bytes
content-length
44880
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
undefined
www.haibunda.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haibunda.com/undefined
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd1b5b7bfb1b567e8a82c1897270ab2a6a956db02c31bc583f3e04b88c027cd
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

:path
/undefined
pragma
no-cache
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
text/html; charset=UTF-8
s
fe-publish3
cf-ray
69de4c65fd42fadc-DUS
x-xss-protection
'1;mode=block'
view
googleads4.g.doubleclick.net/pcs/ Frame A34C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJW-kAO5bOdfbWWDOqAaMdlxjsNPQTFsVjQPlDzDTUhcM_6NlzjBlUcYy0u_odzYwkn1Ww2ALQn3Xh1j8fnJB-4xMl0Z7Ww_Ovyxnr7N0rp_wKaSjg7_TF4lCnuvjSYW8LTg_nn91k4VnUVqp0OOYv_0EgusCMvFpTuI3ldQN8nodaldnJ5R0hBiW-FTfv7SaKFpSUJIlJ259F53G6jk46tp5kn9kkX4cpoFaGvaRUMVTjTuRwjIKCjxN9moOIUZTMhZCvGCipUU0JW_qcyfAYrasdzAoW50NgKvucZpLuTjlxPw81AvuycdVqCrqSV411tNxWlz9TxkK1NpVdSCPZef1mHo6cYnL0LEKG6WNEqDYRG8stf_qJxYd_uKkZswCjKJ4j1CGjyTbttKQVvWBggCugdM6eIwRHWyC3wQIxsyVnKkFH5k5v3i4mtt21uFCN6BPbMdbJi14cEDRzdZbw2_oehqy-51K5Lv4hfnRaDcnLHarQi4NjIvviJwEw7RCkJVno09Nqio4Um5caa644rrfhrE2-MlYPYGsfy4UxtmyvZ2_rhJQt4366sUmQf2eiHROrpTg31IEXeOXz8If_9xTReNAn0SmvqLxHAYahcIBoYVOSQtUgcWhj9-eXl_8zYtHDwLG5EUtMPi7XYvybCiTpNODRnvAfdTsbxfWi_RIGexLLF7sJD7SwHF6OpJs7lQv5juGXR-cshIzKcGxJLRSnOYKmb2dSta9QkDKDuA8qtn0lXouL15lE36Pi95kvt52UXmjqjL1MD8asL-dNbJsZI9v3UmRXAFWQ6MrDgOh7p5MlSkGep8KAF0-YEN_X8Bm8voDjf2vt3em0p16Tjt88MVkFmlBTqONr01zGK8i00wYOo2R-hJLjldqKbh9m-cRfwzxJXUwg7wBN-rvLWJ-dOiFrYvL4L56HjUIEqsS1CmJum-khRlyh1ANWndNh5lrKpWm6OamaV9XEmnaFlOpWEkue0DR2aJ3amNvLWiPDj9xvARI-H0Qc7YBVtynn2MGS9jcafw900kSg0v5zI-oKtSwm-bp8VypM3Ar_ugISY4_AquJeiX_QxITpQZ9DUu76FIlXH-twqA_GOFAYUrjSIuSmxXorsXClRhJ4DXU0jhni1unNAKCf2h3xNWqBDktksf7iaISo9djIOG4l9-HwsXRN6XKV11oaSYO2zSMmSPnRegzGb6q2y-CrbWOed2boyHazdW-Xuav7AsY&sai=AMfl-YQZVo2Rte-y_4dR1vY3nnMy627uWJ5mqnCkSiYBlQRM_snzbq8Xx3okiPYYn845a5WGOPat6DW_QwkEcGjJmLC-z4xc31Htq5gBEYZRUxK4kPwtQstBvvwjUiJkZX996cQRQZkFyIb6koR6UaxMOGRWyJKsVw&sig=Cg0ArKJSzLhG3hG3eXUNEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=523&vt=11&dtpt=521&dett=2&cstd=1&cisv=r20211011.21767&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AArLEuzjsL9XIBBSWRjNAi1DHayZam5BKshVX_zoiVEMzf5i5y5gIRPK_zpAL01bxQqkSx2rU6kO9yg41raFqjhGJTfZTC4k4s4AXo13LFwkrVwI57ZWi7ubVF7gJyt7uM7eTvYziZpHulMLYICGbFSQGkEQ&dbm_d=AKAmf-DTJTbcVLj38VfeAZj-UzTBvntZiwrqUXdgCqSMvn7JcdEx5syFs-j2Kr9MgJlDBsyWNQiUVtMQMI67OTHvR9H4Puj_Zx8c8v5LbeyHcczPE0QOd_RfRm6l1wfJPB9v9q3-fietzQIlZ606E0E5d1-Nle_iTfB8WwP2h0zsjaxkeN3F8XoVwtmiAX7HCDB0Z_5SW6JdKqNod8lHa6hWQ8UEtT3B9keotXJyMf1Re27zCed3k4z5mBNOgroPU2dP5nlP8ZNxnK-mgHXnjHJFpgmm7qALoHNrr0woempyRNavbGFuGP7jO9sbm6oQaucf6boYv--NcE0I-OgtCVmRsF1nJSNzDXasWsv37zp-I1skQtv8zxmD3HfEY9AVQ5rmG9yC8jfsrV6-bNr-WSQWRAbkqGvqrVv_MYKHSGiF0FL0fJbQlRahb7g46Jh1ajQRjl6b67ZqRrYN2RbKa8KZgOJOR_8J5YI4ZV7ST2cfpuD7862JYl6RJaCzpG5oWblTpX2yu_dHpWn8FuIErNiNxu8Xqd2x8IWEVu3ZJB3dD2ywSwSMxN5qT7EIUcqwLmU4duE77-k66jkJ0gNF6JF57Bwn0CmJHru8-Aw0HTPFeFEzu78YdFV7OZ6A8xdGzuLBuMC20Kw2KtzYST7-HTCIYugQZkpspcWQiIL3cE9v4lG2zaq72iOMvb2cYn5Sn9SpzfkDR2JsPdquQGp_usoAjZmGrkJasHz5Y-C6_I27BcmRokC5bzhqYhgel5QBcmbJXJd4z-Sn1bt5YshNuGjT6UsmXZP7Sic6SuxhLildz48DFYa1CFxBj6nxcgmVSvcVFa7CtM-3MYTN_PIDJgDgMKnfh5Z83vH_LttaEhDbg8iRnrvsn7QzW3yYJHAt8DuI43twsPlEIR_0_kdTSNONAkp7lh3Dapg4VlFl1q9bHERHYwtKzd-XSiJIovuHpZ7VI-bh3jvsDt2HA6njPTJdMJl4B_1fo6Jo8drVgfKL6mQ_jQ1zXt5nXB2QW_7IqFkdTbKZvnRLm5DrHVh2MlO5Yln11w_FNLxNaANfAmwMoszYfQAtFWNSWHwm5ZByjunwlDzZsxJjnS7yJZmEhER6WpYn-BK27HWEkfxqQCVJBm4plehpJgTj7HppuvzflZsOvaMGsqmyNbL1MJtir-g5CsyVDgaUzCb892MRxDHsG2FbQfd4l2PBumNlBADykNEjTbAcDAutwnRMRHoI6FeRkWzbe9fkC_WztQBvlxtFwcd7pmdUt87F_WsfHli-_JxQ0z_3gLAiyh1zsblelzgj9bamnoW9t8f7pbcXNtir2a6t4qdVXPcMZDlUWgRz0Bt3UhP8_501aK3KQrqt1CsCN4TeEMhrxrBkm1IeuO5PJdfMFeasxlROB2r1bq8qfIvIHdJMU0GXdgWqyvgHm2zxRi9hhFFAf5d0mv1-uB-OY9rXz_jWEMdQpJYaQLkTFpM9mCdfULcJtsn1ZxZRX-5oCKEtUD1BuqDehEHOfgGFnA4bXCjqcQDTlg-KWHpLl3sh9J3R_BUGx1v7zU9LmWJ8XGAkKKmHQ2Uvml5-7TK4q4_WfBimQz3SdV-Ye_hmu4cEPMXoJwGYtx4Oj4GCMl0LzRA3acM41RTQdEB-BecHo8SDbBA6LjD_hjP2479PvqERYx4B2TGWrixnT8Prf6izwm5vuo_XZlWvI33mNunmUxt-9BbAx5Xs1LdNBaJh3ngCyfxhAlL8wLtYPoVYndsYEesU8CSg3YYaOg1ggkR060DBTmcvqarYGah3CgGPge1w1nqQ0AyNcIH3_7ypeClBkrvIWeUl7ZCi7eVNSVgQ2Wh2Z41ZaBUN7D8LodOpay6_dRPIEjyt6_tpU_49gLIrtt1VX-PUx88D5hRjKelDOGi18L4IJFWdtnVtNlgl-F_TinjxYfQNRNhRJ9WQVXD5QetoQxG5WmteOZXIyWroKHqmruhowesuNHXVAMuaEaFo2rgLow72kXMbz_bHRnIXEuZhUdIh3i2PHq9TuSbJL-4Ne4rSdWglJX7vdsFqUXeLeZa5g68t4R_M4OaAD64Yt_NnxxIWSYiQA3AZb-AQ0RYSJ_ib5RMAKNbaS0mlg0VgXtmYpa0MfyreZqaxEUIX6hOzBQGV-JNZSjuFYXU3G7TUorefd6iLwaDMhC8E63LaiIFyYUK0jHZ3eai5lloZdg2-O3Pv9TCxnSN3VYcbBvJ0sQCXOZvzrdLwknGfX2H26ftHLwb2uS5tGRlJfD88ili_vOgZj0EyROtasgc5fiJ958mUHul136hq0e7vQy3zINeMjIQJKvAXlvqRkV1ASJx5NImn4edMypYP01Hxzb6VbEiMGGxW6hPvo36OdIi77KUx54_uKzkozEpxZl-aUcR6UxFBiOM3K6bF4ra8026vPbXnxdZrpRG1icvRWg7VugEVfOUbNKuwQ1jIoIegU_JealY-fLiE996oN1LDfNENwSU--GnTa6Bxi5tmwMylCU3UXuuYEC8xmpCen2dixMkXmzDZafu2rh-b-x70X-W-D2NClAcK3GHebuUPILUe7F4l_-ESRDvHr_rtgGfk1fI0nWpbB5IueRxksZiJt39mjFVBPegn3ckzibbWHCmcpTpxkrBOVyOsfZhH7I5wJDrTEm4k-GkUXKGnfWe-ScjoaalyU6gbpV8JEEFeWgdE5QhMIgrurGDOeUKh4v-m338rxYjO3PKmHdZsK26o-zgesahs88b7WLP7vm1dbhzOsEP3kku_dOC3fforoQFq3MVd7onEQOwnldKgfoqMdgvYVh6B1xTd7TCb1lmS2ZGTI8AUS3c7_T9QfYrAVlP_A0rcFL9f2R7cIPH4kYoXikXJaY7Rw4X0xfu6mduxfnKdXsG04aW-JBEKPQ_ibOc1VkKp1TmadiM7sECzAkVvw7dnH2Ij09MzyA-62pBf41xHDX18mTWKZhJeQ1yMs9l719IJ-__qb-PZpeU_GQ5EzV-hpiCQlNWDGXef3U8mUNFUGx0cXyIyYcnAy8L6MMW51vW3WJpJ03av2RSUwvartW8rCJVY1tVfGIBEV5vM3Ew7HrskCp2K7Qn4mfmsSLYPwOkiYyWkHAQdQFnXN6P-rZTNo3kr4VCiMqXko32mnsb81kIoaASJ&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6bcadd65ddca5022b2642cee6f7144aa.jpg
images.detik.com/community/media/detikconnect/2021/5/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/5/10/6bcadd65ddca5022b2642cee6f7144aa.jpg
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static14
cache-status
HIT
etag
W/"52e5ac4aac19a050a0f46335ed4c216fc4416462"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
6b9fd8d81a98f06906b9d2816204f542.jpeg
images.detik.com/community/media/detikconnect/2021/9/27/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/9/27/6b9fd8d81a98f06906b9d2816204f542.jpeg
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static3
cache-status
HIT
etag
W/"e37ec18e2fd7a184acbfaf2b30891b7f28038966"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
86b1e3261456913bd43af15c131becee.png
images.detik.com/community/media/detikconnect/2021/7/28/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/7/28/86b1e3261456913bd43af15c131becee.png
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static1
cache-status
HIT
etag
W/"55b98ae6b531b04d3d48a89af72b82ee7bdfb38e"
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
a770264d95ec2894a075fe8d6ef92d13.jpeg
images.detik.com/community/media/detikconnect/2021/9/1/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/9/1/a770264d95ec2894a075fe8d6ef92d13.jpeg
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static12
cache-status
HIT
etag
W/"15915358813f060d7da914c8be5e093e829dd148"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
466dbe57f8e363aabd1a9b50a7c91dba.png
images.detik.com/community/media/detikconnect/2021/8/27/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/8/27/466dbe57f8e363aabd1a9b50a7c91dba.png
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static6
cache-status
HIT
etag
W/"854d875fc634f18d21b52184cb9a221e5f744288"
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
38a36b0c70b63b95a3647df21c9f1d7f.png
images.detik.com/community/media/detikconnect/2020/10/1/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2020/10/1/38a36b0c70b63b95a3647df21c9f1d7f.png
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static2
cache-status
HIT
etag
W/"3fca812151aa290461d41b4eb4f8765c63874370"
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
ed9c1e05b1011a2d613daffe3881570a.jpg
images.detik.com/community/media/detikconnect/2020/9/3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2020/9/3/ed9c1e05b1011a2d613daffe3881570a.jpg
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static11
cache-status
HIT
etag
W/"3d95b4a2e815081ac921a748f884904ef83e6c5d"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
62c4fd5303d433a0c16c7cfc99710ad4.blob
images.detik.com/community/media/detikconnect/2021/8/13/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/8/13/62c4fd5303d433a0c16c7cfc99710ad4.blob
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
621ecfa8e99a39b4446b12466869dd1f7203d803b8a11b88fb588e0bddfeb0a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static10
cache-status
MISS
etag
W/"cd19d9d478b9d0482c921df7a91e5e41836d0163"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
5ad4b128bee190d5b762e7601bd40399.jpeg
images.detik.com/community/media/detikconnect/2019/6/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2019/6/10/5ad4b128bee190d5b762e7601bd40399.jpeg
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static7
cache-status
HIT
etag
W/"070214d212805fb8cc87ade1b019c490e1fb8cff"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
b89e7a1fbe0b81ddbc520461da363466.png
images.detik.com/community/media/detikconnect/2021/6/14/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/2021/6/14/b89e7a1fbe0b81ddbc520461da363466.png
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
static7 /
Resource Hash
d5651f8d6acec8fc8b6c54a58c71800dd618912b5b813d489dd8b6f3e3749294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static12
cache-status
HIT
etag
W/"77ece11e8745a3b41c3c2c4a913547a7d98d6539"
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
middle-cache
HIT
server
static7
expires
Thu, 31 Dec 2037 23:55:55 GMT
sd
us-u.openx.net/w/1.0/ Frame 338B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 338B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 338B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 14 Oct 2021 05:09:57 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 338B 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnoIxCA2vS7AhiEkpG1ATAB&v=APEucNUgYHj6sZUs9qSC3CD-Q4-O2HjSwW7qm9FxrewgSW2tKNYPWAo6B_IavlTKh25AGb9A9ASEIZq46Suv1Xe6NBeLQlyZxHVyewbb0VmGR2wd_w26EEUxP1h0l6EeoBejmqttQMA24VA3vZJFVmAtFOhU7UgxZonY3P0FgINvQSJAjV_Gw-k
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 14 Oct 2021 05:09:56 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 7C01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdjvaRy33ZdUWHrRzq8soA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C01
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM1ZWZkZmUtNTJiMy0yZDU5LWVjMjktMDgyZmZkMjNjNjFh
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 7C01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 14 Oct 2021 05:09:57 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEKfezMLXhhBckiKAhUWvYP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7C01 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNXwg2ttoC3_ebiXXIw4sUd5aS409MVGHAT_au4OnTBCduhzLIq2Fh49W_hb5jPl7_BU0cHuRxmrKaYaWIlunB8-Zzm4q4oA0GR_TGNGqUTwWwxFhvdycKWqanPQ-gouXRiF5XuyCcQovxYKkaTCSvNP9bvw0wDaemBlaR0TWH4HyruI730
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 14 Oct 2021 05:09:56 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 73E9 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Origin
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 11:05:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 73E9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVLdPOzFTTB6sf8aEPJc2gliaLWUtovRx_Xp6s19gT5I6bmbcU&d=CnkAoCZ_4KzSK-wvs2gf9F-z5KfUsGiilIPJuQgdsDB3iU0jr5k_miLXssB2cb2703djMLnor_3IKdVudvWslbglqfBMj2jrXr1gH7-sNxJ_ry08sEaYBBdNPE7pZLUx_NfMeOy8ySX-_lXxZyQIu-kIJ_pBjaZ7J-08EtkRAKAmf-D8tgDfLYstVAJw4ddhEnTddYq34aVj8zQPoavq3sQI35TDPZd4nHK7a-txpoICgiC5gDXlGbSkFRriYYfMUtI7hreg-NfUzQTZsITrTE7D7mAF_tg2z0U7xrv4w-2XGn4Pkb7AaJB5qKc3GHlY2T18l4HzPSbamWMURucFTkABXLWvEXILCYfQtlHenznuXYWbkR6S8msq-QJx4FGDaRakQK29gYQCQrw98So6z_uFHE_8QVqTwaAiRcmQHSduNVqDW7haYXUU7yttrpbMU4kSSmSoxed1-tNSf0Zkpgok29uh6B-0K2WgXop5H9tlvOZRJT7Or8UpS_hi2o1ev5Yy_3geTGhXn-GLpoSj91iA0eAeE_Hcvne2UyVy9dKc_bnyLepm-nayXxmIYRdMSOA-4wfJdTmMwCunz7rvTfUzq3aqpWdcj0l-M5FzQEdxSpjCqtjcsbuErh8oVLQ4egZGlzgDJjrL9d5A5VVaWGbI332dlS8y1vGxEUPY93h1nlXdorUBdRiL443pDT-HPvgH4TarxMMZSx855NjF2Nz5_hgiePHgmQouOZO1soI5GvfAjQ4kXnEeEbcNXr7fTsAhErDTmA_HYVOXeyQJ2PVuN_kqOxtH34eoVY4pPQPaPXj1DTxnfG9m8JQ5WFSKexYzXr0MgaS83Ka-9_iSjePzG1Rid2-ID_grc0mNg23RcW0AVYarZZGy73hLK3qNCglC-2JrG88JQ3HzRm2pwW0ENR5r0l9MCHEFMGpcw19IlBDnOWIR-AcLSyCDpzU9xq2IS2VZ2kf_7tHDdsD7MixodG-mxMEsRrZ4yLB_I3b0jgUoSLjrg2kZ0NBvwkI3rAWyAeUAglX-W03FtmzGyIOqHz0FVmyA75_xOONDvL2yZs7lvRM6IpstN69XOk-vyDUmDj07CQhfWzLAu6cspi0SFX0fyv_V3c2T_j2hZNj18aHXvjINNItL0XCLk1tU1J51xd4HXGoghxhExg9caHe3jNPBNTbj27kZVWvd51CLEMUjtjw7wLMFakjr8jtidiRoKX7YXfRq6wKVc8Uy-ow45g3QkuFNuEzxX6y6L974UvP3sV83CkMqyfRQSaKCl9semDTtBTjBShAnL5NnAve4QhyanW4yYdmu0-EF2ggE-9pK1hvjxcRyXrsMZyw4wloo5L1oFk3CT_yEiK_tgTw563QE55g6go603zYVf0sH3_xmohBghcD8Gmb0tgCSoEZG5ygAJu_PrWsjyxAh2VDp8eMzdWBdr8yKUAfnPAuj8-IyQ9D455etTYes_IHoV32LnjAo9mhybzI7YtNLN1so--JkmvJt9RgHqh9IuFRJP3aRWNlrVfRVvHoRbvrGxal8yn-V_UeD1z-9rs-0QShL1s69j5LjQA9ctSE7vl5ivzUckeHExkEzag0fs4p_mHw6r33P3Gf7nLQ1tCU1uAlfWjKFDvD8vV-gBTKzCFoCmq8nSPV_3WLZyiWrhKQ-_tHX4FRHVUYGVY_Pp6L-xfViAJWCMLmin9ZlZ2_paEd11HgwSejrm4d41aqwKz7CtX_QyzBUUwKXCm0AErPHnnZL_wswFnRR2Fwf-f9NGQMvhGNTnePxIBHI9QWr0l84eRi1YmVJtViM8Ts6k-fVaVr4TfgOigLhPuX3pY5QQ8NPcMBgxIzoUZd9gbIS7sTF9ciG8FBPPp8orq2R7ORV73dbSvttrPFhLlW1aCy0CJgIHFybtSl590I-EnydDwghORBSRXPzebCCXgSXQ1mh_M3fzor237ws6Embf5atkIt-lNbxLxTU9UcZGfJoEgmEjjnLPf3HhQ4V0dhjTzDgtnB1BQB-1xg6JNlGbgCmHEb4-HLaAS9XgEFoq4NawWcfYR48NddpjcarP2Dxu6c-IRO0K5dUVZdRBv6wPW_S2OUAY9CCVEky6DeD0y88qYIYd-SLW4hj-MhHDgx0Y7Tl4ENAzbezKeXR2WlwzZGCwnJJ8GW-Nm5nh9hKIeewaqd-7a7qLvoBQFQDB5Eup5fUpJukdByNUQ6IureESlORx-9oaODPn8B-CopYnVRK2HoswRvoXib2Oemoe-KbA1VlX67dhBAAzI_hxd8eR7Yn2E3eYOPjD-JWweSfhp99kRwzf8Y4BNdy3doPTQPBR_OBbLwe2yoGsAkydXYsrvOKNOC90b5YFWDz_PZVZ2OfEJLCI1ptRO1nXYvGM6A62KXYkzmTKzrYgLSB3MCS047LB40VSx9flkF9BG6wCeSVO_VtK1yIRTwZlq0hiz1ROW2nUbrQpDwDi26IFrB9uhpzowiHVS3HYsqYGS7PiIRlFkbpHzDMwooDlzX51wlpm4v5XLj_dMtrkOEOdnRieh4CxNaGq3ttLGUTqTJI72MtOuEBY509X3e0CPU8I_vsts4OOwfAMIZFyyVcxgD5eiJ967NVauS5WO9HecIw1p6ODjErZk2IiPa9-rlm6Hs_kALA25L877PluqdXkDIbddn5nSQwkHXkY70FHTd52FVGzRj2pAcQxW4DgIZKO_156q52HTVCbzaKJCCjXCy6IN_tIJ7pYBjjV2UCndu1uScXe9zYR8GqiBrNV-v5l0qCfOnXUBduLGlH32p7LptlB_FckLpC1W41UfU1vLRkA4Ly1Gb-q6lglGvmX6cskROjUua2dOyhi-ZHF9yFLQGvu_r_Tg7tftLZUE1CyMGklbdqOrimaPu4KsaMna7-ttIvLMNQhGeuMzxLLqM63kbYxODkpXXN5q5Pmhe1CWeZU-jwqzaVPZTBntg2Nu5-q7VG1_B0nvdWyVRYBbhmZmHTjEbq50Rg45wknpgal4ByGrNpDpaLo4ZG32EV7aYDjIKwcrOTU3SrikWUkKRUfMpGWGVhsPlveIcyOlRyJUCa-ts2ZO_QfvWGx52SZNCIlw9eWIcSR3yxowlyT_12pykufVXpbIHbvN5PpN1mqpFueBJf8ad7vBuZFd_ujhHV9ikmyQh5v8dUYpznZrjRruv23eDbKrxog51UvdLqGhYIABIS5GjSmoUOHH6WdGQJRR5mQAIBYAE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:56:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 73E9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVLdPOzFTTB6sf8aEPJc2gliaLWUtovRx_Xp6s19gT5I6bmbcU&d=CnkAoCZ_4KzSK-wvs2gf9F-z5KfUsGiilIPJuQgdsDB3iU0jr5k_miLXssB2cb2703djMLnor_3IKdVudvWslbglqfBMj2jrXr1gH7-sNxJ_ry08sEaYBBdNPE7pZLUx_NfMeOy8ySX-_lXxZyQIu-kIJ_pBjaZ7J-08EtkRAKAmf-D8tgDfLYstVAJw4ddhEnTddYq34aVj8zQPoavq3sQI35TDPZd4nHK7a-txpoICgiC5gDXlGbSkFRriYYfMUtI7hreg-NfUzQTZsITrTE7D7mAF_tg2z0U7xrv4w-2XGn4Pkb7AaJB5qKc3GHlY2T18l4HzPSbamWMURucFTkABXLWvEXILCYfQtlHenznuXYWbkR6S8msq-QJx4FGDaRakQK29gYQCQrw98So6z_uFHE_8QVqTwaAiRcmQHSduNVqDW7haYXUU7yttrpbMU4kSSmSoxed1-tNSf0Zkpgok29uh6B-0K2WgXop5H9tlvOZRJT7Or8UpS_hi2o1ev5Yy_3geTGhXn-GLpoSj91iA0eAeE_Hcvne2UyVy9dKc_bnyLepm-nayXxmIYRdMSOA-4wfJdTmMwCunz7rvTfUzq3aqpWdcj0l-M5FzQEdxSpjCqtjcsbuErh8oVLQ4egZGlzgDJjrL9d5A5VVaWGbI332dlS8y1vGxEUPY93h1nlXdorUBdRiL443pDT-HPvgH4TarxMMZSx855NjF2Nz5_hgiePHgmQouOZO1soI5GvfAjQ4kXnEeEbcNXr7fTsAhErDTmA_HYVOXeyQJ2PVuN_kqOxtH34eoVY4pPQPaPXj1DTxnfG9m8JQ5WFSKexYzXr0MgaS83Ka-9_iSjePzG1Rid2-ID_grc0mNg23RcW0AVYarZZGy73hLK3qNCglC-2JrG88JQ3HzRm2pwW0ENR5r0l9MCHEFMGpcw19IlBDnOWIR-AcLSyCDpzU9xq2IS2VZ2kf_7tHDdsD7MixodG-mxMEsRrZ4yLB_I3b0jgUoSLjrg2kZ0NBvwkI3rAWyAeUAglX-W03FtmzGyIOqHz0FVmyA75_xOONDvL2yZs7lvRM6IpstN69XOk-vyDUmDj07CQhfWzLAu6cspi0SFX0fyv_V3c2T_j2hZNj18aHXvjINNItL0XCLk1tU1J51xd4HXGoghxhExg9caHe3jNPBNTbj27kZVWvd51CLEMUjtjw7wLMFakjr8jtidiRoKX7YXfRq6wKVc8Uy-ow45g3QkuFNuEzxX6y6L974UvP3sV83CkMqyfRQSaKCl9semDTtBTjBShAnL5NnAve4QhyanW4yYdmu0-EF2ggE-9pK1hvjxcRyXrsMZyw4wloo5L1oFk3CT_yEiK_tgTw563QE55g6go603zYVf0sH3_xmohBghcD8Gmb0tgCSoEZG5ygAJu_PrWsjyxAh2VDp8eMzdWBdr8yKUAfnPAuj8-IyQ9D455etTYes_IHoV32LnjAo9mhybzI7YtNLN1so--JkmvJt9RgHqh9IuFRJP3aRWNlrVfRVvHoRbvrGxal8yn-V_UeD1z-9rs-0QShL1s69j5LjQA9ctSE7vl5ivzUckeHExkEzag0fs4p_mHw6r33P3Gf7nLQ1tCU1uAlfWjKFDvD8vV-gBTKzCFoCmq8nSPV_3WLZyiWrhKQ-_tHX4FRHVUYGVY_Pp6L-xfViAJWCMLmin9ZlZ2_paEd11HgwSejrm4d41aqwKz7CtX_QyzBUUwKXCm0AErPHnnZL_wswFnRR2Fwf-f9NGQMvhGNTnePxIBHI9QWr0l84eRi1YmVJtViM8Ts6k-fVaVr4TfgOigLhPuX3pY5QQ8NPcMBgxIzoUZd9gbIS7sTF9ciG8FBPPp8orq2R7ORV73dbSvttrPFhLlW1aCy0CJgIHFybtSl590I-EnydDwghORBSRXPzebCCXgSXQ1mh_M3fzor237ws6Embf5atkIt-lNbxLxTU9UcZGfJoEgmEjjnLPf3HhQ4V0dhjTzDgtnB1BQB-1xg6JNlGbgCmHEb4-HLaAS9XgEFoq4NawWcfYR48NddpjcarP2Dxu6c-IRO0K5dUVZdRBv6wPW_S2OUAY9CCVEky6DeD0y88qYIYd-SLW4hj-MhHDgx0Y7Tl4ENAzbezKeXR2WlwzZGCwnJJ8GW-Nm5nh9hKIeewaqd-7a7qLvoBQFQDB5Eup5fUpJukdByNUQ6IureESlORx-9oaODPn8B-CopYnVRK2HoswRvoXib2Oemoe-KbA1VlX67dhBAAzI_hxd8eR7Yn2E3eYOPjD-JWweSfhp99kRwzf8Y4BNdy3doPTQPBR_OBbLwe2yoGsAkydXYsrvOKNOC90b5YFWDz_PZVZ2OfEJLCI1ptRO1nXYvGM6A62KXYkzmTKzrYgLSB3MCS047LB40VSx9flkF9BG6wCeSVO_VtK1yIRTwZlq0hiz1ROW2nUbrQpDwDi26IFrB9uhpzowiHVS3HYsqYGS7PiIRlFkbpHzDMwooDlzX51wlpm4v5XLj_dMtrkOEOdnRieh4CxNaGq3ttLGUTqTJI72MtOuEBY509X3e0CPU8I_vsts4OOwfAMIZFyyVcxgD5eiJ967NVauS5WO9HecIw1p6ODjErZk2IiPa9-rlm6Hs_kALA25L877PluqdXkDIbddn5nSQwkHXkY70FHTd52FVGzRj2pAcQxW4DgIZKO_156q52HTVCbzaKJCCjXCy6IN_tIJ7pYBjjV2UCndu1uScXe9zYR8GqiBrNV-v5l0qCfOnXUBduLGlH32p7LptlB_FckLpC1W41UfU1vLRkA4Ly1Gb-q6lglGvmX6cskROjUua2dOyhi-ZHF9yFLQGvu_r_Tg7tftLZUE1CyMGklbdqOrimaPu4KsaMna7-ttIvLMNQhGeuMzxLLqM63kbYxODkpXXN5q5Pmhe1CWeZU-jwqzaVPZTBntg2Nu5-q7VG1_B0nvdWyVRYBbhmZmHTjEbq50Rg45wknpgal4ByGrNpDpaLo4ZG32EV7aYDjIKwcrOTU3SrikWUkKRUfMpGWGVhsPlveIcyOlRyJUCa-ts2ZO_QfvWGx52SZNCIlw9eWIcSR3yxowlyT_12pykufVXpbIHbvN5PpN1mqpFueBJf8ad7vBuZFd_ujhHV9ikmyQh5v8dUYpznZrjRruv23eDbKrxog51UvdLqGhYIABIS5GjSmoUOHH6WdGQJRR5mQAIBYAE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:07:07 GMT
AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oP071mY0cM7lcmpUPsAIyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oP071mY0cM7lcmpUPsAIyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-oP071mY0cM7lcmpUPsAIyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oP071mY0cM7lcmpUPsAIyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FA16 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhivg6GyATAB&v=APEucNWG08TqXJ8IRMaji4sfxv5deyuSKSBS_mA-d3rcer0oS497DnWjRigS-TLl4dBZVw1Urs3SnqqxwAn2RV-NXwLT0h09aLoZy_cDDf5tKQ_mibeeLfzJHbOttIcWsZ9Flo1XU-8VyiXlP7cjOekcrZvqJOpocQxcKWtkU60esgamYVgPuc4
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMKPFhC20MOsAhivg6GyATAB&v=APEucNWG08TqXJ8IRMaji4sfxv5deyuSKSBS_mA-d3rcer0oS497DnWjRigS-TLl4dBZVw1Urs3SnqqxwAn2RV-NXwLT0h09aLoZy_cDDf5tKQ_mibeeLfzJHbOttIcWsZ9Flo1XU-8VyiXlP7cjOekcrZvqJOpocQxcKWtkU60esgamYVgPuc4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmgDdcQualuJNDbbCOvrL1wF4bpbS2S9GUoeSI2Jocw0oq0zUXFVv4p2pYylR4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 05:09:56 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame D45D 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CY0PP0qNzDr0ClI4fLKQCv0iMe8LRDycLVxkRl63MBZYRVEOqHbtqa3mQi1K4JuRNPoLfV_BrAYgJM-QTEDerIeqOHWmbMBL-pgHvJPYx31HBAUJ1fbDe7b9Ub0rcc6KLEngN1yjf9B3--i253SBuGZ1uABQ&cry=1&dbm_d=AKAmf-Crat9n5_OkZEu7NgS_Lh91_l6rOe1J5QqN9mQH01C4YwnYUd87iSUjof6hrbNKX-SfF5XgwRMu-BDe-kGHBSg6iGZqvFjK05Uhpe_kG1OE2q-7IE9seQCFQaDOJxDWI70d6c7dGawVFPVrZVNChPnPwrplSY8SWIs1_jwcHsiSja3rX7g9I0FlP4qcGQ-yqv9DDzgd9mE_eHfGqDSul2_W08f9q-JkckqFbSeHku6TWUJVdqdmlS5QJDg6KJWi4IPDlf7_0e11h4e9D4978hP-9StjYyUfTgzUslVmL8fCfCKQXxA03sAEM4_uu0WsNrIMaNLHRa1TQaM5tNgVVsJMw2PNtDChjs34MCOyf9dVijDtJvgaH42Suez0IT2QtiMasQSikHPPRdsgeSZtmJoyjA_XXg0KCJuTxEDMiuduKpArRvf-ELUcgwAR4H2FQZpRQFeZcCiceZt-sp8CE5IfnC0lNASdkm6h5smkICaRZvnTrvknezAZFzB9EZx-T6ybYsYjuGkVssHAwMgoajWhShtla9JsQJq05biymqypo5MlQAoWQ2CMI1PbGZ3A6LQWxz4VTfbAEij0VtvogGmkbwsblIUq3XD0q4EwQve0C13dZ-5u4iX2EM3DtoyV23xo8yfBLZ2BqA07K1goCGB8D5W3z6-X9L9kyigGH2dC_w-8i0iORTC-zMnN5y_WVnALqu8fpv8WS_vVBpUtj0uK9-yTxowsfw1Vsqk5DY8ztVheDrl6Y0Q5bIwObLCJVNQarGBqbcQk1QINgHFZNtGubaSaKHaQMyZ_kXoFYT_s3WhEBE1YTaYKJ23Y7nRTARQkeTcUqI5GU7pKBWXXxA46EwDHH8u4ebm7HdjNhx2_Zvz1wvztI6BjBmCIWdWLVuODdqS9wperBwOMMiifJ-usCQMmLUlwXFBKBoq3L6wlh6Ld6-ieOFz2-iUFVkCygf4DE09qcuNXAzkZTfcZ3jWHde42OyOwF5ImMDWU-yZlmjQE4lcXguyipORznzxTrsUICU4CRFMjOFNBMOZCu183YUUm5ULy-YYTmWdthvEHfkJuRkGNeCBOXy2V2HC9fDFs575MuC5gHZsOKdSqcRH4G258iy8wR4RpVh2QXF9ePE6jLDa4ia37XvpVNxTVbtbRZ1f4wwZhK8VXMElEkxex1FxstvR189mrji7vb77Yxt3iPrATTcHg-yV1zK4O8-kMgfP3W9P2NqlszhFj3PaZkHoKVoA9SBx8GahM_rG-g5ZAJ4IYCoA_mL_X8J_Ag99lS7U72xcdz2rehBRmRCDVtaSPqAh1e9UolJliNVakmUQHqZ2HQrsyqnGMKJkpR_1AeUjlvA_zHP99e-FrxZVIx0-9dVJAD6BihDUqIMkZw4ZdQgjjoTf56kMdqh8qVinf-vShkZQnSmp1qk1TsJXzAthlyZJJnbXuuJnjeNiR7KSpliCfRd9O7gnmgDWmHreAtdzA1_VtQupwR1yUBWA0N2iFA5kNh-aveEso5vdiv_9FDFs5I3KAtM41fyqy4bKdijk2B9x6TbcvKUx6YtuTH_ETV-1PyvBq7mVAGL2hQe2m_49nc20ewVzx_z53aUgHLastnHppiIxT3xw7iQhJjJqqhRdJ9xHQCYXLhHXaTK2UqON3JjwNefOvVAYYeq8LmRyBdPIRr1acD5KuS9nXTVmmIoyEaDh2k9ZKF8qxvLyICG9HEJLsnuz4RFzre5Ah4P0LyqiN3Pe0czH3dcBE14Bmu6ApIsEmXfUzvXushBG47Qv-rbMZpz_Zb5--QO-Zffb08LcTJ85EsPoS8ABZSXhRxZtJ39EewjB3yIniidASaOnT8FncvWE8q88rbOsgn0gpK_mVFQPEwJClt_r7GRM-2fMVogQ01bERs54ZQx6X2TCIpCGLeZAmB2xggE8iIOuNw_YHfsqd839wpkMvmzvdfP-1YlttSxuJ0wjgWeNkMI7pHBTHf1VCN8rPP1XHfiACefc0aaXXwd4NXojZCzqRhjwFlVhdVKw1SidCEa2U6ZBKlyqMZ1fblvlsIYInBPEsUbU53w0U19pU4B5lqpxTegc3GmiN3kkShQ748cigktzi6WGKH9QxrFNiO6JQfNphoaQ7Unn6ZiPkyzgaVi3hLy3QnS-d2g7LKj6zAzGEpZqe3Z4t66yTQ-x1vmVHMxHIOfIQwPifDNHK2mhHto__bQMV5woTmAwMnQsKfGTSXeKXpfVMKmNywEe83GmWCpz6N9f2xoe_Vao_eCXpu9tUAMtwNfV35xxXXxy_-cSxEXeEKmpOUAknrFGVLnYLiG5a4_3sjZrkrHNHflOA8YJsce2NpS8krhZixqnRs6K07sOhEoJXyrx3CKmDxbaRJdMLWOIofDNmRpo-HNYWqXPk3RggIayjWJy2dldrEAhN7qTuZMIXjNUuz7IC5lMGgDZ4CNlBBtvYYhfGtCp_C5dZ4B8Wzlpb0LTCD6l0pMJ7T7MHaCN13dqDTx6wjZAbo6X_KbLTKVw7T6pobfKYMQBR2YsOHGrgd0P26TbEhuPUkhcYbuicVyv7ZIATIYZQx9dMGuNueSWlBPvA4i78I8RBbuSAyk30wEQitNKCRc_6MhBOOx68_-eojkiDD71X3bnBMivJcrZ3Un_G35f8KySwWMZBxIZSA8AvbjsbmwUkDqSxpHsyvyyeLIUwyQetZZDiTbaAPRXcMuxewdqtqt9_0rCbt92J7KzGCk0oCj4WqB2pE-ItXNPuBwkekWXZ5GEerbTIicfzjujN-dIrIyFUEkQVr49K3Hgq-MRApnT38M1SdaGP-4weHyxUn25U8nmbbDDGlEenl7KRtTAwlv8cfUeSxl99DlxJ_b8lOFQo6wYfc0-iryElkac9mPCS9iIPDrDD2cCzQbKinwikDY9JfVIYlhF4KP8O4aOCTooWVxQVcpYx-2ISTo23uZbiwPGxrnmX2Yv-e1xa8lI8_LEzP4F_ynTFLdCfrCE5ot_xcl8Bp_hmSq6M1qtKiQyYUqK141HWtuAsQid1ql-teHeauf0v3Hute-kmUeprQMV0XVjQmwZamC-SJp5gl4f0HF8dhOfeFzobcKen1wngEcp0cGPSyslCJGwGP-4x91s_ggXGd4tzSVf8z3ix92hQdk1c&cid=CAASEuRoyngnn4gHPJOhHU8rfCsxDw&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bca2e82998f0b395c63b3f1f967aec6488c57227320aa36b20e2d0caf5696239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D45D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DF8X_JJqACg3foMCgspwSbly1I0vcNIECoJSW1gyGpoardzrD3Zfw9a1ch5CdbpEYZG9xEkbJs8N3l1jlXcrsFz5BSJDvhf2rr728-5JAtGaA77S8
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame D45D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4403
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 16:41:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 14 Oct 2021 05:42:10 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/787359/56365162/ Frame D45D 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/787359/56365162/skeleton.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.16.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-16-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f3c849d552d34dff3a933974de7971aa7a9ce58f4cfd09ff5913db755ea98caa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-server-name
app04.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D45D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:01:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D45D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:30:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D45D 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 05:09:56 GMT
settings
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/ 		393 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/settings
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69de4c66998d21b7-DUS
date
Thu, 14 Oct 2021 05:09:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=300
strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
gzip
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 54AA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 13 Oct 2021 11:05:49 GMT
expires
Thu, 13 Oct 2022 11:05:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-33xL09IVce+erx5nlTBGRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-33xL09IVce+erx5nlTBGRQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-33xL09IVce+erx5nlTBGRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-33xL09IVce+erx5nlTBGRQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVHnMuK2mEezmJ72OaO95RnJV3BA7iV7Ia2e4lC6jg6USp-Ui5NsyEONXJc90egGe_rJsvoMrMoL7VqRkQIO7QELxthvCSdiS5J1evaNI5MYHa3y-eBahsp5_JgPvUW9FRGTl-ofIlRTgYKcnnE1DJhFYaCEY7VLfl-uCJR7EPzmcDSnkKQ3Xby4nqr
fundingchoicesmessages.google.com/f/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVHnMuK2mEezmJ72OaO95RnJV3BA7iV7Ia2e4lC6jg6USp-Ui5NsyEONXJc90egGe_rJsvoMrMoL7VqRkQIO7QELxthvCSdiS5J1evaNI5MYHa3y-eBahsp5_JgPvUW9FRGTl-ofIlRTgYKcnnE1DJhFYaCEY7VLfl-uCJR7EPzmcDSnkKQ3Xby4nqr?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MTg4MTk2LDg0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e6ef5a4360d3d730d8eb5b1d71006a6d8c050e0f8f329b5ed01e47d51a4cbb6e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fdV1o2OhSjElfh5MsSjOYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fdV1o2OhSjElfh5MsSjOYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fdV1o2OhSjElfh5MsSjOYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fdV1o2OhSjElfh5MsSjOYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWlvP6OC8KOD0P9-j0VwrJleD7ql3M_1AweyuBQZrGjS9Ww4OJ0usckKK8QQd5vtg7y7kAOyvYUN7W54l4txkQNV3LFV4YnOu0GTb0WEM-XFA9-6rBSJ284K_jGLh6OHIrN_BdcuTfFdsvagq7KWerF7Psz5CDeW0gbvL7DsxzKOZTswGIMoz2MBZE_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D9xZh981oaxq45wurJdXYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-D9xZh981oaxq45wurJdXYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:56 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D9xZh981oaxq45wurJdXYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-D9xZh981oaxq45wurJdXYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/1753477455059412092/ Frame 7C4F 		128 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
df324cf99cbc625fa43f78407ff343a898086a912141da1396ba334a42d2774c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:57 GMT
expires
Fri, 14 Oct 2022 05:09:57 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Jun 2021 10:59:47 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2813 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcUxeGozNY5D2AjvvogsAkfQll-vmhXqsRFURhY43wU4e4SPorXMqWkZuZrdk4wRGLuwEXmFLdsroVxAyE-2geAvjAERHPaYOsYM4uwsFp9dLW-Vm5h3omCHXqlD5kNpQ2Y9FyeF5ZBBRQu2Y0jogmLzHOyEPp0gIPcAfxd0-_kXn2AF6DDNrdsOfNv65w4D9jdIxWdoJh0sJsyrKsCmBu0zFlEYbidCTOnNUJRg0fWORj72pBOAxuthfpvHdTx-DIVQYeppRR5rJg73cKFvhWhDp2RS0NmEsyFUmJ9f9jNciWEN81md_sR1rWJflz5_s-Echyljg3r4Lz39x_q4Yl621_JyrBKiX2buydCU9X_llUGeXHW4VLDZ33xLQTceX1UJHiT5uSN-cajeZM20qDh0lHizOpUOXsLh1cVMxvehSm3BoMu8vwq2N2fxesq9UXPXAdL09ATMNU-LnH0So5TxUPCUgh7Txp5hduY5tzqyLDbVIWkAyJJbvBAQKvnjAzY8Ask437N93qWod9Pnjuda0YnwDGvaF6hnxr7MEoG8mHhxU8YJdUHG7j6xnXAyd6Y6MmU7denMcs4aPU6UoPoc_URDAH9DBjet2cflzVJ60XdmkuZburhvv8iDq_Wg6kEtuwGFFUhnbHcC_nPgIAp0jX_65YDndGq9J02LDQCBda8PIfAccpt6zSlhtMzIY1x11p0NdBStoX8X_9GRnOd4eEa705osTUYLWeE9QeaH7iXJGrCdXjf_jQwgiitXTLkdB0uCkF_ZtqiPBiYttK8TlSpqI9GRZgwlyCJD81Nr8aOAXNAG8ihZ9f_gLQXLvOJLBB8uMaR-mIeLBgFSDpDF26dF-iTOX_nFg5Yl5xJKDY6I8S8iPH4RXjQFnYxNcvJL5G5Ww1Qq_z-2IRQkSsWgmRpYJsDl_ZGeBgF9T_1mXWcneNAiSHcpnVRQkvGKfFskK316j3OHHGwGTKZYvYZFVOPMfgVvFg0BjC09B5qKL_6K-4khk6lASuGrdtXTyU9lCALO3npgk5SR4Z6dHyELZdh2I4TKTOJptoraobkIZtLbPSyYPgAzcCCpz6RdIzS6HrxbAeIT854JEky5f2KDQP4iXhl8ukjckm59s1Zu39fCso7shZUgi6-hsrW9WopOUoqW0HBcRlV0P-9TuC9s840txnJYRvOov53nB3NNdMkxId8r2pvzhhC91ISSOPwSs0ZaPnOkXBa0HFCBWJcg&sai=AMfl-YTjA2KFYIdc973nmY0w9_emZ4mYP6rYNlGArjZnZC6zDY1LAfc7xOkFo9vh9UGCo2b7BmBhKIW6cnk-M_OVhaeGc8sV5QTwWH2VnBQsQm9_MWhQ5eYDYa2-BCqyJZ8J-3JwTNKaw5mI6W8SHCNa9hYCkGF1Xg&sig=Cg0ArKJSzPx0_N4Ip0nEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=274&cisv=r20211011.67965&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 14 Oct 2021 05:09:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bayi-menangis_43.jpeg
akcdn.detik.net.id/visual/2021/06/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/06/10/bayi-menangis_43.jpeg?w=360&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
9db0bdf54d9e2a1a6399d0ce08e21871f4a030e452364f98be7078c140601cd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static8
cache-status
HIT
etag
W/"4b02f540a5137ce038bf61977e020a0bc3cef54d"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
kehamilan_43.jpeg
akcdn.detik.net.id/visual/2020/12/22/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2020/12/22/kehamilan_43.jpeg?w=360&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
9522a675df401dee461e5cc1e6db60342da8747a0335442f862f45a75e4dce19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static8
cache-status
HIT
etag
W/"be447ceabd01940cd418ecad07ddc42fe5cc964f"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
ilustrasi-pasangan-1_43.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/ilustrasi-pasangan-1_43.jpeg?w=360&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
7028fee6a765b09d3d7fe0ab196f0f12197bdc667135aaf7a76271ec62939ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static7
cache-status
HIT
etag
W/"71172e4db9529f92406ab0aed2612b633c283e66"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
homepage
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 		11 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=1800
strict-transport-security
max-age=0; includeSubDomains; preload
accept-ranges
bytes
cf-ray
69de4c678ab321b7-DUS
content-length
11
iframe.html
static.vidy.com/0.38.5/ Frame F939 		170 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
static.vidy.com
:scheme
https
:path
/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-type
text/html
x-guploader-uploadid
ADPycdvYWaFnAxe3Go3MjHYlm7IKBbvZ6BIyOk1Ln01hj3JYobwmX4QUfDmZ07uLpTdizB91KtM8FDCGcSeTCb87G3s
cache-control
public,max-age=31536000,immutable
expires
Tue, 20 Sep 2022 17:33:34 GMT
last-modified
Mon, 20 Sep 2021 15:27:28 GMT
x-goog-generation
1632151648524711
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
170
x-goog-hash
crc32c=L2PN0Q== md5=30+26Rimyfs6gQOLghFtrQ==
x-goog-storage-class
MULTI_REGIONAL
access-control-allow-origin
*
access-control-expose-headers
Content-Type *
cf-cache-status
HIT
age
2018242
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
69de4c679abb21b7-DUS
content-encoding
gzip
embed.min.css
static.vidy.com/0.38.5/ 		159 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/0.38.5/embed.min.css
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2022092
x-guploader-uploadid
ADPycduqPyFVIKfV6T2GZ1bIAPmDPlp2ZhweBT_GW16mAfK2oePo4NC7dH_-XFP8-SJ7VULDW8zmBhQbogoLo1L5Nno
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 15:27:27 GMT
server
cloudflare
etag
W/"d625cd0dcb9328385d986851871fcde3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=LJbN1g==, md5=1iXNDcuTKDhdmGhRhx/N4w==
x-goog-generation
1632151646968836
access-control-allow-origin
*
content-type
text/css
access-control-expose-headers
Content-Type, *
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
163315
cf-ray
69de4c679abc21b7-DUS
expires
Tue, 20 Sep 2022 16:39:55 GMT
alive
api.vidy.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/alive
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=0; includeSubDomains; preload
accept-ranges
bytes
cf-ray
69de4c67aac721b7-DUS
content-length
2
eva-celia-dan-hanny-trihandojo-5_11.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/eva-celia-dan-hanny-trihandojo-5_11.jpeg?w=410&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
6e5f9ce036d94e198274025cbb9004e22c91d730a57943fb634e12e15f9cf28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static11
cache-status
HIT
etag
W/"3bcda9dc0291ae36ac49b794a6f7ecda9ae23309"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
alblen-filindo-fabe_11.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/12/alblen-filindo-fabe_11.jpeg?w=410&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
783777537ba06ffff7b35ab529a38d1a090a7b4202e7c52762b2a24dc1a44753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static4
cache-status
HIT
etag
W/"a85d9fd021fe37cf8224d4fe0027ac57ff7166f9"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
setengah-bule-1_11.jpeg
akcdn.detik.net.id/visual/2021/06/08/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/06/08/setengah-bule-1_11.jpeg?w=410&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
c6bba45eeda50b4fa0ecc7829d3a677f5b555dbbb8b2eebb27297bd0911f95a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static12
cache-status
HIT
etag
W/"d56168428e116259ffce66409fb25c4c73e3fa08"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
0ff3bbf3-c072-4270-bbfd-c7650e809281_11.jpeg
akcdn.detik.net.id/visual/2020/03/03/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2020/03/03/0ff3bbf3-c072-4270-bbfd-c7650e809281_11.jpeg?w=410&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
af3a3f6b22952e657ff98e3a40b63f58f9f7076f6f018e452ca98e2dbfe85dda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static3
cache-status
HIT
etag
W/"336d2ce47bce6666297fb0b1ce31cdcdeb6c126e"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
64a9c9c3-a808-4bff-8ff1-a142213ed240_11.jpg
akcdn.detik.net.id/visual/2015/07/03/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2015/07/03/64a9c9c3-a808-4bff-8ff1-a142213ed240_11.jpg?w=410&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
44a5d16e00aafe0d9261398da498d17cf0fe09abf7409577a351667b4f54d80a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
iresizer
ir-static8
cache-status
HIT
etag
W/"25c65dfc3dffabc1a442dad1e362c86263c09d38"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame D45D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CY0PP0qNzDr0ClI4fLKQCv0iMe8LRDycLVxkRl63MBZYRVEOqHbtqa3mQi1K4JuRNPoLfV_BrAYgJM-QTEDerIeqOHWmbMBL-pgHvJPYx31HBAUJ1fbDe7b9Ub0rcc6KLEngN1yjf9B3--i253SBuGZ1uABQ&cry=1&dbm_d=AKAmf-Crat9n5_OkZEu7NgS_Lh91_l6rOe1J5QqN9mQH01C4YwnYUd87iSUjof6hrbNKX-SfF5XgwRMu-BDe-kGHBSg6iGZqvFjK05Uhpe_kG1OE2q-7IE9seQCFQaDOJxDWI70d6c7dGawVFPVrZVNChPnPwrplSY8SWIs1_jwcHsiSja3rX7g9I0FlP4qcGQ-yqv9DDzgd9mE_eHfGqDSul2_W08f9q-JkckqFbSeHku6TWUJVdqdmlS5QJDg6KJWi4IPDlf7_0e11h4e9D4978hP-9StjYyUfTgzUslVmL8fCfCKQXxA03sAEM4_uu0WsNrIMaNLHRa1TQaM5tNgVVsJMw2PNtDChjs34MCOyf9dVijDtJvgaH42Suez0IT2QtiMasQSikHPPRdsgeSZtmJoyjA_XXg0KCJuTxEDMiuduKpArRvf-ELUcgwAR4H2FQZpRQFeZcCiceZt-sp8CE5IfnC0lNASdkm6h5smkICaRZvnTrvknezAZFzB9EZx-T6ybYsYjuGkVssHAwMgoajWhShtla9JsQJq05biymqypo5MlQAoWQ2CMI1PbGZ3A6LQWxz4VTfbAEij0VtvogGmkbwsblIUq3XD0q4EwQve0C13dZ-5u4iX2EM3DtoyV23xo8yfBLZ2BqA07K1goCGB8D5W3z6-X9L9kyigGH2dC_w-8i0iORTC-zMnN5y_WVnALqu8fpv8WS_vVBpUtj0uK9-yTxowsfw1Vsqk5DY8ztVheDrl6Y0Q5bIwObLCJVNQarGBqbcQk1QINgHFZNtGubaSaKHaQMyZ_kXoFYT_s3WhEBE1YTaYKJ23Y7nRTARQkeTcUqI5GU7pKBWXXxA46EwDHH8u4ebm7HdjNhx2_Zvz1wvztI6BjBmCIWdWLVuODdqS9wperBwOMMiifJ-usCQMmLUlwXFBKBoq3L6wlh6Ld6-ieOFz2-iUFVkCygf4DE09qcuNXAzkZTfcZ3jWHde42OyOwF5ImMDWU-yZlmjQE4lcXguyipORznzxTrsUICU4CRFMjOFNBMOZCu183YUUm5ULy-YYTmWdthvEHfkJuRkGNeCBOXy2V2HC9fDFs575MuC5gHZsOKdSqcRH4G258iy8wR4RpVh2QXF9ePE6jLDa4ia37XvpVNxTVbtbRZ1f4wwZhK8VXMElEkxex1FxstvR189mrji7vb77Yxt3iPrATTcHg-yV1zK4O8-kMgfP3W9P2NqlszhFj3PaZkHoKVoA9SBx8GahM_rG-g5ZAJ4IYCoA_mL_X8J_Ag99lS7U72xcdz2rehBRmRCDVtaSPqAh1e9UolJliNVakmUQHqZ2HQrsyqnGMKJkpR_1AeUjlvA_zHP99e-FrxZVIx0-9dVJAD6BihDUqIMkZw4ZdQgjjoTf56kMdqh8qVinf-vShkZQnSmp1qk1TsJXzAthlyZJJnbXuuJnjeNiR7KSpliCfRd9O7gnmgDWmHreAtdzA1_VtQupwR1yUBWA0N2iFA5kNh-aveEso5vdiv_9FDFs5I3KAtM41fyqy4bKdijk2B9x6TbcvKUx6YtuTH_ETV-1PyvBq7mVAGL2hQe2m_49nc20ewVzx_z53aUgHLastnHppiIxT3xw7iQhJjJqqhRdJ9xHQCYXLhHXaTK2UqON3JjwNefOvVAYYeq8LmRyBdPIRr1acD5KuS9nXTVmmIoyEaDh2k9ZKF8qxvLyICG9HEJLsnuz4RFzre5Ah4P0LyqiN3Pe0czH3dcBE14Bmu6ApIsEmXfUzvXushBG47Qv-rbMZpz_Zb5--QO-Zffb08LcTJ85EsPoS8ABZSXhRxZtJ39EewjB3yIniidASaOnT8FncvWE8q88rbOsgn0gpK_mVFQPEwJClt_r7GRM-2fMVogQ01bERs54ZQx6X2TCIpCGLeZAmB2xggE8iIOuNw_YHfsqd839wpkMvmzvdfP-1YlttSxuJ0wjgWeNkMI7pHBTHf1VCN8rPP1XHfiACefc0aaXXwd4NXojZCzqRhjwFlVhdVKw1SidCEa2U6ZBKlyqMZ1fblvlsIYInBPEsUbU53w0U19pU4B5lqpxTegc3GmiN3kkShQ748cigktzi6WGKH9QxrFNiO6JQfNphoaQ7Unn6ZiPkyzgaVi3hLy3QnS-d2g7LKj6zAzGEpZqe3Z4t66yTQ-x1vmVHMxHIOfIQwPifDNHK2mhHto__bQMV5woTmAwMnQsKfGTSXeKXpfVMKmNywEe83GmWCpz6N9f2xoe_Vao_eCXpu9tUAMtwNfV35xxXXxy_-cSxEXeEKmpOUAknrFGVLnYLiG5a4_3sjZrkrHNHflOA8YJsce2NpS8krhZixqnRs6K07sOhEoJXyrx3CKmDxbaRJdMLWOIofDNmRpo-HNYWqXPk3RggIayjWJy2dldrEAhN7qTuZMIXjNUuz7IC5lMGgDZ4CNlBBtvYYhfGtCp_C5dZ4B8Wzlpb0LTCD6l0pMJ7T7MHaCN13dqDTx6wjZAbo6X_KbLTKVw7T6pobfKYMQBR2YsOHGrgd0P26TbEhuPUkhcYbuicVyv7ZIATIYZQx9dMGuNueSWlBPvA4i78I8RBbuSAyk30wEQitNKCRc_6MhBOOx68_-eojkiDD71X3bnBMivJcrZ3Un_G35f8KySwWMZBxIZSA8AvbjsbmwUkDqSxpHsyvyyeLIUwyQetZZDiTbaAPRXcMuxewdqtqt9_0rCbt92J7KzGCk0oCj4WqB2pE-ItXNPuBwkekWXZ5GEerbTIicfzjujN-dIrIyFUEkQVr49K3Hgq-MRApnT38M1SdaGP-4weHyxUn25U8nmbbDDGlEenl7KRtTAwlv8cfUeSxl99DlxJ_b8lOFQo6wYfc0-iryElkac9mPCS9iIPDrDD2cCzQbKinwikDY9JfVIYlhF4KP8O4aOCTooWVxQVcpYx-2ISTo23uZbiwPGxrnmX2Yv-e1xa8lI8_LEzP4F_ynTFLdCfrCE5ot_xcl8Bp_hmSq6M1qtKiQyYUqK141HWtuAsQid1ql-teHeauf0v3Hute-kmUeprQMV0XVjQmwZamC-SJp5gl4f0HF8dhOfeFzobcKen1wngEcp0cGPSyslCJGwGP-4x91s_ggXGd4tzSVf8z3ix92hQdk1c&cid=CAASEuRoyngnn4gHPJOhHU8rfCsxDw&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 05:07:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D45D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CY0PP0qNzDr0ClI4fLKQCv0iMe8LRDycLVxkRl63MBZYRVEOqHbtqa3mQi1K4JuRNPoLfV_BrAYgJM-QTEDerIeqOHWmbMBL-pgHvJPYx31HBAUJ1fbDe7b9Ub0rcc6KLEngN1yjf9B3--i253SBuGZ1uABQ&cry=1&dbm_d=AKAmf-Crat9n5_OkZEu7NgS_Lh91_l6rOe1J5QqN9mQH01C4YwnYUd87iSUjof6hrbNKX-SfF5XgwRMu-BDe-kGHBSg6iGZqvFjK05Uhpe_kG1OE2q-7IE9seQCFQaDOJxDWI70d6c7dGawVFPVrZVNChPnPwrplSY8SWIs1_jwcHsiSja3rX7g9I0FlP4qcGQ-yqv9DDzgd9mE_eHfGqDSul2_W08f9q-JkckqFbSeHku6TWUJVdqdmlS5QJDg6KJWi4IPDlf7_0e11h4e9D4978hP-9StjYyUfTgzUslVmL8fCfCKQXxA03sAEM4_uu0WsNrIMaNLHRa1TQaM5tNgVVsJMw2PNtDChjs34MCOyf9dVijDtJvgaH42Suez0IT2QtiMasQSikHPPRdsgeSZtmJoyjA_XXg0KCJuTxEDMiuduKpArRvf-ELUcgwAR4H2FQZpRQFeZcCiceZt-sp8CE5IfnC0lNASdkm6h5smkICaRZvnTrvknezAZFzB9EZx-T6ybYsYjuGkVssHAwMgoajWhShtla9JsQJq05biymqypo5MlQAoWQ2CMI1PbGZ3A6LQWxz4VTfbAEij0VtvogGmkbwsblIUq3XD0q4EwQve0C13dZ-5u4iX2EM3DtoyV23xo8yfBLZ2BqA07K1goCGB8D5W3z6-X9L9kyigGH2dC_w-8i0iORTC-zMnN5y_WVnALqu8fpv8WS_vVBpUtj0uK9-yTxowsfw1Vsqk5DY8ztVheDrl6Y0Q5bIwObLCJVNQarGBqbcQk1QINgHFZNtGubaSaKHaQMyZ_kXoFYT_s3WhEBE1YTaYKJ23Y7nRTARQkeTcUqI5GU7pKBWXXxA46EwDHH8u4ebm7HdjNhx2_Zvz1wvztI6BjBmCIWdWLVuODdqS9wperBwOMMiifJ-usCQMmLUlwXFBKBoq3L6wlh6Ld6-ieOFz2-iUFVkCygf4DE09qcuNXAzkZTfcZ3jWHde42OyOwF5ImMDWU-yZlmjQE4lcXguyipORznzxTrsUICU4CRFMjOFNBMOZCu183YUUm5ULy-YYTmWdthvEHfkJuRkGNeCBOXy2V2HC9fDFs575MuC5gHZsOKdSqcRH4G258iy8wR4RpVh2QXF9ePE6jLDa4ia37XvpVNxTVbtbRZ1f4wwZhK8VXMElEkxex1FxstvR189mrji7vb77Yxt3iPrATTcHg-yV1zK4O8-kMgfP3W9P2NqlszhFj3PaZkHoKVoA9SBx8GahM_rG-g5ZAJ4IYCoA_mL_X8J_Ag99lS7U72xcdz2rehBRmRCDVtaSPqAh1e9UolJliNVakmUQHqZ2HQrsyqnGMKJkpR_1AeUjlvA_zHP99e-FrxZVIx0-9dVJAD6BihDUqIMkZw4ZdQgjjoTf56kMdqh8qVinf-vShkZQnSmp1qk1TsJXzAthlyZJJnbXuuJnjeNiR7KSpliCfRd9O7gnmgDWmHreAtdzA1_VtQupwR1yUBWA0N2iFA5kNh-aveEso5vdiv_9FDFs5I3KAtM41fyqy4bKdijk2B9x6TbcvKUx6YtuTH_ETV-1PyvBq7mVAGL2hQe2m_49nc20ewVzx_z53aUgHLastnHppiIxT3xw7iQhJjJqqhRdJ9xHQCYXLhHXaTK2UqON3JjwNefOvVAYYeq8LmRyBdPIRr1acD5KuS9nXTVmmIoyEaDh2k9ZKF8qxvLyICG9HEJLsnuz4RFzre5Ah4P0LyqiN3Pe0czH3dcBE14Bmu6ApIsEmXfUzvXushBG47Qv-rbMZpz_Zb5--QO-Zffb08LcTJ85EsPoS8ABZSXhRxZtJ39EewjB3yIniidASaOnT8FncvWE8q88rbOsgn0gpK_mVFQPEwJClt_r7GRM-2fMVogQ01bERs54ZQx6X2TCIpCGLeZAmB2xggE8iIOuNw_YHfsqd839wpkMvmzvdfP-1YlttSxuJ0wjgWeNkMI7pHBTHf1VCN8rPP1XHfiACefc0aaXXwd4NXojZCzqRhjwFlVhdVKw1SidCEa2U6ZBKlyqMZ1fblvlsIYInBPEsUbU53w0U19pU4B5lqpxTegc3GmiN3kkShQ748cigktzi6WGKH9QxrFNiO6JQfNphoaQ7Unn6ZiPkyzgaVi3hLy3QnS-d2g7LKj6zAzGEpZqe3Z4t66yTQ-x1vmVHMxHIOfIQwPifDNHK2mhHto__bQMV5woTmAwMnQsKfGTSXeKXpfVMKmNywEe83GmWCpz6N9f2xoe_Vao_eCXpu9tUAMtwNfV35xxXXxy_-cSxEXeEKmpOUAknrFGVLnYLiG5a4_3sjZrkrHNHflOA8YJsce2NpS8krhZixqnRs6K07sOhEoJXyrx3CKmDxbaRJdMLWOIofDNmRpo-HNYWqXPk3RggIayjWJy2dldrEAhN7qTuZMIXjNUuz7IC5lMGgDZ4CNlBBtvYYhfGtCp_C5dZ4B8Wzlpb0LTCD6l0pMJ7T7MHaCN13dqDTx6wjZAbo6X_KbLTKVw7T6pobfKYMQBR2YsOHGrgd0P26TbEhuPUkhcYbuicVyv7ZIATIYZQx9dMGuNueSWlBPvA4i78I8RBbuSAyk30wEQitNKCRc_6MhBOOx68_-eojkiDD71X3bnBMivJcrZ3Un_G35f8KySwWMZBxIZSA8AvbjsbmwUkDqSxpHsyvyyeLIUwyQetZZDiTbaAPRXcMuxewdqtqt9_0rCbt92J7KzGCk0oCj4WqB2pE-ItXNPuBwkekWXZ5GEerbTIicfzjujN-dIrIyFUEkQVr49K3Hgq-MRApnT38M1SdaGP-4weHyxUn25U8nmbbDDGlEenl7KRtTAwlv8cfUeSxl99DlxJ_b8lOFQo6wYfc0-iryElkac9mPCS9iIPDrDD2cCzQbKinwikDY9JfVIYlhF4KP8O4aOCTooWVxQVcpYx-2ISTo23uZbiwPGxrnmX2Yv-e1xa8lI8_LEzP4F_ynTFLdCfrCE5ot_xcl8Bp_hmSq6M1qtKiQyYUqK141HWtuAsQid1ql-teHeauf0v3Hute-kmUeprQMV0XVjQmwZamC-SJp5gl4f0HF8dhOfeFzobcKen1wngEcp0cGPSyslCJGwGP-4x91s_ggXGd4tzSVf8z3ix92hQdk1c&cid=CAASEuRoyngnn4gHPJOhHU8rfCsxDw&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 13 Oct 2022 11:05:48 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 249E 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGFF8NBkSnkkACCEUetki9s&google_cver=1&google_push=AYg5qPKG7Igyts8WXX3V7xOx09WcSyWFURtYOkezlSQEXUylrWmLZXgxhrttlDFgerSsQSsZpz7yDLamjcXDBKUs1k_qKlbeal8iDA
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 249E
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDojz4xuEAMGBdWrJmW0x7s&google_cver=1&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDojz4xuEAMGBdWrJmW0x7s&google_cver=1&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S5_35Diw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S5_35Diw
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLjS9Bhw4oZoZNHRP8GHTSomhQVROZCSElnoGiWuKRZsuo9eXUxpq4ADAUKr71DySLkqxR0RPH4KbrQQbW1pWLKA8S5_35Diw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 249E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGS93ZreOH88Quik3N2hKCc&google_cver=1&google_push=AYg5qPLGrPp5Sb_v7f50UUsPgPZrHm6yysXM_7rELnQhxvDn58X_j7IWqMFvyXXPPBHoqkiFZcaSMNK7hIRr0b89pb2E2o6KysO8WA
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLGrPp5Sb_v7f50UUsPgPZrHm6yysXM_7rELnQhxvDn58X_j7IWqMFvyXXPPBHoqkiFZcaSMNK7hIRr0b89pb2E2o6KysO8WA&google_hm=D2ekCDJCytMfvR4h5NgywA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLGrPp5Sb_v7f50UUsPgPZrHm6yysXM_7rELnQhxvDn58X_j7IWqMFvyXXPPBHoqkiFZcaSMNK7hIRr0b89pb2E2o6KysO8WA&google_hm=D2ekCDJCytMfvR4h5NgywA==
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:56 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLGrPp5Sb_v7f50UUsPgPZrHm6yysXM_7rELnQhxvDn58X_j7IWqMFvyXXPPBHoqkiFZcaSMNK7hIRr0b89pb2E2o6KysO8WA&google_hm=D2ekCDJCytMfvR4h5NgywA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
kdud3u02g2q5vtoqhv9r40ds7t9cpnke
pixel
cm.g.doubleclick.net/ Frame 249E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzN5_xNkdBUNAwoT2Rqw094I2e2IGZK-NvneX3gAj9sB2EYcP9A_40OPwtRxrK1oY01zrrqwPGKjMbm0f5XDVdMSTnpxHwCg
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzN5_xNkdBUNAwoT2Rqw094I2e2IGZK-NvneX3gAj9sB2EYcP9A_40OPwtRxrK1oY01zrrqwPGKjMbm0f5XDVdMSTnpxHwCg
date
Thu, 14 Oct 2021 05:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 249E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPK5kQ6JgvlAQ-jG8UmhzPywbpW9Try4f35gggpXIE8vdtsQN2DqYxDPr1ScvkjUyEblU2s...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKNlYtSy04TE0z&google_push=AYg5qPK5kQ6JgvlAQ-jG8UmhzPywbpW9Try4f35gggpXIE8vdtsQN2DqYxDPr1ScvkjUyEblU2siqgbvEwnIWoNwMvJZBdnsi2IvIQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKNlYtSy04TE0z&google_push=AYg5qPK5kQ6JgvlAQ-jG8UmhzPywbpW9Try4f35gggpXIE8vdtsQN2DqYxDPr1ScvkjUyEblU2siqgbvEwnIWoNwMvJZBdnsi2IvIQ
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKNlYtSy04TE0z&google_push=AYg5qPK5kQ6JgvlAQ-jG8UmhzPywbpW9Try4f35gggpXIE8vdtsQN2DqYxDPr1ScvkjUyEblU2siqgbvEwnIWoNwMvJZBdnsi2IvIQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 249E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_...
0
0
pixel
cm.g.doubleclick.net/ Frame 249E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC_OqLvF24zZgAR0qUZMs54&google_cver=1&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoS...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC_OqLvF24zZgAR0qUZMs54&google_cver=1&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoS...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoSLM9LfPX2DPA9w&google_hm=3abf4206829fcdf9d480...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoSLM9LfPX2DPA9w&google_hm=3abf4206829fcdf9d480e5c1
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 14 Oct 2021 05:09:57 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI9qb0EIYo5Doa3-8nYvUa28ipYTf-MwDTQLl6i-FikYdgOiav7UYnhyxkmx1_dnYe_njLx3ZUaVwRkMKDoSLM9LfPX2DPA9w&google_hm=3abf4206829fcdf9d480e5c1
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 249E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ly-D43HGf6X6sGxmf033bWdtaaL_HhfEXB5ZrvTF8qewYXM5qJdiwu9R-bG6TY1cErl7ld
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/10774078/1632247291206/ Frame AD49 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10774078/1632247291206/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
e2bb96ba8c0235c8edc63ca18df0e08d7309a2f2e8fddedd954a4101f1926ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10774078/1632247291206/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
3720
date
Wed, 13 Oct 2021 09:01:05 GMT
expires
Thu, 14 Oct 2021 09:01:05 GMT
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
72532
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 73E9 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGNe3eym55ZPjtWWJVSBprBuJT4WAKamHb2Rod-AKKz2izgFUv03ejDlDfivhcj-ZXQleu2SJuor355JBAYg_USfigjpxpMXBDFCXlVtmGeZxzl-KKD7KUWEphGL-o3R-I58sf_NRW90VXdWgF_VxVLpq4&sai=AMfl-YRLMcnsC9Na8U35U5Eeh7lsDUkhWuQpgGSFQNqd-qtPIYx4H2p9OASOiFuYJkhl2Vu9R1qCuF3g6sYgqJHlPYlHEDpACbG7wuY&sig=Cg0ArKJSzBpmwGH0mlJcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=481&cbvp=1&cstd=475&cisv=r20211011.81162&adurl=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2813 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 13 Oct 2022 11:05:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EA34 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 08:58:57 GMT
expires
Thu, 14 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72660
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2813 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba0519c64ff7534f0f88226feb2dc73d05fb73b6355dd09281a8fb8ff4c3b57f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://static.vidy.com/
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 14:59:02 GMT
x-content-type-options
nosniff
age
223855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 14:59:02 GMT
montserrat-400.woff2
static.vidy.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/fonts/montserrat-400.woff2
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.vidy.com/0.38.5/embed.min.css
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-guploader-uploadid
ADPycduDc6Oih4KsIXvka_288_SZs5NZsymjDAwL6eo34XJ5sOp-xf8OdErSY1Cqrq5ykDyylHR8eglFeN3rCLKtayEy52QgMw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
content-length
13248
last-modified
Fri, 16 Aug 2019 21:18:32 GMT
server
cloudflare
etag
"cdd5aad3fd6aaa1b80d5119924cd0d52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=QsfZfg==, md5=zdWq0/1qqhuA1RGZJM0NUg==
x-goog-generation
1565990312626694
access-control-allow-origin
*
content-type
font/woff2
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age= 31536000
x-goog-stored-content-length
13248
accept-ranges
bytes
cf-ray
69de4c69bd5e21b7-DUS
expires
Fri, 14 Oct 2022 05:04:33 GMT
montserrat-300.woff2
static.vidy.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/fonts/montserrat-300.woff2
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.vidy.com/0.38.5/embed.min.css
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
469897
x-guploader-uploadid
ADPycdtpu-47wlgDNNfzLwkYhCYtIWMAhcZDbGYHRXtihB22sPu9Nfk0k0jvMvVtBXpMfukBl1ubb3h9S4fXeaYUeog
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
content-length
13080
last-modified
Fri, 16 Aug 2019 21:18:32 GMT
server
cloudflare
etag
"de24050b75ebfbbd133cdc9b72c42f27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=Lybbjw==, md5=3iQFC3Xr+70TPNybcsQvJw==
x-goog-generation
1565990312627687
access-control-allow-origin
*
content-type
font/woff2
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31536000
x-goog-stored-content-length
13080
accept-ranges
bytes
cf-ray
69de4c69bd5f21b7-DUS
expires
Tue, 13 Sep 2022 02:46:43 GMT
montserrat-500.woff2
static.vidy.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/fonts/montserrat-500.woff2
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.vidy.com/0.38.5/embed.min.css
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
469897
x-guploader-uploadid
ABg5-UzOqhLUP_9ur2htVQrfGt_O1AY2rqSezeyTDNOR-B3MvoBlkCmclWRkqYIUlnRH5-1HCYEbV1Mwi-FE9w48Zd8Mc_fMyw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
content-length
13248
last-modified
Fri, 16 Aug 2019 21:18:31 GMT
server
cloudflare
etag
"99b4803ab7e53e3d5c2db534a3828caa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=VvdztQ==, md5=mbSAOrflPj1cLbU0o4KMqg==
x-goog-generation
1565990311428633
access-control-allow-origin
*
content-type
font/woff2
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31536000
x-goog-stored-content-length
13248
accept-ranges
bytes
cf-ray
69de4c69cd6821b7-DUS
expires
Sat, 23 Apr 2022 05:19:02 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 3697 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
asyncspc.php
newrevive.detik.com/delivery/ 		1 KB
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncspc.php?zones=3717%7C3718%7C1514&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F
Requested by
Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
aa1f9650cbaa2acb2488585410c14462eb99a632505382252bd65e75ca9a6a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
revive4
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
x-xss-protection
1;mode=block
expires
0
opensans-italic.ttf
cdn.haibunda.com/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.haibunda.com/fonts/opensans-italic.ttf
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
static6 /
Resource Hash
bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin
https://www.haibunda.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 07:47:27 GMT
server
static6
cache-status
HIT
etag
"5db2a88f-960c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
accept-ranges
bytes
content-length
38412
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner
www.haibunda.com/api/ 		222 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api/banner
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
newsfeed2
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined; dtklucx=gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93
content-length
2
:path
/api/banner
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
newsfeed2
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish4
cf-ray
69de4c6aaa02fadc-DUS
x-xss-protection
'1;mode=block'
banner
www.haibunda.com/api/ 		30 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api/banner
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
parallax1
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined; dtklucx=gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93
content-length
2
:path
/api/banner
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
parallax1
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish2
cf-ray
69de4c6aaa04fadc-DUS
x-xss-protection
'1;mode=block'
banner
www.haibunda.com/api/ 		12 B
88 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api/banner
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
promobox
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined; dtklucx=gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93
content-length
2
:path
/api/banner
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
promobox
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish1
cf-ray
69de4c6aaa06fadc-DUS
x-xss-protection
'1;mode=block'
banner
www.haibunda.com/api/ 		132 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/api/banner
Requested by
Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
accept-action
newsfeed3
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined; dtklucx=gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93
content-length
2
:path
/api/banner
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=utf-8
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept-Action
newsfeed3
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
"max-age=31536000; includeSubDomains" always
content-type
application/json; charset=UTF-8
s
fe-publish2
cf-ray
69de4c6aaa07fadc-DUS
x-xss-protection
'1;mode=block'
image-icon.png
www.haibunda.com/images/ 		716 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haibunda.com/images/image-icon.png
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a033d8f85ef60fc0f1b2b6dbd87fbdd2ffedbd29749937de47ee533071f63c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Request headers

:path
/images/image-icon.png
pragma
no-cache
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188195314]]; __asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined; dtklucx=gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
716
x-xss-protection
'1;mode=block'
last-modified
Tue, 07 May 2019 04:15:02 GMT
server
cloudflare
etag
"5cd10646-2cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
s
fe-publish4
accept-ranges
bytes
cf-ray
69de4c6aca1ffadc-DUS
expires
Fri, 14 Oct 2022 05:09:57 GMT
partner
sync.search.spotxchange.com/ Frame FA16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC1_93RFsj_X2CRNbmvS4TE&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC1_93RFsj_X2CRNbmvS4TE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhivg6GyATAB&v=APEucNWG08TqXJ8IRMaji4sfxv5deyuSKSBS_mA-d3rcer0oS497DnWjRigS-TLl4dBZVw1Urs3SnqqxwAn2RV-NXwLT0h09aLoZy_cDDf5tKQ_mibeeLfzJHbOttIcWsZ9Flo1XU-8VyiXlP7cjOekcrZvqJOpocQxcKWtkU60esgamYVgPuc4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
17
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC1_93RFsj_X2CRNbmvS4TE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA16
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Zjg2ODhkNDktMmNhYy0xMWVjLThmYjYtMWVlNWI5ZTEwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Zjg2ODhkNDktMmNhYy0xMWVjLThmYjYtMWVlNWI5ZTEwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhivg6GyATAB&v=APEucNWG08TqXJ8IRMaji4sfxv5deyuSKSBS_mA-d3rcer0oS497DnWjRigS-TLl4dBZVw1Urs3SnqqxwAn2RV-NXwLT0h09aLoZy_cDDf5tKQ_mibeeLfzJHbOttIcWsZ9Flo1XU-8VyiXlP7cjOekcrZvqJOpocQxcKWtkU60esgamYVgPuc4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 14 Oct 2021 05:09:57 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Zjg2ODhkNDktMmNhYy0xMWVjLThmYjYtMWVlNWI5ZTEwNDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
38
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame FA16 		0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhivg6GyATAB&v=APEucNWG08TqXJ8IRMaji4sfxv5deyuSKSBS_mA-d3rcer0oS497DnWjRigS-TLl4dBZVw1Urs3SnqqxwAn2RV-NXwLT0h09aLoZy_cDDf5tKQ_mibeeLfzJHbOttIcWsZ9Flo1XU-8VyiXlP7cjOekcrZvqJOpocQxcKWtkU60esgamYVgPuc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 87AE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 08:58:57 GMT
expires
Thu, 14 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72660
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 73E9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2316b14ef293b691445698de141a8bc32881e5f7c050d80a389022b842a575d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxXHD01V0c3LpXF944AEqYp4tcoFlcMEta6131VHSp94rDW287oetXaPpUTIIymHv7X3UybPKiKXsW7f56w64g2ArUaJ0Y6_EO4Bdiag4QWdr29rkz8gUJl2tPgnpsASqB9Fht22ezwTYuRaTfQuxmi0unT5LCj7tV_bEMLzEqeqTWFzDfwQ7O8qTWGF
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHD01V0c3LpXF944AEqYp4tcoFlcMEta6131VHSp94rDW287oetXaPpUTIIymHv7X3UybPKiKXsW7f56w64g2ArUaJ0Y6_EO4Bdiag4QWdr29rkz8gUJl2tPgnpsASqB9Fht22ezwTYuRaTfQuxmi0unT5LCj7tV_bEMLzEqeqTWFzDfwQ7O8qTWGF
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.KYXuLLvT_bk.es5.O/d=1/rs=AJlcJMyCGyJJhyeSqlGOKkzppHcX-jSKFA/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-21dB/v+JHx7rdRv0D5FkuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-21dB/v+JHx7rdRv0D5FkuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-21dB/v+JHx7rdRv0D5FkuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-21dB/v+JHx7rdRv0D5FkuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXHD01V0c3LpXF944AEqYp4tcoFlcMEta6131VHSp94rDW287oetXaPpUTIIymHv7X3UybPKiKXsW7f56w64g2ArUaJ0Y6_EO4Bdiag4QWdr29rkz8gUJl2tPgnpsASqB9Fht22ezwTYuRaTfQuxmi0unT5LCj7tV_bEMLzEqeqTWFzDfwQ7O8qTWGF
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHD01V0c3LpXF944AEqYp4tcoFlcMEta6131VHSp94rDW287oetXaPpUTIIymHv7X3UybPKiKXsW7f56w64g2ArUaJ0Y6_EO4Bdiag4QWdr29rkz8gUJl2tPgnpsASqB9Fht22ezwTYuRaTfQuxmi0unT5LCj7tV_bEMLzEqeqTWFzDfwQ7O8qTWGF
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.KYXuLLvT_bk.es5.O/d=1/rs=AJlcJMyCGyJJhyeSqlGOKkzppHcX-jSKFA/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xKXPuj0ZhJVzJEzYtAWRIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-xKXPuj0ZhJVzJEzYtAWRIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-xKXPuj0ZhJVzJEzYtAWRIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-xKXPuj0ZhJVzJEzYtAWRIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A34C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTxT6fw08XP-oNI74wGsFfgksMNtxUbB6TUlGgF1iW-34GmU6EUw4ZE-EcdrNRo8Ww_y2SqlqRI26gGGwK5cYwNdvZl27Kp2nZk6_N3NbcrJdNQ8SKaQ&sai=AMfl-YRQHtAan2LpJjgyIVfNkDRweXSlHcmuEF-UsE-FwPodt6JGt_whh8YdU-2KLTX9Mm6Ft8NS_cTdziIAPYAsUfbWft-y-RVBiPrG_bVE-5R8tqhBmNj-oXGm2g&sig=Cg0ArKJSzAtujrgTrUKUEAE&cid=CAASEuRoeE_OdsSQiEmz0uk1xikWKg&id=lidar2&mcvt=1114&p=0,0,254,970&asp=268,315,522,1285&mtos=0,1114,1114,1114,1114&tos=0,1114,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3438090239&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634188195831&rpt=750&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
64a9c9c3-a808-4bff-8ff1-a142213ed240_169.jpg
akcdn.detik.net.id/visual/2015/07/03/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2015/07/03/64a9c9c3-a808-4bff-8ff1-a142213ed240_169.jpg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
179953b4bf349ab70636404d5e9f23e72b9d290013c8fe4fb104b6612f9cf0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static1
cache-status
HIT
etag
W/"88f1c06db2f67c62a777c14c4ddb3ff41c3395e5"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
jetsun-pema-2_169.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/jetsun-pema-2_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
2a77abe7a0d038971e13c9601e4163ea7151ca08a59d1fac8a3e3b79139c5efa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static8
cache-status
HIT
etag
W/"d21112cd7b95627f483de6bcf77421350711a8cf"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
0ff3bbf3-c072-4270-bbfd-c7650e809281_169.jpeg
akcdn.detik.net.id/visual/2020/03/03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2020/03/03/0ff3bbf3-c072-4270-bbfd-c7650e809281_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
1c7d2ae52ffa906c1ef4f19b00b4ea83f983cb04a546ab7da56af735da9b5d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static2
cache-status
HIT
etag
W/"1d85aca1e0cbb722f79d9598eb174142eb7e22cf"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
riris-dan-fara_169.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/riris-dan-fara_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
dcd5c50c7fa8589fb213d6bb5d527f38375a62721b13da093b05a69e6579225c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static14
cache-status
HIT
etag
W/"150a5c8601717c8203cd149610290f8c8a17e8a6"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
kehamilan_169.jpeg
akcdn.detik.net.id/visual/2020/12/22/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2020/12/22/kehamilan_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
c1dde0b7a3aa7504eabe806091dec8f8d930cc87d2bdfc4e24284d7ee6f8d92b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static2
cache-status
HIT
etag
W/"caaa427bb35b61ef5bdc15b2260e456fb570a902"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
kesehatan-mental_169.jpeg
akcdn.detik.net.id/visual/2021/10/14/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/14/kesehatan-mental_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
dbb791f38ce0f0ac85eb946f0a6d92ffadc5ff94d8f314831f8b768d7994a4ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static12
cache-status
HIT
etag
W/"ca0f03ce77210043a4c76e7232ab460fb292a836"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
bayi-menangis_169.jpeg
akcdn.detik.net.id/visual/2021/06/10/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/06/10/bayi-menangis_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
3441c5afb4d1bd03301a3443bdf1341b0c4b34ae7a36a7056048db6674f81b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static14
cache-status
HIT
etag
W/"28c772d65a6de3da0fa672d6dbd309ebc4cf2f10"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
ilustrasi-pasangan-1_169.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/ilustrasi-pasangan-1_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
6c84aaf9164437c7c985e619c3f3dc82c38ec9ef79ccdcae3587ac406a2dcae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static12
cache-status
HIT
etag
W/"275b153a5e946e9c4ffbad02ce8e7854ee57215a"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
kusthini-harjono-sigit-ibunda-maia-estianty-7_169.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/kusthini-harjono-sigit-ibunda-maia-estianty-7_169.jpeg?w=750&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
3b726b81d83981219300f256c6124872917a5af37d0373b430a4fc81ad806e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static7
cache-status
HIT
etag
W/"cdf87df09514f272fb391b63300fd2c9bb4195c3"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
audy-item-dan-dokter-cissie_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/12/audy-item-dan-dokter-cissie_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
4db4865c38493fce073e6be0c245928053ae5a6e31fd69f3a668f1c3a60eca9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static10
cache-status
HIT
etag
W/"192a1e89b13e395860e47ff99be04816174bb771"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
4d95278d-41fc-44fa-9d2f-3bf70b15688b_169.jpeg
akcdn.detik.net.id/visual/2019/07/14/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2019/07/14/4d95278d-41fc-44fa-9d2f-3bf70b15688b_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
065c9eac1ba00b9849c2a9f96e1d9998674a6eecb2eddd1aa74e38f1fa03869a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static2
cache-status
HIT
etag
W/"0aff28f18ae78c363c8ad17a7dfaa5d6821e48ed"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
a03b54ea-e102-48a8-bfbd-112e030f102b_169.jpeg
akcdn.detik.net.id/visual/2020/02/20/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2020/02/20/a03b54ea-e102-48a8-bfbd-112e030f102b_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
109b90efdf7f8b83f9f4c8fc2fe3a857eb697e85ab0188aebb5fc4b45a8d7475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static6
cache-status
HIT
etag
W/"7925cb44150d20ff48aa3d6f324257c340f983a9"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
ilustrasi-wanita-pakai-skincare-atau-perawatan-kulit_169.jpeg
akcdn.detik.net.id/visual/2021/09/21/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/09/21/ilustrasi-wanita-pakai-skincare-atau-perawatan-kulit_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
48ea034f71c76941fccc590dcccf15d96bc08420a08d2888ab94548c3e271c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static10
cache-status
HIT
etag
W/"c62d798c539f10003986892551abaa5786b76423"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
chimy-wanita-ri-di-finlandia_169.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/11/chimy-wanita-ri-di-finlandia_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
001d81224ef63263b78bef8004b51e2f23453c0832e67955f1e8012e366a8a26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static6
cache-status
HIT
etag
W/"da794248743b5d73819dffd89535570139f6b915"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
nasi-goreng_169.jpeg
akcdn.detik.net.id/visual/2021/10/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/12/nasi-goreng_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
856da369b5760a486d9b07f839f498bec08ac2cbf160c9aaffce4be21b2372f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static8
cache-status
HIT
etag
W/"e368c4fb42fbf899b63b4239a02f39987bea99e7"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
hometown-cha-cha-cha-1_169.png
akcdn.detik.net.id/visual/2021/10/13/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/hometown-cha-cha-cha-1_169.png?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
62867eb9be3a6f0b1386078c28284c2bc90bb6aae3b05b26b0e2a4e043d06189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static2
cache-status
HIT
etag
W/"19c31c0466c7ebbbb61240172bcbac20c0b683ba"
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
ilustrasi-membersihkan-lantai-1_169.jpeg
akcdn.detik.net.id/visual/2021/10/13/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/10/13/ilustrasi-membersihkan-lantai-1_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
f8734fbb48dc502c414b373382d19ef317596ec98c2c03f56dc42185810a1798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static8
cache-status
HIT
etag
W/"18fa4adc4e6ed4c50b926bd992fa56bed0cd63d6"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
tanaman-hias-gantung_169.jpeg
akcdn.detik.net.id/visual/2021/06/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/visual/2021/06/01/tanaman-hias-gantung_169.jpeg?w=310&q=90
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
static14 /
Resource Hash
30b7d25315b2e970c9ab5fa13337193baaf4bba0536f69de82687ed6f261cc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
iresizer
ir-static12
cache-status
HIT
etag
W/"e6cf03d090ab54ab09543d4620f92491a58470f3"
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
server
static14
expires
Thu, 31 Dec 2037 23:55:55 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 7C4F 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 06:37:40 GMT
embed.iframe.js
static.vidy.com/0.38.5/ Frame F939 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidy.com/0.38.5/embed.iframe.js
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1632151636
age
2022092
x-guploader-uploadid
ADPycdscVe-GmHSZ5yCKDOP4yy7whBGTSTGupTxY9hSFrdRchZ_gIk3MU5XJcFhN8TYKYtex7TvtL_awGidl9L5v3wI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
vary
Accept-Encoding
last-modified
Mon, 20 Sep 2021 15:27:25 GMT
server
cloudflare
etag
W/"45a6ee3245fe51114660172b9c7f7876"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-goog-hash
crc32c=yhA8bg==, md5=RabuMkX+URFGYBcrnH94dg==
x-goog-generation
1632151645266389
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Type, *
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
23957
cf-ray
69de4c6cb8d121b7-DUS
expires
Tue, 20 Sep 2022 16:39:56 GMT
lg.php
newrevive.detik.com/delivery/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3717&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=afd3d9cb50
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
server
revive4
x-cached
MISS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
x-xss-protection
1;mode=block
lg.php
newrevive.detik.com/delivery/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3718&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=a9c895557d
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
server
revive4
x-cached
MISS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
x-xss-protection
1;mode=block
lg.php
newrevive.detik.com/delivery/ 		43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=1514&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=03b435c591
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
server
revive4
x-cached
MISS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
x-xss-protection
1;mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4B8B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 13 Oct 2021 11:05:49 GMT
expires
Thu, 13 Oct 2022 11:05:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
7aea3848707ee5be685ed8455e4eee89.js
s0.2mdn.net/10774078/1632247291206/ Frame AD49 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10774078/1632247291206/7aea3848707ee5be685ed8455e4eee89.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247291206/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
2bebd66fa14c28326d3bbeed6f458b834ff39ca2530282bb42dad895834712db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10774078/1632247291206/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17205
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 09:01:05 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		341 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=68723348199892&correlator=445758976804521&output=ldjh&impl=fif&eid=31063082%2C31063114%2C31061165%2C31062525&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=4905536%2CHaiBunda_desktop%2Cnewsfeed2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3Dnewsfeed2&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie=ID%3D1c3eed9ae069ae02%3AT%3D1634188195%3AS%3DALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ&bc=31&abxe=1&lmt=1634188197&dt=1634188197907&dlt=1634188194108&idt=1423&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=2701&adks=3865697788&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x4961&msz=750x61&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1803330638.1634188196&ga_sid=1634188196&ga_hid=870493493&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
373d4cc96c29b21f3ee2628fadec8662a7524ea9120546ab251b56cd028ce2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
asyncspc.php
newrevive.detik.com/delivery/ 		401 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncspc.php?zones=%7C%7C%7C2679&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F
Requested by
Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
88bce0a743b44a1afe408f0d8e90d1d04fdf664ed59ae39ab2fb0b15fabc6c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
revive4
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.haibunda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
x-xss-protection
1;mode=block
expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7F60 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 13 Oct 2021 11:05:49 GMT
expires
Thu, 13 Oct 2022 11:05:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impl_v80.js
www.googletagservices.com/dcm/ Frame D45D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v80.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 10:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
498547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15821
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 14:32:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Oct 2022 10:40:51 GMT
CASans-Regular.woff2
s0.2mdn.net/sadbundle/1753477455059412092/ Frame 7C4F 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1753477455059412092/CASans-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
641527a5cf4838c96126427f0451507debed6fcabe8f01403e8ce00aa6975422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:35:47 GMT
x-content-type-options
nosniff
age
56051
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22424
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 10:59:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 13:35:47 GMT
CASans-Bold.woff2
s0.2mdn.net/sadbundle/1753477455059412092/ Frame 7C4F 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1753477455059412092/CASans-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
942eb33e5f9459667b4fcdb7ddfad2cea5180f44d5e1836782a539639cb740a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:19:58 GMT
x-content-type-options
nosniff
age
57000
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22700
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 10:59:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 13:19:58 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 54AA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
events
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/events?uid=lkufpz3o.v3idc2ydg
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pixel
cm.g.doubleclick.net/ Frame EA34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPJtB3mc6bxj0uFC3dFmPe9CecIy4hxUoxru-Af6K9iff6RWZpJFJP7tIYkiovhuK3W2CGI...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKUkotMi03R0pO&google_push=AYg5qPJtB3mc6bxj0uFC3dFmPe9CecIy4hxUoxru-Af6K9iff6RWZpJFJP7tIYkiovhuK3W2CGIzz9Wkk3qo8tWmr1VzFGKrnSnp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKUkotMi03R0pO&google_push=AYg5qPJtB3mc6bxj0uFC3dFmPe9CecIy4hxUoxru-Af6K9iff6RWZpJFJP7tIYkiovhuK3W2CGIzz9Wkk3qo8tWmr1VzFGKrnSnp
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKUkotMi03R0pO&google_push=AYg5qPJtB3mc6bxj0uFC3dFmPe9CecIy4hxUoxru-Af6K9iff6RWZpJFJP7tIYkiovhuK3W2CGIzz9Wkk3qo8tWmr1VzFGKrnSnp
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame EA34 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkT5cjufcMxO6-cMYrxMMblQLKHjgs
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 2813 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcUxeGozNY5D2AjvvogsAkfQll-vmhXqsRFURhY43wU4e4SPorXMqWkZuZrdk4wRGLuwEXmFLdsroVxAyE-2geAvjAERHPaYOsYM4uwsFp9dLW-Vm5h3omCHXqlD5kNpQ2Y9FyeF5ZBBRQu2Y0jogmLzHOyEPp0gIPcAfxd0-_kXn2AF6DDNrdsOfNv65w4D9jdIxWdoJh0sJsyrKsCmBu0zFlEYbidCTOnNUJRg0fWORj72pBOAxuthfpvHdTx-DIVQYeppRR5rJg73cKFvhWhDp2RS0NmEsyFUmJ9f9jNciWEN81md_sR1rWJflz5_s-Echyljg3r4Lz39x_q4Yl621_JyrBKiX2buydCU9X_llUGeXHW4VLDZ33xLQTceX1UJHiT5uSN-cajeZM20qDh0lHizOpUOXsLh1cVMxvehSm3BoMu8vwq2N2fxesq9UXPXAdL09ATMNU-LnH0So5TxUPCUgh7Txp5hduY5tzqyLDbVIWkAyJJbvBAQKvnjAzY8Ask437N93qWod9Pnjuda0YnwDGvaF6hnxr7MEoG8mHhxU8YJdUHG7j6xnXAyd6Y6MmU7denMcs4aPU6UoPoc_URDAH9DBjet2cflzVJ60XdmkuZburhvv8iDq_Wg6kEtuwGFFUhnbHcC_nPgIAp0jX_65YDndGq9J02LDQCBda8PIfAccpt6zSlhtMzIY1x11p0NdBStoX8X_9GRnOd4eEa705osTUYLWeE9QeaH7iXJGrCdXjf_jQwgiitXTLkdB0uCkF_ZtqiPBiYttK8TlSpqI9GRZgwlyCJD81Nr8aOAXNAG8ihZ9f_gLQXLvOJLBB8uMaR-mIeLBgFSDpDF26dF-iTOX_nFg5Yl5xJKDY6I8S8iPH4RXjQFnYxNcvJL5G5Ww1Qq_z-2IRQkSsWgmRpYJsDl_ZGeBgF9T_1mXWcneNAiSHcpnVRQkvGKfFskK316j3OHHGwGTKZYvYZFVOPMfgVvFg0BjC09B5qKL_6K-4khk6lASuGrdtXTyU9lCALO3npgk5SR4Z6dHyELZdh2I4TKTOJptoraobkIZtLbPSyYPgAzcCCpz6RdIzS6HrxbAeIT854JEky5f2KDQP4iXhl8ukjckm59s1Zu39fCso7shZUgi6-hsrW9WopOUoqW0HBcRlV0P-9TuC9s840txnJYRvOov53nB3NNdMkxId8r2pvzhhC91ISSOPwSs0ZaPnOkXBa0HFCBWJcg&sai=AMfl-YTjA2KFYIdc973nmY0w9_emZ4mYP6rYNlGArjZnZC6zDY1LAfc7xOkFo9vh9UGCo2b7BmBhKIW6cnk-M_OVhaeGc8sV5QTwWH2VnBQsQm9_MWhQ5eYDYa2-BCqyJZ8J-3JwTNKaw5mI6W8SHCNa9hYCkGF1Xg&sig=Cg0ArKJSzPx0_N4Ip0nEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1471&vt=11&dtpt=1187&dett=3&cstd=274&cisv=r20211011.67965&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
8a93acd41770df562e6b15034558b1de.png
s0.2mdn.net/10774078/1632247291206/media/ Frame AD49 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1632247291206/media/8a93acd41770df562e6b15034558b1de.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247291206/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
6e5b59b8546c78c1b8a7683b7d6bc3784e7ea4005785f6e2ad2c40096c198f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10774078/1632247291206/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:00:08 GMT
x-content-type-options
nosniff
age
72590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40153
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 09:00:08 GMT
686aaeb7afb5266ed94a8b6b114eeaed.svg
s0.2mdn.net/10774078/1632247291206/media/ Frame AD49 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1632247291206/media/686aaeb7afb5266ed94a8b6b114eeaed.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247291206/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
c35a8136a3c16c52265f3931d5304c9a932b58d366218afbd031fc300efb8695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10774078/1632247291206/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3102
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 09:01:06 GMT
a55888eff24d1e07395d288bcd22afc0.svg
s0.2mdn.net/10774078/1632247291206/media/ Frame AD49 		3 KB
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1632247291206/media/a55888eff24d1e07395d288bcd22afc0.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247291206/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
4cd018cf2827d277a354427d936c171099fa5d2fad6cb64a670f8a7bb58b5424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10774078/1632247291206/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
831
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 09:00:08 GMT
53129dad39b5c34cc29089587387d408.svg
s0.2mdn.net/10774078/1632247291206/media/ Frame AD49 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1632247291206/media/53129dad39b5c34cc29089587387d408.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247291206/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
6c7e12ddef2af625e2132ca0494f7363668b3538798dffbde86cd5533e818749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10774078/1632247291206/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1320
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 09:01:06 GMT
fc83f287fbe43fd0e229fc7bf762d2df.svg
s0.2mdn.net/10774078/1632247291206/media/ Frame AD49 		931 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1632247291206/media/fc83f287fbe43fd0e229fc7bf762d2df.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1632247291206/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
f7d68350eaa58944f3129909e03b7baeb6f26a58e84a3cb1cbae567639cd66fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10774078/1632247291206/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 09:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
492
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 18:01:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 09:01:06 GMT
texthash
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 		39 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/texthash
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d44dee0a0c9f45876377c99b2eb50b004ff165c7d06ae1db50aad49fa85f6a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=0; includeSubDomains; preload
accept-ranges
bytes
cf-ray
69de4c6ebb5121b7-DUS
content-length
39
B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNi...
ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/ Frame 3FC7 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
f009ec4220fd4306a2039c666b442dde20a1a93f869a5096835858390a8790d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmgDdcQualuJNDbbCOvrL1wF4bpbS2S9GUoeSI2Jocw0oq0zUXFVv4p2pYylR4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 14 Oct 2021 05:09:58 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
21453
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.gr.19.8.248.js
static.adsafeprotected.com/ Frame D45D 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.248.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/787359/56365162/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eebdf79938702147857b839ad40eb72d15039198a7037047f2594861b34c4968

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:05:10 GMT
content-encoding
gzip
age
1328689
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-amz-replication-status
COMPLETED
x-cache
Hit from cloudfront
last-modified
Tue, 28 Sep 2021 19:49:53 GMT
server
AmazonS3
etag
W/"5a63013af7144f483e91b9eaa7b84842"
vary
Accept-Encoding
x-amz-version-id
2gbG1pdI7EeodCyfWvQIwJrUYmsJozck
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
content-type
application/javascript
x-amz-cf-id
TzPx1vp7AaB1ycX6_vcKF8YtqY4D-L97kJK98Tofa4GEcydrMOm-QQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 591D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 08:58:57 GMT
expires
Thu, 14 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72661
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D45D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4839a7a93bcd618246824d7c455f73af72ec002b1f48ad6fe9d3d0fee4909dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 87AE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPIN_pE55CZzDVHmCHFw051wVDBfMmvp7IbmiN3tbaOsegtaM2JeGNDlREQAuhnnYTQnKqa...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKVVotMUstM1BWRQ==&google_push=AYg5qPIN_pE55CZzDVHmCHFw051wVDBfMmvp7IbmiN3tbaOsegtaM2JeGNDlREQAuhnnYTQnKqaCSIFzckoDBPMu8IFSkWR5FsuZwg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKVVotMUstM1BWRQ==&google_push=AYg5qPIN_pE55CZzDVHmCHFw051wVDBfMmvp7IbmiN3tbaOsegtaM2JeGNDlREQAuhnnYTQnKqaCSIFzckoDBPMu8IFSkWR5FsuZwg
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdKVVotMUstM1BWRQ==&google_push=AYg5qPIN_pE55CZzDVHmCHFw051wVDBfMmvp7IbmiN3tbaOsegtaM2JeGNDlREQAuhnnYTQnKqaCSIFzckoDBPMu8IFSkWR5FsuZwg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 87AE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAkOkfOI2HG1oMU5xiiOooRTAce7Bs
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
homepage
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=lkufpz3o.v3idc2ydg
Protocol
H2
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://www.haibunda.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
access-control-max-age
600
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
69de4c6f6c2621b7-DUS
homepage
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 		2 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=lkufpz3o.v3idc2ydg
Requested by
Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.202.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
69de4c6fdca221b7-DUS
content-length
2
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7C4F 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
21e0993849242f95333241957e64c5e8d1a720b80bee1b85a876f710b35db2b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4427
x-xss-protection
0
prod_studio_01_245_configurablemodule.js
s0.2mdn.net/879366/ Frame 7C4F 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_245_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
19d8ebd3fb98721f56f81064a3b6c8d9e34b9e679f5badd844f05ce9090f245a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10470
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 16:38:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 73E9 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGNe3eym55ZPjtWWJVSBprBuJT4WAKamHb2Rod-AKKz2izgFUv03ejDlDfivhcj-ZXQleu2SJuor355JBAYg_USfigjpxpMXBDFCXlVtmGeZxzl-KKD7KUWEphGL-o3R-I58sf_NRW90VXdWgF_VxVLpq4&sai=AMfl-YRLMcnsC9Na8U35U5Eeh7lsDUkhWuQpgGSFQNqd-qtPIYx4H2p9OASOiFuYJkhl2Vu9R1qCuF3g6sYgqJHlPYlHEDpACbG7wuY&sig=Cg0ArKJSzBpmwGH0mlJcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1576&vt=11&dtpt=1095&dett=3&cstd=475&cisv=r20211011.81162&adurl=
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
lg.php
newrevive.detik.com/delivery/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2679&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=3fd2242447
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
server
revive4
x-cached
MISS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
x-xss-protection
1;mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 2813 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAfGyOvvJZmRrNP_c5PIOSOfd-Jf6jqRF1ivWLJan75XR8QiwtqaKcJcAXtVfHitjFdRtVjfYTebzXRi4V8hjSTFHX6SuhUYALSxCcbQ5lJiWdVrF_Fw&sai=AMfl-YSMZ86Q4IhKNgyVb3J4qfk3XZn-vEVA4eRcfrfsiXY7roX-iILXehnP4lszuxkh0Jnn2oncKKNGCb9qmWxEKCJtS7WL739UwHlLv-3mWQp0ttnGdYDelpfTHH5V&sig=Cg0ArKJSzLbPfi4IugRxEAE&cid=CAASEuRoTDqSBTEEBFnbotPLTwu_EA&id=lidar2&mcvt=1059&p=0,0,90,728&asp=1110,436,1200,1164&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=528661791&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634188196136&rpt=1132&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7C4F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 05:09:58 GMT
skeleton.js
static.adsafeprotected.com/ Frame D45D
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/787359/56365162/skeleton.js?adsafe_url=https%3A%2F%2Fwww.haibunda.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5db6baf3f22821eedbe7509b80eb713c.safeframe.g...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
etag
"53fab767ecbd3bf07990b10246befbd4"
age
1419241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
date
Mon, 27 Sep 2021 18:55:57 GMT
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
sdvl55u3gOf_7D0FKP3a6NB0yrIrWuHKsWzB_2QwTMnFIbSnaj9zRw==

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame F141 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 18:55:08 GMT
content-encoding
gzip
age
4788891
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
content-type
application/javascript
x-amz-cf-id
uytUF_YxUpO183fCqzp3QvUu2O6kLhHzDnumxKwbRSUYu9H8ncWIRQ==
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 4B8B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 7F60 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
dt
dt.adsafeprotected.com/ Frame D45D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=1d050119-b022-306c-21fb-78cfe712f062&tv=%7Bc:qZym9P,pingTime:-3,time:331,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:278%7D,%7Bpiv:0,vs:o,r:l,t:330%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:332,n:330,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:278,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~1,1~0%5D,as:%5B72~300.250%5D%7D%7D,%7Bsl:o,t:330,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLMX8Dk+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C164%7C171%7C1721%7C173%7C174%7C18*.787359-56365162%7C181%7C182%7C183%7C184%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:58 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame D45D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=1d050119-b022-306c-21fb-78cfe712f062&tv=%7Bc:qZym9R,pingTime:-6,time:333,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:334,n:330,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:278,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~1,1~0%5D,as:%5B72~300.250%5D%7D%7D,%7Bsl:o,t:330,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLMX8Dk+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C164%7C171%7C1721%7C173%7C174%7C18*.787359-56365162%7C181%7C182%7C183%7C184%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.haibunda.com*&br=c
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:58 GMT
X-Server-Name
dt36.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
08182021-080434469-Support_DE_DE_300x250_300x250_ger_-_German.jpg
s0.2mdn.net/3392373/ Frame 3FC7 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/3392373/08182021-080434469-Support_DE_DE_300x250_300x250_ger_-_German.jpg
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
19c11f2f9f3da88f9dd21db8f62416d98f0699b3d840e078459b49f21aa74152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 20:37:55 GMT
x-content-type-options
nosniff
age
30723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49812
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 15:04:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Oct 2021 20:37:55 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/xfa/ Frame 3FC7 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f5f03283a2ab5031f878ceca90919fa76ea1bcd3561e8aa7cee07605c2a58b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4306
x-xss-protection
0
server
cafe
etag
9555938751654815151
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 19:43:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 3FC7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 04:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 04:56:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3FC7 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 05:09:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3FC7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoj2xJxNJSqvwHXTmBqByDbved1fCvCBmHrMod3zju1-xlwhDR5t3XerKq2wtdRXuxnBtGwWJ8N6ce8zopMkJpR44QTkVIwaijBV1QggW9pXhJv1Nrn0wqrhgvjY1ygPddWxDdJEScL3RXrqfgWwx9RgZhnm9MbgYOt_1uesEAfUN5jiY&sig=Cg0ArKJSzEGCWMACm2wrEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211011.60762&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3FC7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 13 Oct 2022 11:05:48 GMT
pixel
cm.g.doubleclick.net/ Frame 591D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuzLgcEWvvwatXaanx-911lTgJvK0Y1irK_DM4-apzw8q-85nPAft48rl9Jh7BAm1PYozjCMg2xqH1MTJpxFLCsB391bgGHA
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LzE5eaoXSI-NmPLo1opjTQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuzLgcEWvvwatXaanx-911lTgJvK0Y1irK_DM4-apzw8q-85nPAft48rl9Jh7BAm1PYozjCMg2xqH1MTJpxFLCsB391bgGHA
date
Thu, 14 Oct 2021 05:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 591D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPGSRHnFOHF-rFkjbT-KNNI&google_cver=1&google_push=AYg5qPKGAL_GtOMwrhWzF626Fj_cVJJGyt0ZbavTMmdaeJoyufFPVJ19RvjM_R4KqieoZqBc1YC...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdLMlQtQS1JNEFJ&google_push=AYg5qPKGAL_GtOMwrhWzF626Fj_cVJJGyt0ZbavTMmdaeJoyufFPVJ19RvjM_R4KqieoZqBc1YC3eBCdxPo6uMKYl724gIY4aVRqmg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdLMlQtQS1JNEFJ&google_push=AYg5qPKGAL_GtOMwrhWzF626Fj_cVJJGyt0ZbavTMmdaeJoyufFPVJ19RvjM_R4KqieoZqBc1YC3eBCdxPo6uMKYl724gIY4aVRqmg
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VRSEdLMlQtQS1JNEFJ&google_push=AYg5qPKGAL_GtOMwrhWzF626Fj_cVJJGyt0ZbavTMmdaeJoyufFPVJ19RvjM_R4KqieoZqBc1YC3eBCdxPo6uMKYl724gIY4aVRqmg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 591D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J85RWP76iN3oEA_HJmr3Zp7L7eCnuq1R97a-U
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame D45D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=1d050119-b022-306c-21fb-78cfe712f062&tv=%7Bc:qZymbg,pingTime:-2,time:420,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:440,bdZ:577,beA:1803,beZ:1805,mfA:2058,cmA:2060,inA:2061,inZ:2066,prA:2066,prZ:2074,si:2083,poA:2084,poZ:2103,cmZ:2103,mfZ:2103,loA:2137,loZ:2143,ltA:2223,ltZ:2223%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:278%7D,%7Bpiv:0,vs:o,r:l,t:330%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:420,n:330,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:278,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~1,1~0%5D,as:%5B72~300.250%5D%7D%7D,%7Bsl:o,t:330,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLMX8Dk+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C164%7C171%7C1721%7C173%7C174%7C18*.787359-56365162%7C181%7C182%7C183%7C184%7C19%7C1a,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:138,readyFired:true%7D&br=c
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:58 GMT
X-Server-Name
dt50.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame B683 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
1899249190206554857
s0.2mdn.net/simgad/ Frame 7C4F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1899249190206554857
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 22:00:03 GMT
x-content-type-options
nosniff
age
25795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16398
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 22:02:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 22:00:03 GMT
1949322470887641419
s0.2mdn.net/simgad/ Frame 7C4F 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1949322470887641419
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
c1aea2261aa8e610ebd3af70fd71329e3a4a87e3324a69fbaa7ed1b6e0f0f8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 22:00:03 GMT
x-content-type-options
nosniff
age
25795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70066
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 16:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 22:00:03 GMT
5231756504737337938
s0.2mdn.net/simgad/ Frame 7C4F 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5231756504737337938
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
a3d6a8f0f8a8692a7b97eaa4229ba2b8175f32afd45f9cd56fb17731bea2cd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=ezX7PV44Wr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 22:00:03 GMT
x-content-type-options
nosniff
age
25795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70277
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 16:19:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 22:00:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3FC7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoj2xJxNJSqvwHXTmBqByDbved1fCvCBmHrMod3zju1-xlwhDR5t3XerKq2wtdRXuxnBtGwWJ8N6ce8zopMkJpR44QTkVIwaijBV1QggW9pXhJv1Nrn0wqrhgvjY1ygPddWxDdJEScL3RXrqfgWwx9RgZhnm9MbgYOt_1uesEAfUN5jiY&sig=Cg0ArKJSzEGCWMACm2wrEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=133&vt=11&dtpt=132&dett=2&cstd=0&cisv=r20211011.60762&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310476198;dc_ver=80.232;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=2857193496;ord=b1s8bk;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgExxpLtnYe2VCraQ7_UPkNioiA718sLjZYjrocn-Dfrgv6DUARABIOD_5hxgleKQgqAHoAHFiOXTAcgBCakCaPHbpmd1sz6oAwGqBOgBT9CiCL_OJFWIwSTuuxIeTeZ2l8iV0lAjgA1Rfo0c0QmO5C0FCz-ItJuuOL2tVrtcWw3EM36V2Hy2bSfSy3zYBWN23iuUJ0u2ri--rDJbXMubhgecoUfycKUuDyNuCVMmrC66rLHlki6TjgVzfG5Itv6-yMLTGbhX6tNPrcB4KGkosY5dfoh95qovwWtCOzxK215oX4elNqtCRNFZ5q1b3s2dl6Q8NOZyQQ--yxuEsh8DiARuh096yWUng3ti2w8oguRFo3nfvEslbZQQ7ILyIJd72pl6qNOj0keIoZH-v1sHRT8pm6WglcAEvvXUmcoD4AQDkAYBoAZNgAej95qsAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOptvgM0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyngnn4gHPJOhHU8rfCsxDw%26sig%3DAOD64_0uNINuiXqyx7IxCTHaZsc00C6fJQ%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-BbsF_wPzcgFjP-DBEuD-1yaxMdAaGb_t2F8XNqDyEKoKwX3eK6w5TKi-9KCD2ipVje9nfP8XZYAFw0p65untNqmqBNvTn_3jZp4zPzfTSQD0ytxwykjfiQ9qQgn-rjdc7gW2IxDqXAoh7--Gof2-xYGMZG8A%26cry%3D1%26dbm_d%3DAKAmf-CQy_i0BcDLVANFlHAQW6Rdk83TlwvP_R4Dqksweh_JLl7vNSj5cN9HPJtGHghz2x4XouBebAGgbvJhuegQgSp_kpnTf5JoCbnDi1laS3LN2c23qcShyv-tkrj5wiiX4tg6w7PHZgJ3Hd3ZKCzk2qO6y2qHdptywLI_N7YYrojxvhsjtpelucWqWhgpmQMd-vA2UrdGu_RKrXcLp2dXpRblM4E-rebzVRPyXnqhDqJKI2-ysa16KlCv66QoSADFk65ED7fRdG7ZlM1g-rap83uswljMssy0S0u_P6BkJCWFtuJLmicEfppwXNTwSNnu6fCKDGDCulW0k99ujo0Qpa5p0J0bdErA6IjMSrm8ZOEQMeqo0D7rbx7IM2C4atKGjy8K4Dc5Udn3b20mSJp9PdkotAoekQwrXG805AgcoQg_XfTRZS5CBuKB2MN-f5fA5G3c8VhhgaxCprde94oOit8wz288Sw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.haibunda.com%2F$0;xdt=1;crlt=14y-ERyknh;sttr=164;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3FC7 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
377feb5f91d5c97cddcfc601fb257b66f215016e37393e9f80bb6c23703cf8b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4488
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F076 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 13 Oct 2021 11:05:49 GMT
expires
Thu, 13 Oct 2022 11:05:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
65049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ Frame D45D 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=1d050119-b022-306c-21fb-78cfe712f062&tv=%7Bc:qZymkX,pingTime:-10,time:1021,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1634188199146%7C%7C19cd696933d01276e0c683d0293f99d6%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C2d2d9a810e86446e8397aa37575ad996%7C%7Cc6528335b0b566044ad7b80009cd4021%7C%7C217afd47fa3d8fd75abf53d312afcc28%7C%7Ca217821b86468329e7b7cb337f62db90%7C%7C02b755feb5c1f9c2e5a01ebc4d6c4c5f%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1948,ecd:9,tsecr:215%7D%7D%7D
Requested by
Host: 5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
URL: https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:09:59 GMT
X-Server-Name
dt50.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
ca
choices.trustarc.com/ Frame 73E9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=2&w=300&h=250&c=digitas01cont2&js=pmw1&base=te-clr1-6cc916f6-ba33-42c5-8919-55a9706aa3d4
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=2&c=digitas01cont2&w=300&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-87.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
2f731cb31e345e9a72c731972763ddb117b2cc811c9159cac5ade1ce9b2669ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 09:36:50 GMT
content-encoding
gzip
server
nginx
age
70389
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
content-length
2469
x-amz-cf-id
awv0DG0D8V6QaynXlQZoaZ-uZNsZEIrxb3lFUzcchmx6_y0f5Ei6mw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 73E9 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=2&w=300&h=250&c=digitas01cont2&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=2&c=digitas01cont2&w=300&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-87.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 09:09:22 GMT
content-encoding
gzip
server
nginx
age
72037
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
tTBEK61_LrfQz-qnPyMawkw0g8TohuR-TX5cVRPMkFI47wD8u66eIQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 73E9 		43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=2&w=300&h=250&c=b949
Requested by
Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-87.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:59 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
gAHaIAeVTKpHH4q-DKSbZW5ySFsThqnautnJnTJnO2Nhzibfu3hr3Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3FC7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 05:09:59 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame F076 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
64ce28d421e4ca69a4a36f3dfbcb9500d8e5cad926bbf3926163140e7dab0cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 05:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8531
x-xss-protection
0
rum
www.haibunda.com/cdn-cgi/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.haibunda.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.haibunda.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__asc=66b4e10b17c7d34f6ab6890d862; __auc=66b4e10b17c7d34f6ab6890d862; _gid=GA1.2.1110583574.1634188196; _gat_UA-891770-244=1; _ga_LW7SH9Y4G8=GS1.1.1634188195.1.0.1634188195.60; _ga=GA1.1.1803330638.1634188196; _fbp=fb.1.1634188195688.2120743811; __gads=ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ; __dtmids=undefined; dtklucx=gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93; FCNEC=[["AKsRol-Vr1QdkxuaoEiZHXe6xTe_cZpz4wK8_Pin4Oca-HZFVHSHz--kKzaVlbOixK597o960bE9qtMRBvZ11YmYjWNvl1IF8JYizk5G0NGK9Rkr47NwJMOKP4FBYwcefs96uTdZKHmayKVyocwuIFAPnBIPXv1SCA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634188197677]]
content-length
58077
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.haibunda.com
referer
https://www.haibunda.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Thu, 14 Oct 2021 05:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.haibunda.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
69de4c76cc49fadc-DUS
vary
Origin
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 9BD0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js?31063114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 05:09:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3697 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTu7apLtnYYaoA8fV7_UP8OqI-AcAAAAAOAHgBAI&bg=!xcalxoLNAAbGFvHlxhY7ACkAdvg8WlCeVPlw7AlFv-0bx9HgkzwPrN5jA7xNqkuOIzGSdzIf0hFnbQIAAAW2UgAAAEtoAQeZAxypca3QLqMVtc-4bFWGxKaV1F11VvRvXnv6YbgveCD3ILJMvJ7os-fn_o3fb5OQarOG2Rk5OjL77csQmTbbe8fun4lDAMsoi4NQSAURsQxCUI9vhZDUfrpkbMfZhXbTIvc-v-KeCnRU24iU3vS4PlgpCMOQSBjJQX3o3Ay97OB5wT4J-f7VGPkBnjh-ZzEEnY33aV8QzMsCkJ_G22GST-T-vQblX23d-V4Vkq4wDAFLXubc3okQL--Be3lxGHXsfNLPwJZGl8rBj0uMz9h1HTz0ydUKNFlxSPi2R2d0lVHupn7guVF37cpv3E126BH_reQSa84k9zOZN_msVlO5g4Y8iJR0knCyjWgbvNrfFS230--29Zp1xkr2rbtGOGZYDTRwrL4ibFyp6Xo1vkzVeAEfYmb5sLUaWZlc47KDbLXPNakCdBcjQnaRB7AZFPGzmTTQtOzvOQ_gv0C4srhvS3bhUmkhOFWstfRkujth2nYVholQCzNmGgIobVjHE19v_37-roQPxpULNaOPOFxg75atxGZ-F39Fvl7pR8cKKJAOw-XNtJ2RQbE9geg6QQzqvZNL5SbKiKnmzYLGjIxZ86kOgAmv44NEQWLM2bReCoxunczduKja3ySJEd5JOO1rdb4DfNpSPbuBVDPRW1am5tQGI7VQ7qUbirXThLtirClMDnSBH-KNOf0FcA6HHA0Uga0DjjbPxuug_EZi-H7L7izovGYZjZXzzo1w2tzgZ4lqc5dXX4f_Cj79VeLy1WVAShmC132t4ZPQ8bFw4cpzmAvnl8R2WaU-ARzyLdKNVlNwNRmaxQ0IpnS0VYw0ISetWq0CwwmCwgldvGKEmGBk0rytBp2SMt7SGncLFn-_KpognO9MUTlaPcEkrVZj0XGFmKib6Q5HFbT97U7vIMceA2QE9957djKrGfcfcEsAYz2LDQ3zsehvzidAtHQPkG9i-EbgvYaJbL7cKOh-lq5ykONXyqa_QTRD54BHW2NBUsiDxAek3R8dQybG9mEVnFM6lbGCo3fkYmLdldI3GWdkmTfzRG49cDpnnRyDV2eL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A278 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 13 Oct 2021 19:06:00 GMT
expires
Thu, 13 Oct 2022 19:06:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 393E 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
41dbf38e2310c7bb4eeae5671e03216b85fe6ca1b5c1bb189fb671a868c357bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cmTTxBKR5DxanTnjKgz+mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.haibunda.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 14 Oct 2021 05:09:59 GMT
date
Thu, 14 Oct 2021 05:09:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-cmTTxBKR5DxanTnjKgz+mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54AA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9a1OpLtnYdzVF4W73wOu-ZCwDAAAAAA4AeAEAg&bg=!j4yljMjNAAbGFvHlxhY7ACkAdvg8WhMYGzav2xuDEx1Z_IGGTj0JmrVoALpEcv9QXt-WAtpnvKImdwIAAATRUgAAAIZoAQcKAFEbPrqEj3ELVP7CxruOhxb4NvjniHj53zWHqtQ2T90H-KrUoTh3roWcJKvO122P3CbXABM4VUdAe7Y5hta3z60H1ueqfVbYRwkLcX7q6bIapbWZAvCjYOW0cHmtIzZ0rlwbAQTTIJiT-2WDU2W4dcABSGXceT7mGkN02xOvRXxuqV1MXLnH0GDpHjeiTf0ZLNCEK7Dr0TInIqN8F7XnwUA-X2CcWpi1LKJjQmhX-TnfyZk_BSt7sTgrNP8qNhj2qAOXy9sGU9ftr7VqvyXbXrh4ZoLaP1mjgGNlXg4Ht7QEJuta906xnRUCbXVJB7ijI2ulnHzVNgaPZFt3TL1ZaIRNp71G0Moo2cI-gAUqAvEjcGQlaQTgYoVxZ_wwSZ6-lIMnKEf6j-inRswP5lnlGh3pKkuAtmqx8CfZzY8EX_-kZk1xu1VdGqNRlnjuXmRv08P8CYhaS5k2RaeU8XXEmea5QpdkoM5uj0Guefy9IguPSzZR-5ZfGqsup5yFcTlyK2osTrTZGj2bOjUS6nIKpKba7RAt8GXHu5Hpc-vkEhnkfilxK-JBcMmhIaBp_cZ_5bv_4ruhpzR_VCXsmptCV87JnDQnEAq_51JYXouSsLQhJWXlGnpwKxhnsvnSXaiMfuEEWK2YRTYdhGgnVdm2lkjszqQmay6u123Zw9sd0-gb1G9CwnuV0QC_A-4d_GSjYfb_fC_HWWUbq2Avvnqqh8CIR0IbdB6H2XrazzNHDwpi5QtAlqbee6wDL2uazkxnHl0W20-Kog_UDkoJDotTvP5tYajksF4Ic8BNJoknNbhG3AOB3dioGgJYchMoT5lMw_1CmzsSYvNggybykcH65XmdPZbcj-yBTa0MYAut5nkICDGDYSqH4t3IgZ9JV1VMvLKBgtqEAM4U2_BQWicsf4chXWNtFOMsv5qk0DGHcv4Y_h9TL4m6pNO3Fb26Xv4kv5PV1o-mDwNQ-Uw1WEXZtMMwQXB3wi3IraSRWtyB7oJbNnEM-W9U8yf7ybtc-USSFPdLvP87yQ2kRXTPm8HEi6ILoQK2vQGmQ44bLbqukDcMHZDw67DMLkOl8ACYTPaLX4ryvyMmGpJyr454Qb2_7FaiVtYS_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:09:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 393E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100701&jk=68723348199892&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F60 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM_d-pLtnYbrgNMSux_APnrCcoA4AAAAAOAHgBAI&bg=!cHOlczfNAAbGFvHlxhY7ACkAdvg8Whf1e45PHW-vsXJVHxEdyEFb2F1guo4F-VcrC20t9m7-SZsYVAIAAARbUgAAAEFoAQeZAxEBZSt3Ul4GhhrLn3Siquky2l717wUt600rtalFs8-eg_SWFMUNMa8M7sDHtNpRr59veDNOycyZqFL9Okvac4C4hG5NWhTgimFgMnfv5SfW2Dnj315tzsz-angcgHUsQppDt6tL_Jl6-vOvjoiA7rtNxmzy-vY2vsv5rUZMv1ijDbsAZgneBvqJ4iDfx3pUTCZBZUYnTJR43-SphSD2Stk_n2nmfy3oAxcFdkI9_xYDJPi4h5XBNuQCLuTvdi02NTdMz3ANwPG4ba8kJmUayE8xYPEp9BOAT5w8gTbcjuMCCkHxvgvmaL_-jLmRqAs3_0Ec-KtDWkquGE_IAQhrAxwPSBlafNv1muvuzn_yZ-oVuYy0i0qmGy3Wr6iPXqtaq5_PRVR5ZWxl2cGffeDtuSc6ch86B42gM0G9K9c50qtw6Cly-scBSVJQnzsG4_L-afipbmXUM0x0LS0ivuLyM8EgsR1GJUhABCGUopkg3dOViEwkdHWF4cxsQtg9VMeJAD98QuLxLr6FILR8GCqq_qpj3nz1uW6g0SuWWCVdxZ-Kg2qkP1502shRPSRxvP57qd49AdvNKMbaR4nPOBi4F2bLMbHiRdopSS0DhdMbOi6fPVl-364A2O9AV7aqkhQGzig0KkAl7hd7PN7JSsOk2VSiUDsLoIaCnfgrSZPWC1cGt29DCKqPBVhaM1g2-GKDs2jbPMRrU5F1vBNs9KPmGkFED1DwGDsV42br1yNizvbT7ayQHLM48jrvHoym_RAM4pN7tjOZkIYvY-8rfeSx11DZE1P6WtcLraDEYQqdOpHm5p0EDu7rQ9Zdfb6Y7T1d9c9QMJY3asU2_maGYZOFT9te0QD6h1VOccpFl-ckpVOaHiPza0JGgyxBYg2PqrxORplgHCCP6iHVz1EcnPHLyKbsT7jzCvQM1OIoL2rz67TF0xgONzcz0TLjmg2HDVdnDAChAQKH_YMZVnJ05d4MA5JrmzIaEnmHtaOuhuMAnhRBykl8ab4G_oUGWiL7iC61-e2LAB8XPll_9mWqR9_7aVCEKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame A278 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
149326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B8B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX86qpLtnYbXcF7bO7_UPneyE4A4AAAAAOAHgBAI&bg=!NzSlNHDNAAbGFvHlxhY7ACkAdvg8Wu8yPdo2vgOIG03U2N2hz3Tatv2N__M_faOfnYQhSAtZ5g7FtAIAAATAUgAAAC9oAQcKAFPFqAWSWfrjElkX-KE4Y9jWlyWv2TPdk83pDRMjWeRhAiwMLMKVq_yIhOzSeejl6mLone8AG4GJ67SqZ51bJoAGFXDe7aUahuaZkMoiM5IrYtGbSZkDFjkS65z_3Xon0lN1Jre6bUvugYp2U-9K435leAJhB6p0dxo0kyODTwhrStL2MVrOC37BvJumEXxCbjYki3IkZ-Ww8hdxV33OMvMx2Gksx5TO_cYbWZ0ifYlmKqhCgVgYnRP3-UY3cnfgnf3awDSGmTgmHH5XK3_Zq5344R7bb4iWtRSHfaBPMyhS5tmcbDEYG6TtuLt0TlIQZsOL7GGn9a1mm6zImwYVEQ6F8KnIiaOww3QrXwrgXRbzcIlEYg4A-iMbF4g1ANiJGmDzamyTEunPeACIwJINCH2VNI4M0zXH_5Hzp_nnWXNptjUzUPFV_Qb_As1RqqK_DBghXGRIf5YWIul4DTD5lOXrbN_w-WmMpO2UrVZ4NmVGcGO__f7r78h5snbG8qZaypSXdAODNc2q3DN47z4Dz8fiBqg3UM6qV0rtI5PdwgBvJTNmnSYbz4EOHrlupQPE9jYlDujFJjvQRTBzWOX-khF_f4gnE04ii09b7SWZ2GOfLlNEU1Fy7mqujTn7G23VlViMuca3wSr5AyysWjgx1XUZRhhDeBMucCfBb2j1cCydptNzFXdDPo3hkwUnL18kJ8SfYa0AEBiyzAZrvDNAjOLUy0Czvi3k6A1udHYK2pxHt5W99NchzukXIavY6F01hGfXySG56O4h_HWN4VZY-0D7_4EA95L1O_b-_KE_lzcDw9XkDcpk1ThDkZpRmKNYsqB7ZbDP4JshVUTt_1iA-ublIVkaGExtoNGQJBkzxM2ZwHzhd-CYMjztvH0lg-wj3H9_sp_hdnSNG_HeJQX5In_oIbq0kmGeKL_N0pS60sTa-xViFT7Y5A3c5XbbhKsRzPCYqM9ZjweDDYiG2j9iAkNnVrYbsazHnytpmq6111k39yDekVtJhkJ7fUVFLEj3OaqkN5s5zFWYQl9NnGgIClMuS2VdRcO3DzY6R_zKhdav7KWCxtGUc1GJd_vKC3UEBYUUmxkV0gmfuS9-WUa4ABU4FoAiz-AV4u48EaxtcDKXpPeixOhLIEhgqrqodS9LGLw1pGTrsArpBN-0BUI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F076 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQG1pprtnYdvtEtSz3gPq_5KABQAAAAA4AeAEAg&bg=!GhmlGV3NAAbGFvHlxhY7ACkAdvg8WiJTkLsvFugWb5nSau49-OdCjqdCOsSaH1yJqznsk0upQQBrqQIAAAJhUgAAAB1oAQeZAx8GOf3vpYB9yW1I5bbv5wJKroIcqN_h6yFvk6tuNeUmqUB30clfzM-vg9GXWM2zgWBNlDFQOUpls_AYbxYcCvAypPZ8ZTljzCpD6Io7V8EUdcbo_9euaFeao8QXmsCDVM0zfIFYnbj7W7hcuCiTAICpWfaUv_crZaEh8qEVEuDd85lIIMioJmF6hDtxhKh3akq9M8dr_1bFPAHW_8s6sP4ohT2iMnDlBGmq9wgSAWd79igzxmTIkRTVd_m9vdBpdEmcOn7qFNSUKRkk5gfURdsB3TEV9ez2dpkaWhF1XlsCzctkm6DzYVi6cowASD0MSf8-GEac1Q6cqCB4MH6p188e6FFhooZbHQdzF_nv_FL7bP_3RhRwOmKHCsSJZTZIRr4kcn3roc0KTUaXmmM_rBiCZnH5vOiZOrqX1WkkcybrFTiKySffg4dFjV0PV9SHihx7W6j8ptzA-elkkHBkl6ednkB1jAdlKlzwZWrPEuoHM6PiyBHYriZz7dn4TVQ5iJmf0XJi_dJa33J7jWVO6H9YkagIyqh34MEmee4JBZKVXTO7I0WypQ7oE4F6QRO57jElEkLRFdwx-GRbaB3vd2k8VlljMX8gIRtzbTDG00gDfd76TeX397mnt_sO7OFgOH-5_YdyHp_BqNGjJ73HH2-Oqob58Q6iU-rzrVHNoW16TbE4BFLeKSgmtES9iTosmqG28cGK634jRFaMxY47MKH0guKaX-ofzM_idLZo1Rqw4qwRfFbVPpU0Dg32C4YnxnJUQSp98amH5EI48EaLftcRunotn4wJbiNpXYl5CKa_2pq3ME2rTza5BHzfxn0AGOOaH_Vbxu_6htiL8tLdLSVo_G2Fh4qOGNB-C51Rm9TpH2e6EVnP78s9ahi63CCywba-FQoVtGMKJ2hzMVW0jJc5AC3qq_7hFiPCbTOtFKayKo8EwNyhvJ_RAmmzdg4Hs6JTtBaT6D18njG_zXl1jDa4j1i_j8lH0ze3IhYICReKC7_zVTY-6u8Mj2OrDd0L4_KyEHAvGTJgca9sbeV3P0qsOa7HXKVHwzBAhHU-achb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?e_rc=1&pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by
Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
25efc82b82c5d8bcd5cf3711a2b91ef609b6c4e207f17e39151a5c4628ff4599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:00 GMT
Content-Type
application/javascript
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
0
sync.1rx.io/usersync/eyeota/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/eyeota/0?dspret=1&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17c7d34f5d2-3b700000010f4cbc&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=17c7d34f5d2-3b700000010f4cbc&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dm...
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=84845405550385095110125245531547188001&referrer_pid=mli4m40
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=6j5b2cv&uid=84845405550385095110125245531547188001&referrer_pid=mli4m40
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:00 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

DCS
dcs-prod-irl1-1-v018-04f77650a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
hbepf+++S/Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ps.eyeota.net/match?bid=6j5b2cv&uid=84845405550385095110125245531547188001&referrer_pid=mli4m40
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40&_test=YWe7qAAI7FA6DAAR
  • https://ps.eyeota.net/match?uid=YWe7qAAI7FA6DAAR&bid=0rijhbu&referrer_pid=mli4m40&_test=YWe7qAAI7FA6DAAR
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=YWe7qAAI7FA6DAAR&bid=0rijhbu&referrer_pid=mli4m40&_test=YWe7qAAI7FA6DAAR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:00 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634188200.484867,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://ps.eyeota.net/match?uid=YWe7qAAI7FA6DAAR&bid=0rijhbu&referrer_pid=mli4m40&_test=YWe7qAAI7FA6DAAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
9.gif
id5-sync.com/s/123/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/123/9.gif?puid=17c7d34f5d2-3b700000010f4cbc&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p38.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:09:53 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dmli4m40
  • https://ps.eyeota.net/match?uid=5318835689156733492&bid=2cr76e1&referrer_pid=mli4m40
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5318835689156733492&bid=2cr76e1&referrer_pid=mli4m40
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:00 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:10:00 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ac2169e8-923e-4974-bea8-8d411dfd96ac
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ps.eyeota.net/match?uid=5318835689156733492&bid=2cr76e1&referrer_pid=mli4m40
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100701&jk=68723348199892&bg=!jY6ljsrNAAbGFvHlxhY7ACkAdvg8WmHWUbev7R_8Ei7V0hvWYhDhuKf_JERGSB-FJ2vt0B25VkWnkwIAAADXUgAAABJoAQcKAF-XGivGJ7BLoX1JbPHI72EAwZE8_NJIswSNGtfd0Nt1pE2QKseLCMyJ8NmxtRE54L-z1OZyCPAmXY4Cn1vj4AsrFaq_nLwBika9XZgrdnncsBs3xtxLiEZxspoxUMNdxZkCpMOKZ_O9n6MiGwkK94CXp5C3jMKakPt3aBvZPTP-D_Ut1NfNAbR4_u1JJ51Vw1d74uzA6UDDiYDrMWfLSivGYafgePbUKa-JJZ0R_PO0nM9TZSIOBoUOapqlx0vVZ19iMGeuY_Oo2cPsUxqZuwTcSEjNxIlPlyfhzTKLOPvdLFYeudfzLTo0e6fVssaKb8Elr1z2SwVcqUFvCBW_NKwYFH_W9XjsBrvNmra5JyUN2I2GusFKpklr5khwLqqE077ZppDY2ALYYFFXPNwpEDIAfP58mVJzecKmWlTxjKYD2OEuBzwFe547G1y9NB_YcF2A-Fzhn9hWOQh66l83TonYxQWQlT-h-WEZRvvIvLrnoO2eJMqjWUcHxGzgOrTqRA4rvF_VQNeTvep52fBVN44mu6riaUuWBvWJjK_4ZxO8s6B1A3n_h7oleiwSN9-0l3JGHjJWmEy6dVIFsRLX4eNWGT1dY2ODxJxp46Xn1LLiyTi8FXL20WEpmF-oXF44ioggtbGtuWYl42JlZ_6A6716U4WbK9qnyyRTi1KhWryphu_Z7LjwCaU2FLcBY6R5szkxMNAzSJob-Ec91QZy77Otv2nZN4Ni2nVVOIb_4vDuWCN-MgnrgGMulRsUNcTIPVdgFI_Pxd2lDIK5kChLfnqcbmbI8FzzeTAQ02e1Kk-QQ7VWVcQRbbc5sG1K3NP1hcWsGrC7dBn8ObRWRBj3CXKumzAsfCxTEHl2OVjYravUBQMxllrRjkvyPrl8GfPBAYA3uNya351OBhcy0ZZofk9YWCMtY2zx4SVe6wTq66cAnSGO5u5p08VoxB94qVrDdT8yLJIKLTjMvinzszzUJyad_SguC6BX0cLOS25T1gtR1zcvMCCZqfIoG0DwHfPlW-_e0HBSjms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kuqhgiqs&ctx=0&met.9=1.16y~13.18z~2.1b9&met.3=112.2bg_2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.195.3 Bluffdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
atl14s64-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haibunda.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ 		982 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?e_rc=2&pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by
Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?e_rc=1&pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
249ba1468287d4748694cf068730ce358664c2cfc5c097f0b5937066151bfbb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:05 GMT
Content-Type
application/javascript
Content-Length
982
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5108559721294392773&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5108559721294392773&bid=omt9pi0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:05 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5108559721294392773&bid=omt9pi0
Date
Thu, 14 Oct 2021 05:10:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5039&3pid=2LIl6oiuZd0iXH4T5SrtvXAnFzkfqgNQ-v-yRDE_weF0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 -, , ASN (),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Oct 2021 05:10:05 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1009
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1009
  • https://ps.eyeota.net/match?uid=1261105975588933098&bid=9gdtmu1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=1261105975588933098&bid=9gdtmu1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 05:10:05 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:05 GMT
server
nginx
location
https://ps.eyeota.net/match?uid=1261105975588933098&bid=9gdtmu1
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
current
eyeota-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eyeota-match.dotomi.com/match/bounce/current?networkId=41703&version=1&nuid=2TcHwJdYEspOkB4cwphgpDth2fzGzIjYgaPX9pKWKcwI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.137 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 05:10:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
b
ads.scorecardresearch.com/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/b?c1=9&c2=16937916&c3=2&cs_xi=27DlocY6rn1f1kO1aIXAOr1Smy4mKU1dvVSX7uz_4hOQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.haibunda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:10:05 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
k2u0sDCVDyuM3pm2HQBUbQkhnuexGsKxSFnGAfUG8bapAmb_KI_qWg==
x-cache
Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kayumanis.detik.com
URL
https://kayumanis.detik.com/api/validation/
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| dtkGTMDL object| e string| contenttype string| val object| dataLayer string| EO_SUBCAT string| baseurl function| _pt string| id_revive function| extCheck function| extTagging function| create_ins function| getKeywords function| dtkRefreshBanner function| refreshPositionSlot function| refreshSlotDfp object| dfp_keywords object| googletag string| EO_PID string| EO_SID string| k number| c object| h string| EO_CTG string| EO_AGE string| EO_GEN string| curr_url object| arr_url object| notin string| sc object| js function| Vidy object| spotxDataLayer function| __d3lUW8vwsKlB__ object| _taboola object| _comscore function| onLoginClient object| TRC object| _tblConsole undefined| msg object| COMSCORE function| udm_ object| ns_p function| eyeota_callback function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| google_tag_manager object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc object| ZDllNzBkNjgyZjI2NGIyN2xvYWRlcl9qcw== string| ZDllNzBkNjgyZjI2NGIyN2NhY2hlZF9qcw== object| __fcInternalApiManager string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| ggeac object| google_js_reporting_queue object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _atrk_opts object| btn object| btn2 function| setCookie function| getCookie function| checkCookie function| stickyMR1 function| stickyMR2 function| JQClass function| Sortable object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ function| atrk boolean| _atrk_fired object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| gpt_mediumrectangle1 object| gpt_mediumrectangle2 object| skyscraper string| newsfeed1 string| gpt_balloon object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| regeneratorRuntime object| JSON3 object| imgLiquid object| firebase function| __extends function| __decorate function| __metadata function| __param function| __awaiter object| config function| requestToken function| sendTokenToServer function| sendTokenToAppsDev function| isTokenSentToServer function| isTokenInCookie function| setTokenSentToServer function| requestPermission function| deleteToken function| getCookieNotif function| resendToken object| closure_lm_612539 object| ampInaboxIframes object| ampInaboxPendingMessages function| setImmediate function| clearImmediate number| myRefreshTimeout function| startRefresh function| stopRefresh function| isOnWP function| isBNOff undefined| warnJQueryUndefinedStr function| MD5 function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| detikLiveUserCounterResponse function| purl function| Cookies string| result function| nullLB function| nullTB function| nullBB function| loadScriptAsync object| scriptLoaded function| checkBannerAvailable function| onYouTubeIframeAPIReady object| detikConnectIframe function| gCallbackFunction undefined| gTokenMe number| lastMessageEventTimeStamp function| detikConnectAutoLogin function| onMessageDetikConnect object| __cfBeacon string| connectTokenUrl undefined| _ddomainhash undefined| _dvisitorid undefined| _dinittime undefined| _dcreateddate undefined| _darticleid undefined| _dkanalid undefined| _ddetikid undefined| _dcustomparams undefined| _dextraparams string| _dSUBTYPE_WEB string| _dSUBTYPE_MOBILE string| _dacct string| _dacct_sub string| _dwv string| _dgifpath string| _dhash string| _ddn string| _dtimeout string| _dtcp number| _dtitle number| _dsendtimeout object| _ddoc object| _dloc string| _dcookie function| detikTracker function| renameKeys function| execution function| collectData function| processData function| sendData function| _dGetCustomParams function| _dGetExtraParams function| _dConstructMP function| _dFixA function| _dFixB function| _dDomainHash function| _dDomainPath function| _dHash function| _dGC function| _dES function| getCookieData function| setIDs boolean| ids object| newKeys boolean| 01692919-94c4-4412-bd13-9b0c07613821 function| vpbjsChunk object| vpbjs object| _pbjsGlobals number| google_srt object| _google_rum_ns_ object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
.eyeota.net/ Name: mako_uid
Value: 17c7d34f5d2-3b700000010f4cbc
.eyeota.net/ Name: SERVERID
Value: 19644~DM
.scorecardresearch.com/ Name: UID
Value: 1HISUFWHG9NECIRICXZCZTg1634188195
.mathtag.com/ Name: uuid
Value: aa736167-bba3-4400-a338-84efce50bcd1
.adsrvr.org/ Name: TDID
Value: 9d958f07-ad96-4b23-b55e-5b5921b4530a
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiskKX68raHOhAFOAE.
.spotxchange.com/ Name: audience
Value: f8688d49-2cac-11ec-8fb6-1ee5b9e10406
.doubleclick.net/ Name: IDE
Value: AHWqTUmgDdcQualuJNDbbCOvrL1wF4bpbS2S9GUoeSI2Jocw0oq0zUXFVv4p2pYylR4
.haibunda.com/ Name: __asc
Value: 66b4e10b17c7d34f6ab6890d862
.haibunda.com/ Name: __auc
Value: 66b4e10b17c7d34f6ab6890d862
.haibunda.com/ Name: _gid
Value: GA1.2.1110583574.1634188196
.haibunda.com/ Name: _gat_UA-891770-244
Value: 1
.turn.com/ Name: uid
Value: 3921684288155743935
.haibunda.com/ Name: _ga_LW7SH9Y4G8
Value: GS1.1.1634188195.1.0.1634188195.60
.haibunda.com/ Name: _ga
Value: GA1.1.1803330638.1634188196
.haibunda.com/ Name: _fbp
Value: fb.1.1634188195688.2120743811
.facebook.com/ Name: fr
Value: 07HxMDty0iLStZuGK..BhZ7uj...1.0.BhZ7uj.
.casalemedia.com/ Name: CMID
Value: YWe7pFB505cfGknj8uCgeQAA
.casalemedia.com/ Name: CMPS
Value: 3218
.haibunda.com/ Name: __gads
Value: ID=1c3eed9ae069ae02:T=1634188195:S=ALNI_MaQeoHkgOQaHxYcgDhMC06UJRvZGQ
.adnxs.com/ Name: uuid2
Value: 5318835689156733492
.casalemedia.com/ Name: CMPRO
Value: 1105
.haibunda.com/ Name: __dtmids
Value: undefined
.casalemedia.com/ Name: CMRUM3
Value: 2d6167bba42760CAESEEVvzS_9XaS7Xro27eUj17k
newrevive.detik.com/ Name: OAGEO
Value: US%7CCA%7CSan+Francisco%7C94124%7C37.7353%7C-122.3732%7C807%7C415%7C%7C%7C
.openx.net/ Name: i
Value: 039d116d-3243-4c0a-a31f-9a7e53e63b87|1634188196
.haibunda.com/ Name: dtklucx
Value: gen_c8fe0bc5-ce79-5c4b-db27-4856f837cd93
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMST
Value: YWe7pGFnu6UA
.blismedia.com/ Name: b
Value: 6167BBA58C8E6BECCC4121E5BLIS
.lijit.com/ Name: ljt_reader
Value: 3abf4206829fcdf9d480e5c1
.de17a.com/ Name: guid2
Value: 1.4682675689524965127
.yahoo.com/ Name: A3
Value: d=AQABBKO7Z2ECELd7Y_m1v7FsK_SwHl7mA5gFEgEBAQENaWFxYQAAAAAA_eMAAA&S=AQAAAneyxAVUm2dUu1whUgRTkQI
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2F313979-AA17-488F-8D98-F2E8D68A634D
.haibunda.com/ Name: FCNEC
Value: [["AKsRol-Vr1QdkxuaoEiZHXe6xTe_cZpz4wK8_Pin4Oca-HZFVHSHz--kKzaVlbOixK597o960bE9qtMRBvZ11YmYjWNvl1IF8JYizk5G0NGK9Rkr47NwJMOKP4FBYwcefs96uTdZKHmayKVyocwuIFAPnBIPXv1SCA=="]]
.haibunda.com/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1634188197677]]
newrevive.detik.com/ Name: OAID
Value: 69415dd316e8624be973d52bdf17b756
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YWe7qAAI7FA6DAAR
.demdex.net/ Name: demdex
Value: 84845405550385095110125245531547188001
.dpm.demdex.net/ Name: dpm
Value: 84845405550385095110125245531547188001

5 Console Messages

Source Level URL
Text
javascript error URL: https://www.haibunda.com/
Message:
Access to XMLHttpRequest at 'https://kayumanis.detik.com/api/validation/' from origin 'https://www.haibunda.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://kayumanis.detik.com/api/validation/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.haibunda.com/css/ajax-loader.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.haibunda.com/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWe7pFB505cfGknj8uCgeQAABFEAAAAB&google_push=AYg5qPLrJ6Zci2v_ovOjXMu_E9hsbnNDwtZfcxrufbWE9f4jfo2cAqQCn9jSfBXA39Ni4M0ixZK7mbEK-flRUI6pd_5oswnUQzASdw&google_gid=CAESECYyz4RuG6o8hzp3rR334-k&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security "max-age=31536000; includeSubDomains" always
X-Content-Type-Options nosniff
X-Xss-Protection '1;mode=block'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5db6baf3f22821eedbe7509b80eb713c.safeframe.googlesyndication.com
ad.doubleclick.net
ads.scorecardresearch.com
ads.yahoo.com
adservice.google.com
adservice.google.de
akcdn.detik.net.id
analytics.google.com
ap.lijit.com
api.vidy.com
bid.g.doubleclick.net
cdn.detik.net.id
cdn.haibunda.com
cdn.jsdelivr.net
cdn.taboola.com
cdnstatic.detik.com
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.detik.com
connect.facebook.net
csi.gstatic.com
d.turn.com
d5p.de17a.com
dmp.adform.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eyeota-match.dotomi.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.detik.com
kayumanis.detik.com
match.adsrvr.org
newrevive.detik.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.cloudflareinsights.com
static.vidy.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haibunda.com
cm.g.doubleclick.net
kayumanis.detik.com
103.49.221.102
103.49.221.172
103.49.221.173
104.16.89.20
104.16.94.65
104.18.1.84
104.18.202.4
104.244.36.20
13.32.29.129
13.32.29.2
13.35.253.107
13.35.253.71
13.35.253.87
142.250.181.226
142.250.184.195
142.250.184.225
142.250.184.226
142.250.185.162
142.250.185.174
142.250.185.194
142.250.185.195
142.250.185.226
142.250.185.228
142.250.185.70
142.250.185.72
142.250.185.97
142.250.186.130
142.250.186.134
142.250.186.66
142.250.186.67
142.250.186.98
143.204.209.31
151.101.129.44
151.101.2.49
157.240.20.19
157.240.20.35
172.217.23.110
173.194.76.154
184.31.88.106
185.29.134.244
185.33.221.52
185.64.190.78
185.94.180.125
193.0.160.129
2.18.234.21
203.190.242.102
203.190.242.172
203.190.242.244
212.82.100.182
213.155.156.181
213.19.147.44
216.58.195.3
3.122.214.165
34.249.16.8
34.96.105.8
35.227.252.103
35.244.159.8
37.157.2.236
44.239.69.74
46.228.164.13
51.89.21.5
54.247.138.82
64.158.223.137
69.173.144.165
72.251.249.14
72.251.249.9
76.223.111.131
87.248.118.23
001d81224ef63263b78bef8004b51e2f23453c0832e67955f1e8012e366a8a26
00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089
04dbad6e437e7cbe82519a875b4e909246fb0fc328fd67582279ac675ac0f3e0
05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8
065c9eac1ba00b9849c2a9f96e1d9998674a6eecb2eddd1aa74e38f1fa03869a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c5c2c5ceb7fadc463aeeeb7a57d23f13befce6c982b9d573281a94ba5391ce0
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
109b90efdf7f8b83f9f4c8fc2fe3a857eb697e85ab0188aebb5fc4b45a8d7475
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea
179953b4bf349ab70636404d5e9f23e72b9d290013c8fe4fb104b6612f9cf0c0
19c11f2f9f3da88f9dd21db8f62416d98f0699b3d840e078459b49f21aa74152
19d8ebd3fb98721f56f81064a3b6c8d9e34b9e679f5badd844f05ce9090f245a
1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4
1c7d2ae52ffa906c1ef4f19b00b4ea83f983cb04a546ab7da56af735da9b5d3b
1e0d978a09a9776d2cc6602d706e880504e526634b88ed33497bcde232fcc7d6
21e0993849242f95333241957e64c5e8d1a720b80bee1b85a876f710b35db2b3
2316b14ef293b691445698de141a8bc32881e5f7c050d80a389022b842a575d5
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315
249ba1468287d4748694cf068730ce358664c2cfc5c097f0b5937066151bfbb5
25efc82b82c5d8bcd5cf3711a2b91ef609b6c4e207f17e39151a5c4628ff4599
283b069e9ffec726e1b1132f6c8a2395d298305db72af2a0a4256779acdcd111
29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f
2a77abe7a0d038971e13c9601e4163ea7151ca08a59d1fac8a3e3b79139c5efa
2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2bebd66fa14c28326d3bbeed6f458b834ff39ca2530282bb42dad895834712db
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd
2f731cb31e345e9a72c731972763ddb117b2cc811c9159cac5ade1ce9b2669ba
30b7d25315b2e970c9ab5fa13337193baaf4bba0536f69de82687ed6f261cc78
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33c557b7cbd41f51e27cc2feebf5302e9efcb61e5a49848bd1287a8d71b205a1
33f66b0a888ddd15b3125ff82c043a8d503aff0ee0452b410cb034e2f8e59f03
3441c5afb4d1bd03301a3443bdf1341b0c4b34ae7a36a7056048db6674f81b49
35d44dee0a0c9f45876377c99b2eb50b004ff165c7d06ae1db50aad49fa85f6a
373d4cc96c29b21f3ee2628fadec8662a7524ea9120546ab251b56cd028ce2af
377feb5f91d5c97cddcfc601fb257b66f215016e37393e9f80bb6c23703cf8b8
382b616d928b60c74bd54cc04a05137230a2bf597695cc1a240e3153215c298b
38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17
38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3b726b81d83981219300f256c6124872917a5af37d0373b430a4fc81ad806e4a
3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7
3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080
41dbf38e2310c7bb4eeae5671e03216b85fe6ca1b5c1bb189fb671a868c357bc
44a5d16e00aafe0d9261398da498d17cf0fe09abf7409577a351667b4f54d80a
4537ca040455ce1cda73f9c4bd7cec8456c5b0836cbff00f41b7fdd6cbbe8c2f
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e
466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781
4839a7a93bcd618246824d7c455f73af72ec002b1f48ad6fe9d3d0fee4909dd0
4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632
4847ba103f5eb7d917279c5836d06f7b27809e35a1db90a51726e5652ba5047a
4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40
48ea034f71c76941fccc590dcccf15d96bc08420a08d2888ab94548c3e271c61
4a77614060eb8670d30a48ab8d490772854632ad11259a8f0c0bcc019d44b26c
4cd018cf2827d277a354427d936c171099fa5d2fad6cb64a670f8a7bb58b5424
4db4865c38493fce073e6be0c245928053ae5a6e31fd69f3a668f1c3a60eca9a
4df8a16f99fb02290855b373aff0add9ea8bed5b2a19c005e823df0b98c0e7f0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640
4ea4bc5c4ef75dc66dda955e8126f9b5603f5b1d573b28f667e174d4dcd3db90
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
519f36dfb169cf61d16bab3b2e62107657910c4daa039cc3692d7b9e6a9c4a6b
5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56e62384c9295d26c070cd4f6e326fbd2a3d4bb46f733bc30ad6c5692f03575a
57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
621ecfa8e99a39b4446b12466869dd1f7203d803b8a11b88fb588e0bddfeb0a4
62867eb9be3a6f0b1386078c28284c2bc90bb6aae3b05b26b0e2a4e043d06189
641527a5cf4838c96126427f0451507debed6fcabe8f01403e8ce00aa6975422
64ce28d421e4ca69a4a36f3dfbcb9500d8e5cad926bbf3926163140e7dab0cf0
6564ff8dd8458bbfac2b6cba30d04e3edc702faa2a69bd402d15576e31b160ff
67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6c7e12ddef2af625e2132ca0494f7363668b3538798dffbde86cd5533e818749
6c84aaf9164437c7c985e619c3f3dc82c38ec9ef79ccdcae3587ac406a2dcae3
6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039
6e5b59b8546c78c1b8a7683b7d6bc3784e7ea4005785f6e2ad2c40096c198f2a
6e5f9ce036d94e198274025cbb9004e22c91d730a57943fb634e12e15f9cf28d
7028fee6a765b09d3d7fe0ab196f0f12197bdc667135aaf7a76271ec62939ac0
7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8
73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f
77cff592ac027370de6581af2f41b94988d35b9453b8a8d3b738948d8f21eeec
783777537ba06ffff7b35ab529a38d1a090a7b4202e7c52762b2a24dc1a44753
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
7c968a51f9a55a3afd87dbc9abd78a95f43dba240c508e28324d92211679a9a1
7da1fcac471eef864205c27bfb83a14bbe292ba6aa29bb87fc095ecdccff9bc0
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993
84ac61489c1f02ebffc3ad3dbaf74424a7dcdab4de336b50fa400512f78905b3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22
856da369b5760a486d9b07f839f498bec08ac2cbf160c9aaffce4be21b2372f7
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
88bce0a743b44a1afe408f0d8e90d1d04fdf664ed59ae39ab2fb0b15fabc6c73
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a033d8f85ef60fc0f1b2b6dbd87fbdd2ffedbd29749937de47ee533071f63c6
8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e
8d9199b794a988969d37ae713e7a0cb5836b835c6f1ebb81df8bd2ccdfbbc128
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d
9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818
942eb33e5f9459667b4fcdb7ddfad2cea5180f44d5e1836782a539639cb740a2
94c5c8b3ad3d42a16f7d354e09c0f497c8c9cdd25aff3ad0c8c61abb4180fe7c
9522a675df401dee461e5cc1e6db60342da8747a0335442f862f45a75e4dce19
95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16
96599bd39102b2ec5a0c7a166a560e76000b104c855d23d8859dc14b253c2f78
96bd5a93f153bb1df6cd878a66bc4a5c222dd1d13adf3898ff88b06ef2ba72b9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4
9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb
9a878fe7ce38e605ae9f4f5f5f9793387031316d7cbea9d4f329a2c1bce1b24b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9baca59ba166134033ba09ce7ce746b1f19292b21d141a0514bb98dd45aefa22
9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0
9d9aaffbd2cfb2e92028bd7708f759d9a89d26133b85d68db2676366670765de
9db0bdf54d9e2a1a6399d0ce08e21871f4a030e452364f98be7078c140601cd0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3d6a8f0f8a8692a7b97eaa4229ba2b8175f32afd45f9cd56fb17731bea2cd2c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf07d6d4bf8faeda179ee61aac72edce4aaf39c688a3e24aba0df52dd851df
a50d16fb94114f97b8afe54fe017441606825bce1a6cb8fd2390ebd8130d64e3
a5403de584447c64021ad774ebc8fb49a14783e66afc4d41bbe83aa4ae6a181b
a57b6024ed8047c77fabdfd4ade936b8ecfb56b673b4d016a155e8340fce65e2
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9
aa1a2ccc694d4b92241fba3d2e041394933d9c70e6236181b5e35ef1043aeeb0
aa1f9650cbaa2acb2488585410c14462eb99a632505382252bd65e75ca9a6a78
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
af3a3f6b22952e657ff98e3a40b63f58f9f7076f6f018e452ca98e2dbfe85dda
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe
ba0519c64ff7534f0f88226feb2dc73d05fb73b6355dd09281a8fb8ff4c3b57f
ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f
bca2e82998f0b395c63b3f1f967aec6488c57227320aa36b20e2d0caf5696239
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19
c1aea2261aa8e610ebd3af70fd71329e3a4a87e3324a69fbaa7ed1b6e0f0f8e5
c1dde0b7a3aa7504eabe806091dec8f8d930cc87d2bdfc4e24284d7ee6f8d92b
c35a8136a3c16c52265f3931d5304c9a932b58d366218afbd031fc300efb8695
c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d
c6bba45eeda50b4fa0ecc7829d3a677f5b555dbbb8b2eebb27297bd0911f95a0
ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16082a25d05eef83257ab59d8cb1f7c993ed137ba1c9c46fb43151850208976
d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72
d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7
d5651f8d6acec8fc8b6c54a58c71800dd618912b5b813d489dd8b6f3e3749294
d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6
d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f
db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427
dbb791f38ce0f0ac85eb946f0a6d92ffadc5ff94d8f314831f8b768d7994a4ca
dbd1b5b7bfb1b567e8a82c1897270ab2a6a956db02c31bc583f3e04b88c027cd
dcd5c50c7fa8589fb213d6bb5d527f38375a62721b13da093b05a69e6579225c
ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df324cf99cbc625fa43f78407ff343a898086a912141da1396ba334a42d2774c
e0882f7de221cc2984512973b7e465149c3603a242cd635a22a7bd88ec94fb16
e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2bb96ba8c0235c8edc63ca18df0e08d7309a2f2e8fddedd954a4101f1926ca6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5
e6ef5a4360d3d730d8eb5b1d71006a6d8c050e0f8f329b5ed01e47d51a4cbb6e
e857e1d16831ed7b4062e04ed3b0fe4a4fc19fd08247262f9606af84d427d404
eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555
eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472
ed335d00f40004ed4c60d31939670a02e27ada8a49df0b5c683859339b2ee1ea
ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784
eebdf79938702147857b839ad40eb72d15039198a7037047f2594861b34c4968
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
f009ec4220fd4306a2039c666b442dde20a1a93f869a5096835858390a8790d1
f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf
f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f
f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf
f3c849d552d34dff3a933974de7971aa7a9ce58f4cfd09ff5913db755ea98caa
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350
f5f03283a2ab5031f878ceca90919fa76ea1bcd3561e8aa7cee07605c2a58b81
f7d68350eaa58944f3129909e03b7baeb6f26a58e84a3cb1cbae567639cd66fc
f8734fbb48dc502c414b373382d19ef317596ec98c2c03f56dc42185810a1798
f88099ba509ed744afae8a295837192554f15a979d242baaf6ec574823e023b9
f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b
f910f1c8bd60acf750e371ec208651b3096064c2bab465b1fc4fae27072d71dd
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e