162.55.38.158 Open in urlscan Pro
162.55.38.158  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 43

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 51

• https://pixel.onaudience.com/?partner=137085098&mapped=4C301642401751EF9C6538F4C5E2B708 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=d58ce8d8-d407-430f-881f-a5dc9e7df5a4&icm HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
• https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0c6c51e07cb0e26746a591e19a6063b1 HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://pixel.onaudience.com/?partner=104&icm&cver&mapped=571f689c8a9be2906f062995f92d78f2 HTTP 302
• https://spl.zeotap.com/?zdid=1332&zcluid=ee2b7528189e4944 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332 HTTP 302
• https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332

Request Chain 57

• https://um.simpli.fi/lj_match?r=76619 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6

Request Chain 58

• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c HTTP 303
• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c&_li_chk=true&previous_uuid=b93620508ae943fa98d89cefbebaef8b HTTP 303
• https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 59

• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60 HTTP 303
• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60&_li_chk=true&previous_uuid=4b9311ece5534cf3af29171a6dc24e43 HTTP 303
• https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60

Request Chain 60

• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=44819137d377a11df2fdeb60&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=96506 HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=44819137d377a11df2fdeb60&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=96506&_expected_cookie=587661effb67613db1149e96b055c81c HTTP 302
• https://ce.lijit.com/merge?pid=5014&3pid=587661effb67613db1149e96b055c81c

Request Chain 72

• https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=571f689c8a9be2906f062995f92d78f2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=571f689c8a9be2906f062995f92d78f2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0f707d79-fa2e-4579-8f8d-4da8ab4bf4fe

Request Chain 74

• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=571f689c8a9be2906f062995f92d78f2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=571f689c8a9be2906f062995f92d78f2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80029873466841670373130031826626971547

Request Chain 78

• https://aorta.clickagy.com/pixel.gif?ch=120&cm=571f689c8a9be2906f062995f92d78f2 HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA HTTP 302
• https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1 HTTP 302
• https://stags.bluekai.com/site/51557?id=c:ac4520dfb4b0acf0e1e5e0620876b0c4&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1 HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=122&cm=$_BK_UUID HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:ac4520dfb4b0acf0e1e5e0620876b0c4&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
• https://d.agkn.com/pixel/10751/?che=1642401755&ip=31.204.145.171&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D164550204034000877295 HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=164550204034000877295 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA HTTP 302
• https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1 HTTP 302
• https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:ac4520dfb4b0acf0e1e5e0620876b0c4/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=571f689c8a9be2906f062995f92d78f2 HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA HTTP 302
• https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1

Request Chain 81

• https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
• https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-34994e28-5115-45ad-6b4b-786bd3eda507$ip$31.204.145.171

Request Chain 82

• https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
• https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
• https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=73ba981b-5eba-4b99-a4c3-04b5548aa078

Request Chain 83

• https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
• https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=a1e461e5-0fd9-4300-9b6e-d779120608dc

Request Chain 84

• https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
• https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
• https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50

Request Chain 86

• https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YeUP2QAGOsvsywAm HTTP 302
• https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YeUP2QAGOsvsywAm&_test=YeUP2QAGOsvsywAm

Request Chain 90

• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/571f689c8a9be2906f062995f92d78f2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
• https://d4074332597254059878-t8715299750138243503.id.amgdgt.com/r/telco/tuid/8715299750138243503/duid/4074332597254059878/url/https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10915%2Ftp%3DTRNN%2Ftpid%3D8715299750138243503 HTTP 302
• https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8715299750138243503

Request Chain 91

• https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=271606811%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D271606811%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
• https://sync.crwdcntrl.net/map/c=281/rand=271606811/tpid=7456183828664835625/tp=ANXS

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 162.55.38.158/	28 KB 7 KB	1966ms 1216ms	Document text/html	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash faefcb02e812eef2b8df207c9359297415ba4258fe4cb9d2002de21598cf9de7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers server nginx date Mon, 17 Jan 2022 06:42:26 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000 content-encoding gzip
GET H2	200	g44l3.css au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/	78 KB 13 KB	1084ms 251ms	Stylesheet text/css	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/g44l3.css Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 4e431b97308b9410e643f34760001835b987e8ceff7a8c4e96b1e2915f1b0a03 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:28 GMT content-encoding gzip last-modified Fri, 17 Sep 2021 15:46:53 GMT server nginx etag W/"6144b86d-139e3" vary Accept-Encoding content-type text/css cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:28 GMT
GET H2	200	css fonts.googleapis.com/	26 KB 2 KB	80ms 41ms	Stylesheet text/css	2404:6800:4004:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0 Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 17 Jan 2022 06:42:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 17 Jan 2022 06:42:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 17 Jan 2022 06:42:27 GMT
GET H2	200	g44l3.css au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/	179 KB 38 KB	1586ms 753ms	Stylesheet text/css	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/g44l3.css Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 8cafaaa832d1a44fcd5bc9ef333879f4bd0c65b26908da587e38bedb7058aea4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:28 GMT content-encoding gzip last-modified Fri, 17 Sep 2021 15:46:53 GMT server nginx etag W/"6144b86d-2cdf0" vary Accept-Encoding content-type text/css cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:28 GMT
GET H2	200	g44l4.js Show response au.lif.co.id/wp-content/cache/wpfc-minified/erpcz7to/	117 KB 46 KB	1883ms 1050ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/cache/wpfc-minified/erpcz7to/g44l4.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 791c8cb7086c4f68eba4d5c772fe7223b51fc9d927c57da9082a7fe32d9aba5a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:28 GMT content-encoding gzip last-modified Fri, 17 Sep 2021 15:46:54 GMT server nginx etag W/"6144b86e-1d5a2" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:28 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	146 KB 51 KB	224ms 147ms	Script text/javascript	2404:6800:4004:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e3d83ed962fa4155e1f6e687d049d92068fe023ef6b733184438d3f50d80129 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51974 x-xss-protection 0 server cafe etag 11442925297428916984 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 17 Jan 2022 06:42:30 GMT
GET H2	200	aa3c3a5453d531faab26ee3bee55094c.jpg i.pinimg.com/originals/aa/3c/3a/	201 KB 201 KB	257ms 212ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/aa/3c/3a/aa3c3a5453d531faab26ee3bee55094c.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe5232670299a2372dd70a4abd1c4bac640d200d34460cd46f138b5afed1d0f7 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "6f30611f0837b2e5356fd43767f069b7" cf-bgj h2pri x-cdn cloudflare edge-start 1642401749998 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2780f5-NRT content-length 205870 origin-latency 199 server cloudflare
GET H2	200	de00fd06aaa44f61968ef495244445ed.jpg i.pinimg.com/originals/de/00/fd/	72 KB 72 KB	243ms 198ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/de/00/fd/de00fd06aaa44f61968ef495244445ed.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a8b8cfaa2d33ee025e06b28e0f74a387446d420161e0b17315ceb4bdaef79f2 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "f3d547203a05fa6bea93552aad86bd8b" cf-bgj h2pri x-cdn cloudflare edge-start 1642401749996 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2980f5-NRT content-length 73680 origin-latency 189 server cloudflare
GET H2	200	3705570f85fdf16f7d14bc29f9b23eae.jpg i.pinimg.com/originals/37/05/57/	99 KB 99 KB	257ms 212ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/37/05/57/3705570f85fdf16f7d14bc29f9b23eae.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 936e06681b89a3b9aae1a8ec8bdf62e197e5a01fb1c962dff547455495d0eefe Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "abf22d76815a5df0465268091ce47cfd" cf-bgj h2pri x-cdn cloudflare edge-start 1642401750003 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2e80f5-NRT content-length 101192 origin-latency 194 server cloudflare
GET H2	200	1eee46774cc7f3690d4dfa2a51ac1599.jpg i.pinimg.com/originals/1e/ee/46/	155 KB 155 KB	263ms 218ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/1e/ee/46/1eee46774cc7f3690d4dfa2a51ac1599.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9af4680a9dd588d9c5e4a30598d79a58ef9ecbc08a163d6e6bfa24f14e6c522e Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "c8f4c6d0e9565d1d8ed1e73afc72819e" cf-bgj h2pri x-cdn cloudflare edge-start 1642401749997 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2a80f5-NRT content-length 158587 origin-latency 203 server cloudflare
GET H2	200	8b14222cedf294752d61f4e2c4fc996a.jpg i.pinimg.com/originals/8b/14/22/	244 KB 244 KB	260ms 216ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/8b/14/22/8b14222cedf294752d61f4e2c4fc996a.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 885433a1ede80712f74671694bc53a428403f1dcc13e25d9a1ebe44931f9c3ab Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "6a8a2ee91494cb860bab7fa0863163ff" cf-bgj h2pri x-cdn cloudflare edge-start 1642401750000 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2b80f5-NRT content-length 249552 origin-latency 199 server cloudflare
GET H2	200	c635c1aeba6159d909b86d2e10cfced1.jpg i.pinimg.com/originals/c6/35/c1/	140 KB 141 KB	259ms 215ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/c6/35/c1/c635c1aeba6159d909b86d2e10cfced1.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a46535117eafe2df691eaca1b4625026736433b7ed1079a79aba9b755e41db2 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "081d6ac94d3798ba364825bb6c53ef1f" cf-bgj h2pri x-cdn cloudflare edge-start 1642401750001 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2d80f5-NRT content-length 143668 origin-latency 197 server cloudflare
GET H2	200	03f949f209ffb7ba6142fba74d372e8e.jpg i.pinimg.com/originals/03/f9/49/	105 KB 105 KB	220ms 203ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/03/f9/49/03f949f209ffb7ba6142fba74d372e8e.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd6dfc139242c02667a86696f5ffc45a35d2f0c9f55890e2ea06c20679ccaca7 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "fd0b6cf5664c5a370f7fa071b671d235" x-cdn cloudflare edge-start 1642401749997 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f1f80f5-NRT content-length 107694 origin-latency 192 server cloudflare
GET H2	200	b9fbe3084c470ab823729e64205e2171.jpg i.pinimg.com/originals/b9/fb/e3/	18 KB 18 KB	224ms 207ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/b9/fb/e3/b9fbe3084c470ab823729e64205e2171.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d1760320459ed7fb62c0ad79c080dc84ef7d23f8396cdff2a51d9d34db6e9cc Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "be93770e538cb8890f4e1efc0a5c1a29" cf-bgj h2pri x-cdn cloudflare edge-start 1642401750002 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2480f5-NRT content-length 18726 origin-latency 188 server cloudflare
GET H2	200	9d07dc2778bc87d2a4b77f61a4224d20.jpg i.pinimg.com/736x/9d/07/dc/	33 KB 34 KB	212ms 195ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/736x/9d/07/dc/9d07dc2778bc87d2a4b77f61a4224d20.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 320421b843e36e6f3fc32b30e09d27e3cbc409acf6c9ae97df1efb791fa8ed10 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "4ecce5066d318c4ddc8ed94b5f380995" cf-bgj h2pri x-cdn cloudflare edge-start 1642401749995 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2580f5-NRT content-length 34015 origin-latency 187 server cloudflare
GET H2	200	a1f1bc8fa46e365d0d63c45d32632e2d.jpg i.pinimg.com/474x/a1/f1/bc/	25 KB 25 KB	227ms 210ms	Image image/jpeg	2606:4700::6812:fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/474x/a1/f1/bc/a1f1bc8fa46e365d0d63c45d32632e2d.jpg Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cfa05f3e97ea532f92baaf54026389ac88864d2839e98dcd03d6735e196d360 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT etag "5280617e9bec59813d3a1a4c64e6264b" cf-bgj h2pri x-cdn cloudflare edge-start 1642401749999 vary Origin, Accept-Encoding content-type image/jpeg cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 6ced9a997f2280f5-NRT content-length 25506 origin-latency 195 server cloudflare
GET H2	200	zb.js Show response au.lif.co.id/wp-content/plugins/zerobounce/res/js/	238 B 451 B	706ms 706ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 48278256ddcfe26a0ff820c23771028804c3eb712e6329f939993f8b505648d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:29 GMT last-modified Mon, 08 Feb 2021 18:15:50 GMT server nginx etag "60217fd6-ee" strict-transport-security max-age=31536000 content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 238 expires Mon, 17 Jan 2022 18:42:29 GMT
GET H2	200	jsscript.min.js Show response au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/	45 KB 14 KB	513ms 513ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/jsscript.min.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash c59450d753faa88015a67dcbe38fc265d60f1c220086bc2fddb6572bd4aa111c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip last-modified Fri, 18 Dec 2020 22:24:08 GMT server nginx etag W/"5fdd2c08-b3f6" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:30 GMT
GET H2	200	rating.js Show response au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/	1 KB 839 B	513ms 512ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/rating.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 2636d17b8f17ecca666a78942cf022a5301d69c514abbdd242e01e4390d8287d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip last-modified Fri, 18 Dec 2020 22:24:08 GMT server nginx etag W/"5fdd2c08-456" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:30 GMT
GET H2	200	custom.main.js Show response au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/	2 KB 1 KB	477ms 474ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 0276c1ed6244ebd50f0467edb6836ab0673002c37374929442f7b94548f9c90b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip last-modified Fri, 18 Dec 2020 22:24:08 GMT server nginx etag W/"5fdd2c08-747" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:30 GMT
GET H2	200	wp-embed.min.js Show response au.lif.co.id/wp-includes/js/	1 KB 1002 B	477ms 474ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-includes/js/wp-embed.min.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip last-modified Thu, 20 May 2021 23:09:31 GMT server nginx etag W/"60a6ec2b-592" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:30 GMT
GET H2	200	image.js Show response au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/	2 KB 893 B	477ms 475ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/image.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip last-modified Fri, 17 Sep 2021 15:13:10 GMT server nginx etag W/"6144b086-8df" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 17 Jan 2022 18:42:30 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	532ms 175ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:39:16 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.122.0/26 etag "-375139978" x-cacheable Matched cache content-type text/javascript x-cdn-pop bhs accept-ranges bytes content-length 4364 x-request-id 462848817
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/	44 KB 44 KB	45ms 2ms	Font font/woff2	2404:6800:4004:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://162.55.38.158 Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 04:09:08 GMT x-content-type-options nosniff age 441201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 12 Jan 2023 04:09:08 GMT
GET		fontawesome-webfont.woff au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/	0 0
GET H2	200	admin-ajax.php Show response au.lif.co.id/wp-admin/	7 KB 3 KB	2436ms 2436ms	Script application/javascript	162.55.38.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://au.lif.co.id/wp-admin/admin-ajax.php?action=zbjs&task=getjs&md5=cb27f3b10a6114b9b8c84722545b75c8 Requested by Host: au.lif.co.id URL: https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.38.55.162.clients.your-server.de Software nginx / Resource Hash 85644de7b8a129b7eb64cc67de5e4a44507b969b9b8df4554344f531f6ab108e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:32 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 strict-transport-security max-age=31536000 x-robots-tag noindex vary Accept-Encoding x-content-type-options nosniff expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/	279 KB 100 KB	78ms 77ms	Script text/javascript	2404:6800:4004:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 84e8836e127269db6e1a536ce861af45998f1c41086eedad887dc869cfbc9b03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102649 x-xss-protection 0 server cafe etag 11522246487682344354 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 17 Jan 2022 06:42:30 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 51FF	11 KB 5 KB	50ms 7ms	Document text/html	2404:6800:4004:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4885 x-xss-protection 0 date Sun, 16 Jan 2022 07:11:22 GMT expires Sun, 30 Jan 2022 07:11:22 GMT cache-control public, max-age=1209600 age 84668 etag 13671712056976469594 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	213 B 642 B	154ms 39ms	Script text/javascript	172.217.31.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=162.55.38.158&callback=_gfp_s_&client=ca-pub-2549139592322417 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.31.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s22-in-f2.1e100.net Software cafe / Resource Hash e4aa9a3afe0ffbe2e511710c6a6aef442bcb77ee654b4c0a26be2e3c0012fc88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 197 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.co.jp/adsid/	107 B 792 B	150ms 38ms	Script application/javascript	2404:6800:4004:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.co.jp/adsid/integrator.js?domain=162.55.38.158 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	146ms 36ms	Script application/javascript	2404:6800:4004:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=162.55.38.158 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 17 Jan 2022 06:42:30 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame A522	603 B 67 B	84ms 48ms	Document text/html	2404:6800:4004:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642401750&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750191&bpp=6&bdt=2892&idt=169&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&correlator=6776621832809&frm=20&pv=2&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=kGH36NjUnM&p=https%3A//162.55.38.158&dtd=197 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Mon, 17 Jan 2022 06:42:30 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 668F	603 B 67 B	69ms 47ms	Document text/html	2404:6800:4004:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642401750&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750197&bpp=1&bdt=2899&idt=205&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=6776621832809&frm=20&pv=1&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5qbVk2XN8d&p=https%3A//162.55.38.158&dtd=208 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Mon, 17 Jan 2022 06:42:30 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 777B	0 19 B	40ms 39ms	Document text/html	2404:6800:4004:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1642401750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F162.55.38.158%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642401750429&bpp=1&bdt=3130&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=6776621832809&frm=20&pv=1&ga_vid=570602285.1642401750&ga_sid=1642401750&ga_hid=2039130215&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064070%2C31064092%2C31063222&oid=2&pvsid=3706734211883063&pem=288&tmod=15&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Mon, 17 Jan 2022 06:42:30 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 17 Jan 2022 06:42:30 GMT cache-control private
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	378 B 513 B	533ms 176ms	Script text/html	192.99.8.28 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1642401750503&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-134348521&@b3:1642401751&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F162.55.38.158%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.8.28 , Canada, ASN16276 (OVH, FR), Reverse DNS ns523448.ip-192-99-8.net Software / Resource Hash 97879368668220869e85eed705c00152a69fb2f971eca7639bdb937ce1e0cdd2 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:30 GMT Connection close Content-Length 378 Content-Type text/html;charset=UTF-8
GET		fontawesome-webfont.ttf au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/	0 0
GET H/1.1	200 OK	/ Show response e.dtscout.com/e/	8 KB 8 KB	720ms 357ms	Script application/javascript	51.161.15.92 OVH
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1642401750503&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-134348521&@b3:1642401751&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F162.55.38.158%2F&@w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns570935.ip-51-161-15.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 2e740c29d4d0ab6adb705e4e057d21738d154185692ab87efccaa03ecf17cd5c Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:31 GMT X-T 0.611 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl3 Expires Mon, 17 Jan 2022 06:42:30 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 347F	1 KB 756 B	777ms 257ms	Document text/html	51.89.99.21 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=4C301642401751EF9C6538F4C5E2B708 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns3163187.ip-51-89-99.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash 18dc466ce0ec855555c2346a7d7670dc81b20d1801742e1625dbd123d663eac3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers Server nginx/1.14.0 (Ubuntu) Date Mon, 17 Jan 2022 06:42:32 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Mon, 17 Jan 2022 06:42:31 GMT Cache-Control no-cache Content-Encoding gzip
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	21ms 3ms	Script text/javascript	13.225.174.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.174.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-174-126.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY content-encoding gzip last-modified Thu, 03 Jun 2021 13:27:46 GMT server AmazonS3 age 23290 etag W/"a1c6ef0f57fd5dc66dd46feb78238adf" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 e0932ee9165a87507af20178961672a8.cloudfront.net (CloudFront) cache-control max-age=86400 date Mon, 17 Jan 2022 00:14:21 GMT x-amz-cf-pop NRT57-C4 x-amz-cf-id eYk7-LWWKVmIfTsY7nR0tNA0idtxrg_z39iUfHPrGFj62MT5-8JJvg==
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 318 B	783ms 260ms	Script application/javascript	51.89.99.21 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=162.55.38.158&_ss=5smue73sik&_pv=1&_ls=0&_u1=1&_u3=1&_cc=jp&_pl=d&_cbid=4ros&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns3163187.ip-51-89-99.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash 25e2630ca612862bbb88c95a233eaf44527a003918939838b86ec17baf60b5f1 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:32 GMT X-T 0.151 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Mon, 17 Jan 2022 06:42:31 GMT
GET H2	200	/ Show response onetag-geo.s-onetag.com/	535 B 951 B	25ms 7ms	Fetch application/json	13.33.210.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.210.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-210-128.nrt57.r.cloudfront.net Software / Resource Hash e725e43a8e0661261ff8f16ce5d21d2c4b56c0e7a5c7fcee62fe439ef66ee813 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 16 Jan 2022 23:32:36 GMT via 1.1 ca1bfbfd9295e7865d816048e88d6b34.cloudfront.net (CloudFront), 1.1 64618c6fa2df73b8c6d133461d99921a.cloudfront.net (CloudFront) age 25795 x-amzn-requestid d208f14c-510c-485b-bd89-11e54cfbf2ae x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop NRT57-C3, NRT57-C2 x-amz-apigw-id MD-rLHvDCYcFzlQ= content-length 535 x-amz-cf-id wEAj8Nmj8uDXNvtaC-WOslhl0_IIwdpc9-uyT8WcVEH-NZroLzISdA==
GET H2	200	EU Show response onetag-geo-grouping.s-onetag.com/regionalbloc/	1 KB 837 B	39ms 20ms	Fetch application/json	13.225.174.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.174.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-174-15.nrt57.r.cloudfront.net Software restify / Resource Hash 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 16 Jan 2022 23:32:36 GMT content-encoding gzip server restify age 25796 vary Accept-Encoding,origin x-cache Hit from cloudfront content-type application/json access-control-allow-origin https://162.55.38.158 access-control-expose-headers api-version, content-length, content-md5, content-type, date, request-id, response-time cache-control max-age=86400 x-amz-cf-pop NRT57-C4 x-amz-cf-id edvCSOfgV-crxpNX1WsfHmq8fDKDuBo3PA7d9spjQydcyLPDqMtZjA== via 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	6 KB 2 KB	108ms 4ms	Script text/javascript	13.33.9.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.9.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-9-79.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr content-encoding gzip last-modified Wed, 07 Jul 2021 16:31:37 GMT server AmazonS3 age 4019 etag W/"5ff42869b876a4eddafd981cab0b8818" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront) cache-control max-age=3600 date Mon, 17 Jan 2022 05:46:12 GMT x-amz-cf-pop NRT57-C1 x-amz-cf-id TXdtiXwVyXnXpyPYyrurr0UkPP4euoocOEDKhAsV4f_wuspeQQz3bw==
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 461 B	309ms 107ms	Fetch application/json	209.191.163.208 INTERNAP-BLOCK-4
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol HTTP/1.1 Server 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US), Reverse DNS Software / Resource Hash dd174a053ba0b1d891c79b0128fb1319d3392eca79e328e51f98b1a345c98728 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:32 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://162.55.38.158 Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap2sfo1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61 Redirect headers Date Mon, 17 Jan 2022 06:42:32 GMT Access-Control-Allow-Origin https://162.55.38.158 Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap2sfo1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 461 B	306ms 104ms	Fetch application/json	209.191.163.208 INTERNAP-BLOCK-4
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Requested by Host: 162.55.38.158 URL: https://162.55.38.158/ Protocol HTTP/1.1 Server 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US), Reverse DNS Software / Resource Hash ae9dbd66b043c2ee80d51f404e14a46bdaaeb1226b9279cd95cb40057f11b7a8 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:32 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://162.55.38.158 Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap2sfo1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61 Redirect headers Date Mon, 17 Jan 2022 06:42:32 GMT Access-Control-Allow-Origin https://162.55.38.158 Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap2sfo1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	83ms 47ms	XHR application/json	2404:6800:4004:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4f9d1e4907d525cef1b00e516678546f1b0d3671cbe88a398e3ffa4f98d911d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 17 Jan 2022 06:42:32 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8640 x-xss-protection 0
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	140ms 44ms	Script application/x-javascript	2a03:2880:f05a:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: au.lif.co.id URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f05a:100:face:b00c:0:3 Tai Wan, Hong Kong, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f11f07221b78ab7a615b435d83b839a82df475d92e914a2ffa23ada386b7787b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 AXiD62mYHWPfToBb7FhzzA== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Mon, 17 Jan 2022 06:45:21 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 1683 x-fb-rlafr 0 x-fb-debug gkyyYuZw21eEXCUUabAQJvaqV+GEfJDSsZnyWzOHRUAxAwrq4rHtHmukTS5GhUKd66KIstWJRib+/vEqXp9Awg== x-fb-trip-id 1679558926 x-fb-content-md5 5285c4ec0df31e5739dcfd640d547c54 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 17 Jan 2022 06:42:32 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "a7732cf87400ac1142e24cd47a64ca3f" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	plusone.js Show response apis.google.com/js/	52 KB 21 KB	506ms 395ms	Script application/javascript	2404:6800:4004:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: au.lif.co.id URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-sSyCWuGZxlEuOaeM15XqZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:32 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF cross-origin-opener-policy same-origin etag "c9f5a685272db812846def3c0d393045" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-sSyCWuGZxlEuOaeM15XqZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Mon, 17 Jan 2022 06:42:32 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	96 KB 29 KB	77ms 11ms	Script application/javascript	2606:2800:248:2f:1d8a:787:dc7:17df EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: au.lif.co.id URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (itm/75BF) / Resource Hash 75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:32 GMT Content-Encoding gzip Last-Modified Tue, 11 Jan 2022 20:08:29 GMT Server ECS (itm/75BF) Age 754 Etag "b607db789ce85f01d2c97329a89acfde+gzip" Vary Accept-Encoding x-tw-cdn VZ P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=1800 X-Cache HIT Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Content-Length 29153
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	43 KB 14 KB	19ms 3ms	Script text/javascript	99.84.128.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.128.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-128-72.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 16 Jan 2022 18:06:22 GMT content-encoding gzip etag W/"e8e52baa0cf6ccb764f317323674bacd" last-modified Mon, 10 Jan 2022 15:33:32 GMT server AmazonS3 age 108555 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 b34fbbb86a3a9401c6bffb8bf0be4216.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop NRT57-C3 x-amz-cf-id 95K_RRetr3FpKGWu3o5c0TnGhRs4uayp6C0CmVgfXu-Yo95XLfG-QA==
GET H/1.1	200 OK	/ Show response t.dtscdn.com/widget/	0 407 B	669ms 169ms	Script application/javascript	138.197.56.196 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=4C301642401751EF9C6538F4C5E2B708&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F162.55.38.158%2F&r= Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:25:55 GMT X-T 1.03 x-server web16.ny1.dtscdn.com Cache-Control no-cache Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Expires Mon, 17 Jan 2022 06:25:54 GMT
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 424 B	124ms 110ms	Image image/gif	23.10.5.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=4C301642401751EF9C6538F4C5E2B708&ret=html&phint=__bk_t%3Dau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&phint=__bk_l%3Dhttps%3A%2F%2F162.55.38.158%2F&r=8630960 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.10.5.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-10-5-240.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 17 Jan 2022 06:42:32 GMT P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 62 BK-Server 729 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	mw mwzeom.zeotap.com/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=4C301642401751EF9C6538F4C5E2B708 https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=d58ce8d8-d407-430f-881f-a5dc9e7df5a4&icm https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0c6c51e07cb0e26746a591e19a6063b1 https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://pixel.onaudience.com/?partner=104&icm&cver&mapped=571f689c8a9be2906f062995f92d78f2 https://spl.zeotap.com/?zdid=1332&zcluid=ee2b7528189e4944 https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zclui... https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f...	95 B 164 B	129ms 117ms	Image image/png	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332 Protocol H2 Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:34 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://162.55.38.158 access-control-allow-credentials true cf-ray 6ced9ab55f6d8a86-NRT access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://mwzeom.zeotap.com/mw?google_gid=CAESEA_bnl5EEMd1sqV02UkMzN4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5a88511e-42dc-4b02-70bf-13e864b44b45&reqId=21de57d5-691d-4f09-5dcf-19f93dbfdc0c&zcluid=ee2b7528189e4944&zdid=1332 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 469 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	optimus_rules.json Show response tags.crwdcntrl.net/lt/c/3825/	4 KB 1 KB	12ms 6ms	XHR application/json	99.84.128.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.128.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-128-72.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28 Request headers Referer https://162.55.38.158/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 16 Jan 2022 23:32:40 GMT content-encoding gzip age 25793 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 10 Jan 2022 15:33:32 GMT server AmazonS3 etag W/"6db43f44304c37d76768275ee4f01ba4" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json via 1.1 772492c3188ef0c45c305606d3205346.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop NRT57-C3 x-amz-cf-id T8tpvVZ9CYitih2c0ippvaABxscRc-KeaNrZRsC0pivivFUswkrDvA==
POST H2	200	data Show response bcp.crwdcntrl.net/6/	583 B 1 KB	343ms 127ms	XHR application/json	52.220.230.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/data Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.220.230.137 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-220-230-137.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash d6a872ce1c1f25d7a2b14204a62fce0f6782de268dccebc15d7d3a70c3099c07 Request headers Referer https://162.55.38.158/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:32 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://162.55.38.158 cache-control no-cache x-server 10.42.19.230 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 583 expires 0
GET H/1.1	200 OK	widget_iframe.e37c957bd3ae00473b95800b99e19cff.html Show response platform.twitter.com/widgets/ Frame 6F55	319 KB 103 KB	12ms 12ms	Document text/html	2606:2800:248:2f:1d8a:787:dc7:17df EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2F162.55.38.158 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (itm/75BF) / Resource Hash c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers Content-Encoding gzip Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 380433 Cache-Control public, max-age=315360000 Content-Type text/html; charset=utf-8 Date Mon, 17 Jan 2022 06:42:32 GMT Etag "8321d7cf58d70200c1423dfa0bca40f6+gzip" Last-Modified Tue, 11 Jan 2022 20:06:54 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (itm/75BF) Vary Accept-Encoding X-Cache HIT x-tw-cdn VZ Content-Length 105433
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	216ms 99ms	Script text/javascript	2404:6800:4004:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_fy2019.js?bust=31064092 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 17 Jan 2022 06:42:32 GMT
GET H3	200	all.js Show response connect.facebook.net/en_US/	285 KB 80 KB	92ms 45ms	Script application/x-javascript	2a03:2880:f05a:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=f9fea763dc8e8d86fda4cab5bede2f5c Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f05a:100:face:b00c:0:3 Tai Wan, Hong Kong, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5a2d5b37ff35f5a4102174c092cdd4c75fc35439c54b480a5cd88b22f3b91ac6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://162.55.38.158/ Origin https://162.55.38.158 Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 OQvrX2o7cYZnYnKl/hHZjw== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Tue, 17 Jan 2023 04:07:27 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 82088 x-fb-rlafr 0 x-fb-debug NE/nNcrr/U8yGlRopzI3pPCsJmgy/ILmcNyRUGj66Kq6GJZdC6JXV54FmMHIsoU7MF0/OzXSWCDXmcfawP277A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 166a9ecb481d2c5198a76f3e49788efe cross-origin-opener-policy same-origin-allow-popups date Mon, 17 Jan 2022 06:42:32 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "96b37aa3847b3aee210822700e169aa9" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H/1.1	204 No Content	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match?r=76619 https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6	0 460 B	309ms 103ms	Image text/plain	209.191.163.209 INTERNAP-BLOCK-4
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6 Protocol HTTP/1.1 Server 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 17 Jan 2022 06:42:33 GMT X-MERGE GDPR Optout true Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3sfo1 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Mon, 17 Jan 2022 06:42:32 GMT x-content-type-options nosniff server nginx location https://ce.lijit.com/merge?pid=2&3pid=1BC06E33C23E4FB7BB6322D1DCACD6D6 strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Sun, 16 Jan 2022 06:42:32 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=c36570b5f2c5883707f6f55c&_li_chk=true&previous_uuid=b93620508ae943fa98d89cefbebaef8b https://x.bidswitch.net/sync?dsp_id=42&user_id= https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=	43 B 510 B	79ms 79ms	Image image/gif	35.213.12.39 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id= Protocol HTTP/1.1 Server 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US), Reverse DNS 39.12.213.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:34 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id= Date Mon, 17 Jan 2022 06:42:34 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H/1.1	200 OK	59074 i6.liadm.com/s/ Redirect Chain https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60 https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60&_li_chk=true&previous_uuid=4b9311ece5534cf3af29171a6dc24e43 https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60	43 B 447 B	508ms 167ms	Image image/gif	2600:1f18:444a:4680:469d:1ee7:c700:42a5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60 Protocol HTTP/1.1 Server 2600:1f18:444a:4680:469d:1ee7:c700:42a5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:34 GMT Cache-Control no-store Connection keep-alive trace-id abec3a4d56d8bc36 Content-Length 43 Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/gif Redirect headers Location https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=44819137d377a11df2fdeb60 Date Mon, 17 Jan 2022 06:42:33 GMT Connection keep-alive trace-id db2af215b9e42248 Content-Length 0 Strict-Transport-Security max-age=31536000; includeSubDomains
GET H/1.1	204 No Content	merge ce.lijit.com/ Redirect Chain https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=44819137d377a11df2fdeb60&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=44819137d377a11df2fdeb60&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://ce.lijit.com/merge?pid=5014&3pid=587661effb67613db1149e96b055c81c	0 460 B	311ms 102ms	Image text/plain	209.191.163.209 INTERNAP-BLOCK-4
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=5014&3pid=587661effb67613db1149e96b055c81c Protocol HTTP/1.1 Server 209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 17 Jan 2022 06:42:33 GMT X-MERGE GDPR Optout true Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap3sfo1 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Mon, 17 Jan 2022 06:42:33 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP='NON DSP COR CONi OUR BUS CNT' location https://ce.lijit.com/merge?pid=5014&3pid=587661effb67613db1149e96b055c81c cf-ray 6ced9aabbc0d33f6-NRT content-length 0
GET H2	200	settings Show response syndication.twitter.com/ Frame 6F55	233 B 448 B	117ms 103ms	Fetch application/json	104.244.42.200 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=3259bba9b30fcf566b0f0280d5110bc38325106d Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2F162.55.38.158 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.200 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_m / Resource Hash 2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-response-time 101 date Mon, 17 Jan 2022 06:42:32 GMT content-encoding gzip last-modified Mon, 17 Jan 2022 06:42:32 GMT server tsa_m vary Origin strict-transport-security max-age=631138519 content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com cache-control must-revalidate, max-age=600 access-control-allow-credentials true x-connection-hash a69ab721cac629563436212ef21ab4128108a5523e36cd2d1eafb26fd5b7ad38 content-length 167
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB76	13 KB 5 KB	41ms 2ms	Document text/html	2404:6800:4004:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sun, 16 Jan 2022 14:28:11 GMT expires Mon, 16 Jan 2023 14:28:11 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 58461 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame B2BB	783 B 1 KB	76ms 38ms	Document text/html	2404:6800:4004:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c998f8a8381443bc71d71dd56a0bd2561dbb83c93dcbc18845506f6e9aed803b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-+acbybtLm6SK1Pf7nR2asg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Mon, 17 Jan 2022 06:42:32 GMT date Mon, 17 Jan 2022 06:42:32 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-+acbybtLm6SK1Pf7nR2asg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 511 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	a a.dtssrv.com/	0 575 B	221ms 198ms	Ping text/html	2606:4700:3032::ac43:dc33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/a?i=4C301642401751EF9C6538F4C5E2B708&k=lotpano&v=9e743f8d9a92c66388d04411a0b616d53938fbbfddbfa8031aa811c413726951 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://162.55.38.158/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 17 Jan 2022 06:42:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INToMj%2BjVqmpy4gp%2F6SQUkBB5wmh12O5lJAOrjTGpv%2FW%2BGxosgX5nu%2FpsJ%2FCObhNx2jKjioDk8HyCBffck9LnI2PgRWO03Kttufv7fusqTeDOT5NdGklXLoVdDWGS3ZpMyb42zbySjBE1MA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 6ced9aac1ac98a7b-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	lt.iframe.html Show response tags.crwdcntrl.net/lt/shared/2/ Frame C330	2 KB 1 KB	2ms 2ms	Document text/html	99.84.128.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.128.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-128-72.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ Response headers content-type text/html last-modified Mon, 01 Feb 2021 20:35:17 GMT x-amz-server-side-encryption AES256 server AmazonS3 content-encoding gzip date Sun, 16 Jan 2022 18:08:45 GMT cache-control max-age: 86400 etag W/"6fcf4f5197ab24c92d090f6ac8d87e01" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 b34fbbb86a3a9401c6bffb8bf0be4216.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-C3 x-amz-cf-id JSEnHbteK-gR7-O4qjAF8X0_N1Mi5coYXSey506LwJ59seGFcDmeBA== age 81722
GET H2	200	pixels Show response bcp.crwdcntrl.net/ Frame 432B	4 KB 4 KB	75ms 74ms	Document text/html	52.220.230.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.220.230.137 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-220-230-137.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 8e1013fd230e20cdb1ec445a09e97d224fff8d40c664954f05fea67a1454d07e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Referer https://tags.crwdcntrl.net/ Response headers date Mon, 17 Jan 2022 06:42:33 GMT content-type text/html content-length 3793 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.42.7.169 server Jetty(9.4.38.v20210224)
GET H3	200	u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response pagead2.googlesyndication.com/bg/ Frame DB76	35 KB 13 KB	4ms 3ms	Script text/javascript	2404:6800:4004:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 21:24:38 GMT content-encoding br x-content-type-options nosniff age 206275 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13653 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Jan 2023 21:24:38 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame B2BB	0 0	44ms 44ms	Image text/html	2404:6800:4004:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=3706734211883063&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	200 OK	/ wt.rqtrk.eu/ Frame 432B	43 B 356 B	782ms 256ms	Image image/gif	51.75.146.161 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=649256777&gdpr=1&gdpr_consent=&gdpr_pd=0&uid=571f689c8a9be2906f062995f92d78f2 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.75.146.161 , France, ASN16276 (OVH, FR), Reverse DNS de04.roqad.pl Software openresty / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 17 Jan 2022 06:42:33 GMT Server openresty P3P CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA" Cache-Control no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 17 Jan 2022 06:42:32 GMT
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 432B	70 B 265 B	18ms 4ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	ltm audex.userreport.com/sync/put/ Frame 432B	43 B 433 B	259ms 229ms	Image image/gif	13.225.174.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://audex.userreport.com/sync/put/ltm?ltmid=571f689c8a9be2906f062995f92d78f2 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.174.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-174-47.nrt57.r.cloudfront.net Software nginx/1.18.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:33 GMT Via 1.1 d9419923eb3408bac80dd7ab2b11dc9e.cloudfront.net (CloudFront) Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx/1.18.0 X-Amz-Cf-Pop NRT57-C4 X-Cache Miss from cloudfront Content-Type image/gif Connection keep-alive Content-Length 43 X-Amz-Cf-Id yM3IXtz91rbIR1Ango_iGuUVpQNoHhXF_pXsyLbkjVCTf3iCEj_5-g==
GET H2	200	tpid=0f707d79-fa2e-4579-8f8d-4da8ab4bf4fe sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 432B Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=571f689c8a9be2906f062995f92d78f2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=571f689c8a9be2906f062995f92d78f2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA... https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0f707d79-fa2e-4579-8f8d-4da8ab4bf4fe	49 B 265 B	233ms 79ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0f707d79-fa2e-4579-8f8d-4da8ab4bf4fe Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.14.201 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0f707d79-fa2e-4579-8f8d-4da8ab4bf4fe date Mon, 17 Jan 2022 06:42:33 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	403	sync.gif dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 432B	0 0	29ms 11ms	Image text/html	104.16.111.154 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.111.154 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H2	200	tpid=80029873466841670373130031826626971547 sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 432B Redirect Chain https://dpm.demdex.net/ibs:dpid=121998&dpuuid=571f689c8a9be2906f062995f92d78f2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=571f689c8a9be2906f062995f92d78f2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80029873466841670373130031826626971547	49 B 266 B	154ms 78ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80029873466841670373130031826626971547 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.10.129 content-type image/gif content-length 49 expires 0 Redirect headers DCS dcs-prod-tyo3-1-v024-0f6d31cb8.edge-tyo3.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID JbmnEm4mRPk= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80029873466841670373130031826626971547 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	identity c.cintnetworks.com/ Frame 432B	0 328 B	266ms 190ms	Image text/plain	13.78.59.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.cintnetworks.com/identity?a=5461&id=Lotame:571f689c8a9be2906f062995f92d78f2 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.78.59.237 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:32 GMT Vary Origin P3P CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info." Arr-Disable-Session-Affinity true Cache-Control max-age=60, private, must-revalidate Access-Control-Allow-Credentials true Keep-Alive timeout=5 Content-Length 0
GET H/1.1	200 OK	lotame sync.sharethis.com/ Frame 432B	42 B 232 B	452ms 110ms	Image image/gif	52.9.92.170 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/lotame?uid=571f689c8a9be2906f062995f92d78f2&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.9.92.170 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-92-170.us-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:33 GMT Connection keep-alive Content-Length 42 Strict-Transport-Security max-age=63072000; includeSubDomains; Content-Type image/gif
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 432B	0 338 B	403ms 129ms	Image text/plain	52.88.143.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=571f689c8a9be2906f062995f92d78f2 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.143.200 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-143-200.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:33 GMT cache-control private, no-cache, no-store x-request-time D=27 t=1642401753 x-served-by beacon-n017-pdx-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET		pixel.gif aorta.clickagy.com/ Frame 432B Redirect Chain https://aorta.clickagy.com/pixel.gif?ch=120&cm=571f689c8a9be2906f062995f92d78f2 https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1 https://stags.bluekai.com/site/51557?id=c:ac4520dfb4b0acf0e1e5e0620876b0c4&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1 https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=122&cm=$_BK_UUID https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:ac4520dfb4b0acf0e1e5e0620876b0c4&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D https://d.agkn.com/pixel/10751/?che=1642401755&ip=31.204.145.171&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D164550204034000877295 https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=164550204034000877295 https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1 https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:ac4520dfb4b0acf0e1e5e0620876b0c4/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=571f689c8a9be2906f062995f92d78f2 https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphYzQ1MjBkZmI0YjBhY2YwZTFlNWUwNjIwODc2YjBjNA https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1	0 0
GET		image.sbxx global.ib-ibi.com/ Frame 432B	0 0
GET H/1.1	200 OK	utsync.ashx ml314.com/ Frame 432B	43 B 422 B	138ms 33ms	Image image/gif	52.78.12.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=50146&et=0&fp=571f689c8a9be2906f062995f92d78f2&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.78.12.132 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-78-12-132.ap-northeast-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 17 Jan 2022 06:42:32 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Tue, 18 Jan 2022 01:42:33 GMT
GET H2	200	tpid=0-34994e28-5115-45ad-6b4b-786bd3eda507$ip$31.204.145.171 bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 432B Redirect Chain https://sync.srv.stackadapt.com/sync?nid=lotame https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-34994e28-5115-45ad-6b4b-786bd3eda507$ip$31.204.145.171	49 B 265 B	80ms 79ms	Image image/gif	52.220.230.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-34994e28-5115-45ad-6b4b-786bd3eda507$ip$31.204.145.171 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.220.230.137 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-220-230-137.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.20.136 content-type image/gif content-length 49 expires 0 Redirect headers Location https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-34994e28-5115-45ad-6b4b-786bd3eda507$ip$31.204.145.171 Date Mon, 17 Jan 2022 06:42:34 GMT Connection keep-alive Content-Length 129 Content-Type text/html; charset=utf-8
GET H2	200	tpid=73ba981b-5eba-4b99-a4c3-04b5548aa078 bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 432B Redirect Chain https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=73ba981b-5eba-4b99-a4c3-04b5548aa078	49 B 264 B	79ms 78ms	Image image/gif	52.220.230.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=73ba981b-5eba-4b99-a4c3-04b5548aa078 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 52.220.230.137 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-220-230-137.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.1.121 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server Apache-Coyote/1.1 location https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=73ba981b-5eba-4b99-a4c3-04b5548aa078 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 x-xss-protection 1; mode=block expires 0
GET H2	200	qmap sync.crwdcntrl.net/ Frame 432B Redirect Chain https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=a1e461e5-0fd9-4300-9b6e-d779120608dc	49 B 264 B	78ms 78ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=a1e461e5-0fd9-4300-9b6e-d779120608dc Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.1.167 content-type image/gif content-length 49 expires 0 Redirect headers Date Mon, 17 Jan 2022 06:42:33 GMT Server MT3 4133 baa842e master hkg-pixel-x19 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=a1e461e5-0fd9-4300-9b6e-d779120608dc Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Mon, 17 Jan 2022 06:42:32 GMT
GET H2	200	tpid=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 432B Redirect Chain https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50	49 B 264 B	82ms 82ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.7.169 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e021b6e0-a984-453e-9133-c4a18c3c9cc4-61e50fda-4a50 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.1	204 No Content	token token.rubiconproject.com/ Frame 432B	0 214 B	825ms 176ms	Image text/plain	8.39.36.142 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=7&puid=571f689c8a9be2906f062995f92d78f2&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 5e3ed5b16ff95387d0b9d1c5e78ff6a2 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	tpid=YeUP2QAGOsvsywAm&_test=YeUP2QAGOsvsywAm sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 432B Redirect Chain https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YeUP2QAGOsvsywAm https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YeUP2QAGOsvsywAm&_test=YeUP2QAGOsvsywAm	49 B 264 B	131ms 131ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YeUP2QAGOsvsywAm&_test=YeUP2QAGOsvsywAm Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.28.51 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT via 1.1 varnish server Varnish x-timer S1642401754.721449,VS0,VE0 x-served-by cache-itm18833-ITM x-cache HIT location https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YeUP2QAGOsvsywAm&_test=YeUP2QAGOsvsywAm cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 432B	170 B 502 B	148ms 38ms	Image image/png	172.217.175.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.175.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s20-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	5907 tags.bluekai.com/site/ Frame 432B	62 B 615 B	113ms 113ms	Image image/gif	23.10.5.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/5907?limit=0&id=f50c5b7c6bb902a7e6ff2511adabb161 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.10.5.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-10-5-240.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Mon, 17 Jan 2022 06:42:33 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif
GET H2	200	g.json Show response aa.agkn.com/adscores/ Frame 432B	103 B 414 B	24ms 5ms	Script application/json	18.181.17.147 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aa.agkn.com/adscores/g.json?sid=9202507693 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.181.17.147 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-181-17-147.ap-northeast-1.compute.amazonaws.com Software AAWebServer / Resource Hash e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type application/json content-length 103 expires 0
GET H2	200	tpid=8715299750138243503 sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 432B Redirect Chain https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/571f689c8a9be2906f062995f92d78f2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D https://d4074332597254059878-t8715299750138243503.id.amgdgt.com/r/telco/tuid/8715299750138243503/duid/4074332597254059878/url/https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10915%2Ftp%3DTRNN%2Ftpid%3... https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8715299750138243503	49 B 265 B	79ms 79ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8715299750138243503 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.16.223 content-type image/gif content-length 49 expires 0 Redirect headers Location https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8715299750138243503 Pragma no-cache Date Mon, 17 Jan 2022 06:42:33 GMT Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Content-Length 0 Strict-Transport-Security max-age=15768000 P3P policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	tp=ANXS sync.crwdcntrl.net/map/c=281/rand=271606811/tpid=7456183828664835625/ Frame 432B Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=271606811%2Ftpid%3D%24UID%2Ftp%3DANXS https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D271606811%252Ftpid%253D%2524UID%252Ftp%253DANXS https://sync.crwdcntrl.net/map/c=281/rand=271606811/tpid=7456183828664835625/tp=ANXS	49 B 264 B	79ms 79ms	Image image/gif	13.228.181.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=281/rand=271606811/tpid=7456183828664835625/tp=ANXS Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=150%2C116%2C115%2C106%2C104%2C94%2C92%2C81%2C80%2C79%2C78%2C61%2C54%2C50%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825 Protocol H2 Server 13.228.181.101 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-181-101.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:34 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.9.87 content-type image/gif content-length 49 expires 0 Redirect headers Pragma no-cache Date Mon, 17 Jan 2022 06:42:33 GMT X-Proxy-Origin 31.204.145.171; 31.204.145.171; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com AN-X-Request-Uuid ad02e4de-e6a4-471a-8aa6-ca8b6d574594 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.crwdcntrl.net/map/c=281/rand=271606811/tpid=7456183828664835625/tp=ANXS Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.qv6viowpwpE.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOaUfPxgj7Tq1y4CPKAnKfHQ9ZJNQ/	148 KB 51 KB	42ms 3ms	Script text/javascript	2404:6800:4004:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.qv6viowpwpE.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOaUfPxgj7Tq1y4CPKAnKfHQ9ZJNQ/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2b8c98adb1d2f405aa95c776222f4eacb326f0622b1aaaa2dfbdebb70d11eef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 16 Jan 2022 12:26:12 GMT content-encoding gzip x-content-type-options nosniff age 65781 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51833 x-xss-protection 0 last-modified Wed, 01 Dec 2021 04:25:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Mon, 16 Jan 2023 12:26:12 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame DB76	0 9 B	4ms 2ms	Image text/plain	2404:6800:4004:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?QjdcNA Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 06:42:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	2404:6800:4004:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=3706734211883063&bg=!jI-lj8vNAAaocxMpqHM7ACkAdvg8WqDKU0Y-nPfRXEM96yRzL-pzOFmlYL3PoLKdEshbMPPJ_eNGQQIAAABsUgAAAANoAQeZArgDuLC2smnYZyylZDxUUOyDXJ7RWU0vq8Nupo6ib_2AVMV0n0WgUBf11rBzBCWlvkk9Kof_ITW0XgkRcaPeqEfKFQ2jIEea6OJVD0OKmGoX6IB8JceufjO7AuUxeJObUMkIUzy6v8frdNzjBqgYB5QfdRleDKnWoJ4-TokBfKp_rguY11QxMcdD77ALHG1mcQKBiHFuiZBKsZczPvwLN364aIa5EbdioVRMnAa4XqtCQfBJs703gaWIl-ubI7fDtu9eUboAYKWFyWzqNyX30DaawiHhJRj66hagRwAsav9x_yDT2Wmelz1QzXPQKk8HtnX_0Zl1r7mpHCEciWoB5CVztxq5lHIF2NhSs8Fc4jvPCArW-k5pci46ATNocMxEEGOK9udrVqsNRvW-jrhuLJ9KaGiJIgv2IjENExWiKhEbNcjgVwsFKiq7NO8hwSqb8RtjQ4aH8P45We9QqHW-LbXU7lZccetF7jyAF4YINQXwBZJuZKjSQ-LMHNpm-dbbyLqJEMb2xwdlUIpQ3vMLPNdgsjdHWllTW-X9SovXjIccgzrI_sgTCZjjNGGBKvxYchE5x8ysaslt178OFwryYAjSOUkLfL63JbdH5ES9tPml0lLWjVx93qfla2hdQMEnrG7TZv3S1dyUJJ41yzHtu2fNCNKkBqudiQf7A4bwramZHibVkZBJdFkpPWRETzkG1ulu8STloc1dbwoTg3fjgh4mv3xhkL-vTbtX-BoT5pRT-eDETpkR8QFr6xW0kE44F4K5ASQP-SG6e-uuFgH2ahK6y3aotx2aQbLaz6gArTbO9yS_KcMG1VKDYE9RT6lCyVMIjCyulgQArEM0kYM16IvJCd_sYAic2ePIWbFpjn-Z4Jt1lHWfyjchIca6pbtF1odoWqjCbnJGuzLOttLtu2732C-KplTk9f4 Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://162.55.38.158/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 17 Jan 2022 06:42:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	metrics connect-metrics-collector.s-onetag.com/	0 73 B	213ms 71ms	Ping text/plain	99.83.181.31
General Check archive.org Show headers Download Go to Full URL https://connect-metrics-collector.s-onetag.com/metrics Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.181.31 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://162.55.38.158/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Mon, 17 Jan 2022 06:42:42 GMT content-length 0 vary Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

au.lif.co.id

URL

https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/fontawesome-webfont.woff?v=4.0.3

Domain

au.lif.co.id

URL

https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/fontawesome-webfont.ttf?v=4.0.3

Domain

aorta.clickagy.com

URL

https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEIjT4w9v2XzNT--0tKY5onI&google_cver=1

Domain

global.ib-ibi.com

URL

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=571f689c8a9be2906f062995f92d78f2