URL: https://162.55.38.158/
Submission Tags: krdprod
Submission: On January 17 via api from JP — Scanned from JP

Summary

This website contacted 47 IPs in 11 countries across 48 domains to perform 97 HTTP transactions. The main IP is 162.55.38.158, located in Germany and belongs to HETZNER-AS, DE. The main domain is 162.55.38.158.
TLS certificate: Issued by R3 on January 16th 2022. Valid for: 3 months.
This is the only time 162.55.38.158 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 162.55.38.158 24940 (HETZNER-AS)
1 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 172.217.31.162 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 192.99.8.28 16276 (OVH)
1 51.161.15.92 16276 (OVH)
2 51.89.99.21 16276 (OVH)
1 13.225.174.126 16509 (AMAZON-02)
1 13.33.210.128 16509 (AMAZON-02)
1 13.225.174.15 16509 (AMAZON-02)
1 13.33.9.79 16509 (AMAZON-02)
2 4 209.191.163.208 14744 (INTERNAP-...)
2 2a03:2880:f05... 32934 (FACEBOOK)
2 2404:6800:400... 15169 (GOOGLE)
2 2606:2800:248... 15133 (EDGECAST)
3 99.84.128.72 16509 (AMAZON-02)
1 138.197.56.196 14061 (DIGITALOC...)
2 23.10.5.240 20940 (AKAMAI-ASN1)
4 4 141.94.170.64 16276 (OVH)
2 3 15.197.193.217 16509 (AMAZON-02)
2 2 3.114.95.219 16509 (AMAZON-02)
1 8 13.228.181.101 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 172.217.175.66 15169 (GOOGLE)
4 52.220.230.137 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 1 161.202.200.118 36351 (SOFTLAYER)
2 209.191.163.209 14744 (INTERNAP-...)
4 4 52.0.142.102 14618 (AMAZON-AES)
1 2 35.213.12.39 15169 (GOOGLE)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 2 104.18.100.194 13335 (CLOUDFLAR...)
1 104.244.42.200 13414 (TWITTER)
1 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.75.146.161 16276 (OVH)
1 13.225.174.47 16509 (AMAZON-02)
2 2 107.178.244.193 15169 (GOOGLE)
1 104.16.111.154 13335 (CLOUDFLAR...)
2 2 18.181.106.145 16509 (AMAZON-02)
1 13.78.59.237 8075 (MICROSOFT...)
1 52.9.92.170 16509 (AMAZON-02)
1 52.88.143.200 16509 (AMAZON-02)
1 52.78.12.132 16509 (AMAZON-02)
1 1 3.228.133.61 14618 (AMAZON-AES)
2 2 2406:da18:5ca... 16509 (AMAZON-02)
1 1 103.229.206.241 30419 (MEDIAMATH...)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 8.39.36.142 26667 (RUBICONPR...)
2 2 151.101.194.49 54113 (FASTLY)
1 18.181.17.147 16509 (AMAZON-02)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 50.116.239.150 6336 (TURN-US-ASN)
2 2 103.43.90.54 29990 (ASN-APPNEX)
1 99.83.181.31 ()
97 47
Apex Domain
Subdomains
Transfer
15 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
24 KB
10 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 669
1 MB
10 lif.co.id
au.lif.co.id
119 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
185 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
3 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
6 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 512
i6.liadm.com — Cisco Umbrella Rank: 1514
2 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 21950
data-beacons.s-onetag.com — Cisco Umbrella Rank: 12287
connect-metrics-collector.s-onetag.com
14 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
2 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 80
apis.google.com — Cisco Umbrella Rank: 140
www.google.com — Cisco Umbrella Rank: 13
73 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 592
syndication.twitter.com — Cisco Umbrella Rank: 844
133 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 14202
t.dtscout.com — Cisco Umbrella Rank: 11585
10 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
615 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
941 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
672 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
919 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
586 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
896 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23037
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14234
s4.histats.com — Cisco Umbrella Rank: 12293
5 KB
1 amgdgt.com
d4074332597254059878-t8715299750138243503.id.amgdgt.com
395 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 880
558 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
414 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 689
214 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
647 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
622 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1557
422 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
338 B
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 2988
232 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 9279
328 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2030
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 4004
433 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 10474
356 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 24712
575 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
602 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 12939
407 B
1 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 41946
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
642 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 clickagy.com Failed
aorta.clickagy.com — Cisco Umbrella Rank: 2420 Failed
97 48
Domain Requested by
10 i.pinimg.com 162.55.38.158
10 au.lif.co.id 162.55.38.158
au.lif.co.id
8 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
6 pagead2.googlesyndication.com 162.55.38.158
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 i.liadm.com 4 redirects
4 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
4 pixel.onaudience.com 4 redirects
4 ap.lijit.com 2 redirects 162.55.38.158
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 match.adsrvr.org 2 redirects bcp.crwdcntrl.net
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
2 secure.adnxs.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 dpm.demdex.net 2 redirects
2 pixel.tapad.com 2 redirects
2 p.adsymptotic.com 2 redirects
2 x.bidswitch.net 1 redirects
2 ce.lijit.com
2 cm.g.doubleclick.net 1 redirects bcp.crwdcntrl.net
2 loada.exelator.com 2 redirects
2 tags.bluekai.com bcp.crwdcntrl.net
2 platform.twitter.com au.lif.co.id
platform.twitter.com
2 apis.google.com au.lif.co.id
apis.google.com
2 connect.facebook.net au.lif.co.id
connect.facebook.net
2 t.dtscout.com e.dtscout.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 d4074332597254059878-t8715299750138243503.id.amgdgt.com 1 redirects
1 d.turn.com 1 redirects
1 aa.agkn.com bcp.crwdcntrl.net
1 token.rubiconproject.com bcp.crwdcntrl.net
1 sync.mathtag.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ml314.com bcp.crwdcntrl.net
1 beacon.krxd.net bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 audex.userreport.com bcp.crwdcntrl.net
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 a.dtssrv.com e.dtscout.com
1 www.google.com tpc.googlesyndication.com
1 syndication.twitter.com platform.twitter.com
1 i6.liadm.com
1 um.simpli.fi 1 redirects
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 t.dtscdn.com e.dtscout.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.jp pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 s10.histats.com 162.55.38.158
1 fonts.googleapis.com 162.55.38.158
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
0 aorta.clickagy.com Failed bcp.crwdcntrl.net
97 64

This site contains links to these domains. Also see Links.

Domain
au.lif.co.id
Subject Issuer Validity Valid
au.lif.co.id
R3
2022-01-16 -
2022-04-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.pinimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-08 -
2022-07-09
a year crt.sh
histats.com
R3
2021-10-27 -
2022-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-28 -
2022-11-27
a year crt.sh
*.s-onetag.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-26 -
2022-01-24
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.dtscdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-11-04 -
2022-12-04
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-11-24 -
2022-04-26
5 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-24 -
2022-02-22
a year crt.sh
www.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-08-01 -
2022-07-31
a year crt.sh
*.rqtrk.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-06-18 -
2022-06-18
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.userreport.com
Amazon
2021-02-18 -
2022-03-19
a year crt.sh
*.truoptik.com
Entrust Certification Authority - L1K
2021-10-22 -
2022-10-22
a year crt.sh
*.cintnetworks.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-04 -
2022-11-04
a year crt.sh
sharethis.com
Amazon
2021-07-19 -
2022-08-17
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.ml314.com
Amazon
2021-12-18 -
2023-01-16
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh

This page contains 11 frames:

Primary Page: https://162.55.38.158/
Frame ID: 5ABD2DE9C7E79EE42207FC721BD60A65
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 51FF53E6AF1920A01072EA1C8837D240
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642401750&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750191&bpp=6&bdt=2892&idt=169&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&correlator=6776621832809&frm=20&pv=2&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=kGH36NjUnM&p=https%3A//162.55.38.158&dtd=197
Frame ID: A52211CEFCE2DC31BC5626CAF8FB7BFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642401750&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750197&bpp=1&bdt=2899&idt=205&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=6776621832809&frm=20&pv=1&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5qbVk2XN8d&p=https%3A//162.55.38.158&dtd=208
Frame ID: 668F62B4FD728ABAD4EE86FDED30A6F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1642401750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F162.55.38.158%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750429&bpp=1&bdt=3130&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=6776621832809&frm=20&pv=1&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Frame ID: 777BAA7E7B146C31A721A388BBEE5AD7
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301642401751EF9C6538F4C5E2B708
Frame ID: 347FDBC51847A984B16EFA81924BE646
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2F162.55.38.158
Frame ID: 6F55350FA86A9A6E49E0319895109774
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB768968B9EB489192FB1073E1536849
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2BB146A8C600C912BE18288B2FB0522
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: C3307FECCAE85F4A2094EE3B374DFE4C
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: 432BDE770BFEB8F9A4471141946FB3E0
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

au.lif.co.id | Get today's headlines and news

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

97
Requests

78 %
HTTPS

28 %
IPv6

48
Domains

64
Subdomains

47
IPs

11
Countries

1809 kB
Transfer

3154 kB
Size

64
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 43
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 51
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301642401751EF9C6538F4C5E2B708 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=d58ce8d8-d407-430f-881f-a5dc9e7df5a4&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0c6c51e07cb0e26746a591e19a6063b1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=571f689c8a9be2906f062995f92d78f2 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ee2b7528189e4944 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332
Request Chain 57
  • https://um.simpli.fi/lj_match?r=76619 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6
Request Chain 58
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c HTTP 303
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c&_li_chk=true&previous_uuid=b93620508ae943fa98d89cefbebaef8b HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Request Chain 59
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60 HTTP 303
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60&_li_chk=true&previous_uuid=4b9311ece5534cf3af29171a6dc24e43 HTTP 303
  • https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60
Request Chain 60
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=44819137d377a11df2fdeb60&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=96506 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=44819137d377a11df2fdeb60&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=96506&_expected_cookie=587661effb67613db1149e96b055c81c HTTP 302
  • https://ce.lijit.com/merge?pid=5014&3pid=587661effb67613db1149e96b055c81c
Request Chain 72
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=571f689c8a9be2906f062995f92d78f2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=571f689c8a9be2906f062995f92d78f2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0f707d79-fa2e-4579-8f8d-4da8ab4bf4fe
Request Chain 74
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=571f689c8a9be2906f062995f92d78f2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=571f689c8a9be2906f062995f92d78f2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80029873466841670373130031826626971547
Request Chain 78
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=571f689c8a9be2906f062995f92d78f2 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1 HTTP 302
  • https://stags.bluekai.com/site/51557?id=c:ac4520dfb4b0acf0e1e5e0620876b0c4&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=122&cm=$_BK_UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:ac4520dfb4b0acf0e1e5e0620876b0c4&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1642401755&ip=31.204.145.171&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D164550204034000877295 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=164550204034000877295 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:ac4520dfb4b0acf0e1e5e0620876b0c4/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=571f689c8a9be2906f062995f92d78f2 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1
Request Chain 81
  • https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-34994e28-5115-45ad-6b4b-786bd3eda507$ip$31.204.145.171
Request Chain 82
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=73ba981b-5eba-4b99-a4c3-04b5548aa078
Request Chain 83
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=a1e461e5-0fd9-4300-9b6e-d779120608dc
Request Chain 84
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50
Request Chain 86
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YeUP2QAGOsvsywAm HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YeUP2QAGOsvsywAm&_test=YeUP2QAGOsvsywAm
Request Chain 90
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/571f689c8a9be2906f062995f92d78f2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://d4074332597254059878-t8715299750138243503.id.amgdgt.com/r/telco/tuid/8715299750138243503/duid/4074332597254059878/url/https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10915%2Ftp%3DTRNN%2Ftpid%3D8715299750138243503 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8715299750138243503
Request Chain 91
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=271606811%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D271606811%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=271606811/tpid=7456183828664835625/tp=ANXS

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
162.55.38.158/
28 KB
7 KB
Document
General
Full URL
https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
faefcb02e812eef2b8df207c9359297415ba4258fe4cb9d2002de21598cf9de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
nginx
date
Mon, 17 Jan 2022 06:42:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip
g44l3.css
au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/
78 KB
13 KB
Stylesheet
General
Full URL
https://au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/g44l3.css
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
4e431b97308b9410e643f34760001835b987e8ceff7a8c4e96b1e2915f1b0a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:28 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:46:53 GMT
server
nginx
etag
W/"6144b86d-139e3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:28 GMT
css
fonts.googleapis.com/
26 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 06:42:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 06:42:27 GMT
g44l3.css
au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/
179 KB
38 KB
Stylesheet
General
Full URL
https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/g44l3.css
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
8cafaaa832d1a44fcd5bc9ef333879f4bd0c65b26908da587e38bedb7058aea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:28 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:46:53 GMT
server
nginx
etag
W/"6144b86d-2cdf0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:28 GMT
g44l4.js
au.lif.co.id/wp-content/cache/wpfc-minified/erpcz7to/
117 KB
46 KB
Script
General
Full URL
https://au.lif.co.id/wp-content/cache/wpfc-minified/erpcz7to/g44l4.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
791c8cb7086c4f68eba4d5c772fe7223b51fc9d927c57da9082a7fe32d9aba5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:28 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:46:54 GMT
server
nginx
etag
W/"6144b86e-1d5a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e3d83ed962fa4155e1f6e687d049d92068fe023ef6b733184438d3f50d80129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51974
x-xss-protection
0
server
cafe
etag
11442925297428916984
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:30 GMT
aa3c3a5453d531faab26ee3bee55094c.jpg
i.pinimg.com/originals/aa/3c/3a/
201 KB
201 KB
Image
General
Full URL
https://i.pinimg.com/originals/aa/3c/3a/aa3c3a5453d531faab26ee3bee55094c.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5232670299a2372dd70a4abd1c4bac640d200d34460cd46f138b5afed1d0f7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"6f30611f0837b2e5356fd43767f069b7"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401749998
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2780f5-NRT
content-length
205870
origin-latency
199
server
cloudflare
de00fd06aaa44f61968ef495244445ed.jpg
i.pinimg.com/originals/de/00/fd/
72 KB
72 KB
Image
General
Full URL
https://i.pinimg.com/originals/de/00/fd/de00fd06aaa44f61968ef495244445ed.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8b8cfaa2d33ee025e06b28e0f74a387446d420161e0b17315ceb4bdaef79f2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"f3d547203a05fa6bea93552aad86bd8b"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401749996
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2980f5-NRT
content-length
73680
origin-latency
189
server
cloudflare
3705570f85fdf16f7d14bc29f9b23eae.jpg
i.pinimg.com/originals/37/05/57/
99 KB
99 KB
Image
General
Full URL
https://i.pinimg.com/originals/37/05/57/3705570f85fdf16f7d14bc29f9b23eae.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936e06681b89a3b9aae1a8ec8bdf62e197e5a01fb1c962dff547455495d0eefe

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"abf22d76815a5df0465268091ce47cfd"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401750003
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2e80f5-NRT
content-length
101192
origin-latency
194
server
cloudflare
1eee46774cc7f3690d4dfa2a51ac1599.jpg
i.pinimg.com/originals/1e/ee/46/
155 KB
155 KB
Image
General
Full URL
https://i.pinimg.com/originals/1e/ee/46/1eee46774cc7f3690d4dfa2a51ac1599.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af4680a9dd588d9c5e4a30598d79a58ef9ecbc08a163d6e6bfa24f14e6c522e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"c8f4c6d0e9565d1d8ed1e73afc72819e"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401749997
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2a80f5-NRT
content-length
158587
origin-latency
203
server
cloudflare
8b14222cedf294752d61f4e2c4fc996a.jpg
i.pinimg.com/originals/8b/14/22/
244 KB
244 KB
Image
General
Full URL
https://i.pinimg.com/originals/8b/14/22/8b14222cedf294752d61f4e2c4fc996a.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885433a1ede80712f74671694bc53a428403f1dcc13e25d9a1ebe44931f9c3ab

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"6a8a2ee91494cb860bab7fa0863163ff"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401750000
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2b80f5-NRT
content-length
249552
origin-latency
199
server
cloudflare
c635c1aeba6159d909b86d2e10cfced1.jpg
i.pinimg.com/originals/c6/35/c1/
140 KB
141 KB
Image
General
Full URL
https://i.pinimg.com/originals/c6/35/c1/c635c1aeba6159d909b86d2e10cfced1.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a46535117eafe2df691eaca1b4625026736433b7ed1079a79aba9b755e41db2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"081d6ac94d3798ba364825bb6c53ef1f"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401750001
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2d80f5-NRT
content-length
143668
origin-latency
197
server
cloudflare
03f949f209ffb7ba6142fba74d372e8e.jpg
i.pinimg.com/originals/03/f9/49/
105 KB
105 KB
Image
General
Full URL
https://i.pinimg.com/originals/03/f9/49/03f949f209ffb7ba6142fba74d372e8e.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6dfc139242c02667a86696f5ffc45a35d2f0c9f55890e2ea06c20679ccaca7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"fd0b6cf5664c5a370f7fa071b671d235"
x-cdn
cloudflare
edge-start
1642401749997
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f1f80f5-NRT
content-length
107694
origin-latency
192
server
cloudflare
b9fbe3084c470ab823729e64205e2171.jpg
i.pinimg.com/originals/b9/fb/e3/
18 KB
18 KB
Image
General
Full URL
https://i.pinimg.com/originals/b9/fb/e3/b9fbe3084c470ab823729e64205e2171.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1760320459ed7fb62c0ad79c080dc84ef7d23f8396cdff2a51d9d34db6e9cc

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"be93770e538cb8890f4e1efc0a5c1a29"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401750002
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2480f5-NRT
content-length
18726
origin-latency
188
server
cloudflare
9d07dc2778bc87d2a4b77f61a4224d20.jpg
i.pinimg.com/736x/9d/07/dc/
33 KB
34 KB
Image
General
Full URL
https://i.pinimg.com/736x/9d/07/dc/9d07dc2778bc87d2a4b77f61a4224d20.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320421b843e36e6f3fc32b30e09d27e3cbc409acf6c9ae97df1efb791fa8ed10

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"4ecce5066d318c4ddc8ed94b5f380995"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401749995
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2580f5-NRT
content-length
34015
origin-latency
187
server
cloudflare
a1f1bc8fa46e365d0d63c45d32632e2d.jpg
i.pinimg.com/474x/a1/f1/bc/
25 KB
25 KB
Image
General
Full URL
https://i.pinimg.com/474x/a1/f1/bc/a1f1bc8fa46e365d0d63c45d32632e2d.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cfa05f3e97ea532f92baaf54026389ac88864d2839e98dcd03d6735e196d360

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
etag
"5280617e9bec59813d3a1a4c64e6264b"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
1642401749999
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ced9a997f2280f5-NRT
content-length
25506
origin-latency
195
server
cloudflare
zb.js
au.lif.co.id/wp-content/plugins/zerobounce/res/js/
238 B
451 B
Script
General
Full URL
https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
48278256ddcfe26a0ff820c23771028804c3eb712e6329f939993f8b505648d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:29 GMT
last-modified
Mon, 08 Feb 2021 18:15:50 GMT
server
nginx
etag
"60217fd6-ee"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
238
expires
Mon, 17 Jan 2022 18:42:29 GMT
jsscript.min.js
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/
45 KB
14 KB
Script
General
Full URL
https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/jsscript.min.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
c59450d753faa88015a67dcbe38fc265d60f1c220086bc2fddb6572bd4aa111c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 22:24:08 GMT
server
nginx
etag
W/"5fdd2c08-b3f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:30 GMT
rating.js
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/
1 KB
839 B
Script
General
Full URL
https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/rating.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
2636d17b8f17ecca666a78942cf022a5301d69c514abbdd242e01e4390d8287d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 22:24:08 GMT
server
nginx
etag
W/"5fdd2c08-456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:30 GMT
custom.main.js
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/
2 KB
1 KB
Script
General
Full URL
https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
0276c1ed6244ebd50f0467edb6836ab0673002c37374929442f7b94548f9c90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 22:24:08 GMT
server
nginx
etag
W/"5fdd2c08-747"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:30 GMT
wp-embed.min.js
au.lif.co.id/wp-includes/js/
1 KB
1002 B
Script
General
Full URL
https://au.lif.co.id/wp-includes/js/wp-embed.min.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 23:09:31 GMT
server
nginx
etag
W/"60a6ec2b-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:30 GMT
image.js
au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/
2 KB
893 B
Script
General
Full URL
https://au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/image.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:13:10 GMT
server
nginx
etag
W/"6144b086-8df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 18:42:30 GMT
js15_as.js
s10.histats.com/
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:39:16 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
462848817
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://162.55.38.158
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 04:09:08 GMT
x-content-type-options
nosniff
age
441201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 04:09:08 GMT
fontawesome-webfont.woff
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/
0
0

admin-ajax.php
au.lif.co.id/wp-admin/
7 KB
3 KB
Script
General
Full URL
https://au.lif.co.id/wp-admin/admin-ajax.php?action=zbjs&task=getjs&md5=cb27f3b10a6114b9b8c84722545b75c8
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
85644de7b8a129b7eb64cc67de5e4a44507b969b9b8df4554344f531f6ab108e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:32 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=31536000
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/
279 KB
100 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84e8836e127269db6e1a536ce861af45998f1c41086eedad887dc869cfbc9b03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102649
x-xss-protection
0
server
cafe
etag
11522246487682344354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 51FF
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Sun, 16 Jan 2022 07:11:22 GMT
expires
Sun, 30 Jan 2022 07:11:22 GMT
cache-control
public, max-age=1209600
age
84668
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
213 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=162.55.38.158&callback=_gfp_s_&client=ca-pub-2549139592322417
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e4aa9a3afe0ffbe2e511710c6a6aef442bcb77ee654b4c0a26be2e3c0012fc88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=162.55.38.158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=162.55.38.158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A522
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642401750&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750191&bpp=6&bdt=2892&idt=169&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&correlator=6776621832809&frm=20&pv=2&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=kGH36NjUnM&p=https%3A//162.55.38.158&dtd=197
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 17 Jan 2022 06:42:30 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 668F
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642401750&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750197&bpp=1&bdt=2899&idt=205&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=6776621832809&frm=20&pv=1&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5qbVk2XN8d&p=https%3A//162.55.38.158&dtd=208
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 17 Jan 2022 06:42:30 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 777B
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1642401750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F162.55.38.158%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750429&bpp=1&bdt=3130&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=6776621832809&frm=20&pv=1&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 17 Jan 2022 06:42:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Jan 2022 06:42:30 GMT
cache-control
private
0.php
s4.histats.com/stats/
378 B
513 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1642401750503&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-134348521&@b3:1642401751&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F162.55.38.158%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
97879368668220869e85eed705c00152a69fb2f971eca7639bdb937ce1e0cdd2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:30 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
fontawesome-webfont.ttf
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/
0
0

/
e.dtscout.com/e/
8 KB
8 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1642401750503&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-134348521&@b3:1642401751&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F162.55.38.158%2F&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2e740c29d4d0ab6adb705e4e057d21738d154185692ab87efccaa03ecf17cd5c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:31 GMT
X-T
0.611
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl3
Expires
Mon, 17 Jan 2022 06:42:30 GMT
/
t.dtscout.com/idg/ Frame 347F
1 KB
756 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=4C301642401751EF9C6538F4C5E2B708
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
18dc466ce0ec855555c2346a7d7670dc81b20d1801742e1625dbd123d663eac3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Mon, 17 Jan 2022 06:42:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Mon, 17 Jan 2022 06:42:31 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.174.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-174-126.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
23290
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e0932ee9165a87507af20178961672a8.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 17 Jan 2022 00:14:21 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
eYk7-LWWKVmIfTsY7nR0tNA0idtxrg_z39iUfHPrGFj62MT5-8JJvg==
/
t.dtscout.com/pv/
50 B
318 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=162.55.38.158&_ss=5smue73sik&_pv=1&_ls=0&_u1=1&_u3=1&_cc=jp&_pl=d&_cbid=4ros&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3163187.ip-51-89-99.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
25e2630ca612862bbb88c95a233eaf44527a003918939838b86ec17baf60b5f1

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:32 GMT
X-T
0.151
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Mon, 17 Jan 2022 06:42:31 GMT
/
onetag-geo.s-onetag.com/
535 B
951 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.210.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-210-128.nrt57.r.cloudfront.net
Software
/
Resource Hash
e725e43a8e0661261ff8f16ce5d21d2c4b56c0e7a5c7fcee62fe439ef66ee813

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:32:36 GMT
via
1.1 ca1bfbfd9295e7865d816048e88d6b34.cloudfront.net (CloudFront), 1.1 64618c6fa2df73b8c6d133461d99921a.cloudfront.net (CloudFront)
age
25795
x-amzn-requestid
d208f14c-510c-485b-bd89-11e54cfbf2ae
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
NRT57-C3, NRT57-C2
x-amz-apigw-id
MD-rLHvDCYcFzlQ=
content-length
535
x-amz-cf-id
wEAj8Nmj8uDXNvtaC-WOslhl0_IIwdpc9-uyT8WcVEH-NZroLzISdA==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
837 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.174.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-174-15.nrt57.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:32:36 GMT
content-encoding
gzip
server
restify
age
25796
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://162.55.38.158
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
edvCSOfgV-crxpNX1WsfHmq8fDKDuBo3PA7d9spjQydcyLPDqMtZjA==
via
1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
dataBeacons.min.js
data-beacons.s-onetag.com/
6 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.9.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-9-79.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 16:31:37 GMT
server
AmazonS3
age
4019
etag
W/"5ff42869b876a4eddafd981cab0b8818"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 17 Jan 2022 05:46:12 GMT
x-amz-cf-pop
NRT57-C1
x-amz-cf-id
TXdtiXwVyXnXpyPYyrurr0UkPP4euoocOEDKhAsV4f_wuspeQQz3bw==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
461 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
dd174a053ba0b1d891c79b0128fb1319d3392eca79e328e51f98b1a345c98728

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Mon, 17 Jan 2022 06:42:32 GMT
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
461 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
ae9dbd66b043c2ee80d51f404e14a46bdaaeb1226b9279cd95cb40057f11b7a8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Mon, 17 Jan 2022 06:42:32 GMT
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f9d1e4907d525cef1b00e516678546f1b0d3671cbe88a398e3ffa4f98d911d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 06:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8640
x-xss-protection
0
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f05a:100:face:b00c:0:3 Tai Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f11f07221b78ab7a615b435d83b839a82df475d92e914a2ffa23ada386b7787b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AXiD62mYHWPfToBb7FhzzA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 17 Jan 2022 06:45:21 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1683
x-fb-rlafr
0
x-fb-debug
gkyyYuZw21eEXCUUabAQJvaqV+GEfJDSsZnyWzOHRUAxAwrq4rHtHmukTS5GhUKd66KIstWJRib+/vEqXp9Awg==
x-fb-trip-id
1679558926
x-fb-content-md5
5285c4ec0df31e5739dcfd640d547c54
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 17 Jan 2022 06:42:32 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a7732cf87400ac1142e24cd47a64ca3f"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
plusone.js
apis.google.com/js/
52 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sSyCWuGZxlEuOaeM15XqZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"c9f5a685272db812846def3c0d393045"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-sSyCWuGZxlEuOaeM15XqZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 17 Jan 2022 06:42:32 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/75BF) /
Resource Hash
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:08:29 GMT
Server
ECS (itm/75BF)
Age
754
Etag
"b607db789ce85f01d2c97329a89acfde+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29153
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
43 KB
14 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.128.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-128-72.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 18:06:22 GMT
content-encoding
gzip
etag
W/"e8e52baa0cf6ccb764f317323674bacd"
last-modified
Mon, 10 Jan 2022 15:33:32 GMT
server
AmazonS3
age
108555
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b34fbbb86a3a9401c6bffb8bf0be4216.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
95K_RRetr3FpKGWu3o5c0TnGhRs4uayp6C0CmVgfXu-Yo95XLfG-QA==
/
t.dtscdn.com/widget/
0
407 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=4C301642401751EF9C6538F4C5E2B708&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F162.55.38.158%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:25:55 GMT
X-T
1.03
x-server
web16.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Mon, 17 Jan 2022 06:25:54 GMT
27675
tags.bluekai.com/site/
62 B
424 B
Image
General
Full URL
https://tags.bluekai.com/site/27675?id=4C301642401751EF9C6538F4C5E2B708&ret=html&phint=__bk_t%3Dau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&phint=__bk_l%3Dhttps%3A%2F%2F162.55.38.158%2F&r=8630960
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.5.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-5-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:32 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
729
Expires
Thu, 01 Dec 1994 16:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301642401751EF9C6538F4C5E2B708
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=d58ce8d8-d407-430f-881f-a5dc9e7df5a4&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0c6c51e07cb0e26746a591e19a6063b1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=571f689c8a9be2906f062995f92d78f2
  • https://spl.zeotap.com/?zdid=1332&zcluid=ee2b7528189e4944
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f...
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://162.55.38.158
access-control-allow-credentials
true
cf-ray
6ced9ab55f6d8a86-NRT
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.128.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-128-72.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://162.55.38.158/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jan 2022 23:32:40 GMT
content-encoding
gzip
age
25793
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 15:33:32 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 772492c3188ef0c45c305606d3205346.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
T8tpvVZ9CYitih2c0ippvaABxscRc-KeaNrZRsC0pivivFUswkrDvA==
data
bcp.crwdcntrl.net/6/
583 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.230.137 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-230-137.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d6a872ce1c1f25d7a2b14204a62fce0f6782de268dccebc15d7d3a70c3099c07

Request headers

Referer
https://162.55.38.158/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 06:42:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://162.55.38.158
cache-control
no-cache
x-server
10.42.19.230
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
583
expires
0
widget_iframe.e37c957bd3ae00473b95800b99e19cff.html
platform.twitter.com/widgets/ Frame 6F55
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2F162.55.38.158
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/75BF) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
380433
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Jan 2022 06:42:32 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Tue, 11 Jan 2022 20:06:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (itm/75BF)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 06:42:32 GMT
all.js
connect.facebook.net/en_US/
285 KB
80 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=f9fea763dc8e8d86fda4cab5bede2f5c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f05a:100:face:b00c:0:3 Tai Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a2d5b37ff35f5a4102174c092cdd4c75fc35439c54b480a5cd88b22f3b91ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://162.55.38.158/
Origin
https://162.55.38.158
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OQvrX2o7cYZnYnKl/hHZjw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 17 Jan 2023 04:07:27 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82088
x-fb-rlafr
0
x-fb-debug
NE/nNcrr/U8yGlRopzI3pPCsJmgy/ILmcNyRUGj66Kq6GJZdC6JXV54FmMHIsoU7MF0/OzXSWCDXmcfawP277A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
166a9ecb481d2c5198a76f3e49788efe
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 06:42:32 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"96b37aa3847b3aee210822700e169aa9"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=76619
  • https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6
0
460 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jan 2022 06:42:33 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 17 Jan 2022 06:42:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 16 Jan 2022 06:42:32 GMT
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c&_li_chk=true&previous_uuid=b93620508ae943fa98d89cefbebaef8b
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
43 B
510 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 17 Jan 2022 06:42:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date
Mon, 17 Jan 2022 06:42:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
59074
i6.liadm.com/