au.lif.co.id
162.55.38.158

Go To Rescan
Add Verdict Report

URL:
https://au.lif.co.id/
Submission Tags: krdtest
Submission: On July 19 via api (July 19th 2021, 10:46:34 pm UTC) from JP

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 60 HTTP transactions. The main IP is 162.55.38.158, located in Germany and belongs to HETZNER-AS, DE. The main domain is au.lif.co.id.
TLS certificate: Issued by R3 on July 19th 2021. Valid for: 3 months.

This is the only time au.lif.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	162.55.38.158 162.55.38.158	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:6c0... 2a02:26f0:6c00:2a6::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	192.99.8.34 192.99.8.34	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
60	21

13 162.55.38.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.158.38.55.162.clients.your-server.de

au.lif.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:2a6::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.34 (Niagara Falls, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	297 KB
13	lif.co.id au.lif.co.id	187 KB
7	doubleclick.net googleads.g.doubleclick.net	31 KB
7	pinimg.com i.pinimg.com	494 KB
5	google.com 1 redirects adservice.google.com www.google.com apis.google.com	163 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
2	facebook.net connect.facebook.net	69 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	655 B
1	wp.com i2.wp.com	1 MB
1	googleapis.com fonts.googleapis.com	1 KB
60	14

	Domain	Requested by
13	au.lif.co.id	au.lif.co.id
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	i.pinimg.com	au.lif.co.id
7	pagead2.googlesyndication.com	au.lif.co.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
2	platform.twitter.com	au.lif.co.id platform.twitter.com
2	apis.google.com	au.lif.co.id apis.google.com
2	connect.facebook.net	au.lif.co.id connect.facebook.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	syndication.twitter.com	platform.twitter.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	au.lif.co.id
1	i2.wp.com	au.lif.co.id
1	fonts.googleapis.com	au.lif.co.id
60	19

This site contains no links.

Subject Issuer	Validity	Valid
au.lif.co.id R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
histats.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://au.lif.co.id/
Frame ID: 1982A0AA831AFFD3AA899A5D75329410
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: D216B4C3A455EAC5BB6786A9D5FFF563
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98
Frame ID: 0F78264D5165FF491145C8F0657B41C5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795618&bpp=1&bdt=170&idt=109&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3335640630109&frm=20&pv=1&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VaNV88nTVf&p=https%3A//au.lif.co.id&dtd=114
Frame ID: 26B7146E2F421CD7393C788B0BEF8AD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1626734795&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.lif.co.id%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795626&bpp=1&bdt=178&idt=134&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=3335640630109&frm=20&pv=1&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=140
Frame ID: 00972D75AB793D5DCF8CEC313FD34D0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1AAE3E4C645A05FFCAC66D49F95E9F83
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js
Frame ID: ADCAFA95BC6D0534763032954C431855
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fau.lif.co.id
Frame ID: 2A4A5F477B5B067A6ACCEF16D0B11D12
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B8382226F3D8F398C335DCF594FBBE68
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FB0E8516538B1D29DDC1BD52728EDA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

60
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

19
Subdomains

21
IPs

4
Countries

2541 kB
Transfer

3871 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
au.lif.co.id/ 28 KB
7 KB 1102ms
1076ms Document
text/html 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

c1aae5e535a5f98e04dd700409222fd2cff522663c090c33b8cd93d1eaaf6e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: au.lif.co.id
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Mon, 19 Jul 2021 22:46:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip

GET
H2 200 dgrd5.css
au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/ 57 KB
10 KB 14ms
13ms Stylesheet
text/css 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/dgrd5.css

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

875eab035958b7ebd3173d19445ae17afa9b77e659067fa9f093d0917b42b372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/cache/wpfc-minified/knyubath/dgrd5.css
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Sat, 22 May 2021 21:01:29 GMT
server: nginx
etag: W/"60a97129-e260"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 22:25:25 GMT
server: ESF
date: Mon, 19 Jul 2021 22:46:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Jul 2021 22:46:35 GMT

GET
H2 200 dgrd5.css
au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/ 179 KB
38 KB 20ms
19ms Stylesheet
text/css 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/dgrd5.css

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

8cafaaa832d1a44fcd5bc9ef333879f4bd0c65b26908da587e38bedb7058aea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/cache/wpfc-minified/k2u1xmc2/dgrd5.css
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Sat, 22 May 2021 21:01:29 GMT
server: nginx
etag: W/"60a97129-2cdf0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 dgrd5.js Show response
au.lif.co.id/wp-content/cache/wpfc-minified/22c680ik/ 117 KB
46 KB 27ms
26ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/cache/wpfc-minified/22c680ik/dgrd5.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

b355d58d988eeffda5b68a2dbd138c103f57580361573eadc5d2f4b66e872e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/cache/wpfc-minified/22c680ik/dgrd5.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Sat, 22 May 2021 21:01:29 GMT
server: nginx
etag: W/"60a97129-1d589"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48349
x-xss-protection: 0
server: cafe
etag: 2378802026447261366
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Jul 2021 22:46:35 GMT

GET
H2 200 7ac3a22806a1b75ec530f413506e1283.jpg
i.pinimg.com/originals/7a/c3/a2/ 216 KB
216 KB 132ms
114ms Image
image/jpeg 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7a/c3/a2/7ac3a22806a1b75ec530f413506e1283.jpg
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: acd918fab60bd4d01f1b3b5df64d70c705feb862f2c1622c9510548df2f74a94

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d8046a
etag: "699b3e7f22d1b81a76304e062e4e0d97"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 220909

GET
H2 404 search
au.lif.co.id/ 19 KB
19 KB 1343ms
1340ms Image
text/html 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.lif.co.id/search?q=quotes+indonesia&tbm=isch
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.158.38.55.162.clients.your-server.de
Software: nginx /
Resource Hash: d6081fdc0c15e254f8661b839092a65e6b1a13d5b39f7efe44716b43fb45f8a1

Request headers

:path: /search?q=quotes+indonesia&tbm=isch
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://au.lif.co.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 f5c92595ea754349fbcef81a4fcfa817.png
i.pinimg.com/originals/f5/c9/25/ 19 KB
19 KB 184ms
167ms Image
image/png 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/f5/c9/25/f5c92595ea754349fbcef81a4fcfa817.png
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0eff96d38af8b7cec92519f5d782f07c9e8e6e168fb93b0e70334605ece0d778

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d80470
etag: "f04b348839c65d92915d774eb692bc6f"
vary: Origin
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 18978

GET
H2 200 ed1d4bb90f8b68ab55d026829901d19e.png
i.pinimg.com/originals/ed/1d/4b/ 57 KB
57 KB 196ms
179ms Image
image/png 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ed/1d/4b/ed1d4bb90f8b68ab55d026829901d19e.png
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c7730370729040a76deef535ffcd68dcfe08787a608f083223b1eb046829de24

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d80471
etag: "74a170c44af55ad0480828c23bdd788d"
vary: Origin
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 58240

GET
H2 200 232fc5a8e6ae242fbf8adf1006606915.jpg
i.pinimg.com/originals/23/2f/c5/ 100 KB
101 KB 144ms
127ms Image
image/jpeg 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/23/2f/c5/232fc5a8e6ae242fbf8adf1006606915.jpg
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1a573a5e967cfa5db2a53b62598f96aed9705604a6fecc2c0f331b28b6714574

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d80474
etag: "6c2fa72d761f8b35a3ef89618a389929"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 102736

GET
H2 200 The-Amazing-Son-in-Law-Charlie-Wade.png
i2.wp.com/xperimentalhamid.com/wp-content/uploads/2020/09/ 1 MB
1 MB 1034ms
1016ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/xperimentalhamid.com/wp-content/uploads/2020/09/The-Amazing-Son-in-Law-Charlie-Wade.png?fit=1500%2C1200&ssl=1

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f89e8e146057831bb8eed8f3eaa50aca5401be90bb5b3561c089f9ed10958f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Mon, 19 Jul 2021 22:46:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Jul 2021 22:46:36 GMT
server: nginx
etag: "9b83ea450db43e37"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://xperimentalhamid.com/wp-content/uploads/2020/09/The-Amazing-Son-in-Law-Charlie-Wade.png>; rel="canonical"
content-length: 1091482
expires: Thu, 20 Jul 2023 10:46:36 GMT

GET
H2 200 09c2dda7ded455d2b49e2f94bb20c22d.jpg
i.pinimg.com/564x/09/c2/dd/ 31 KB
31 KB 186ms
169ms Image
image/jpeg 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/09/c2/dd/09c2dda7ded455d2b49e2f94bb20c22d.jpg
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb92e21bae70a7d8ae8c4656e24df67d0adb3bef23339e42e3cf93809cbf0431

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d80475
etag: "0a0e179647ca5ba7f69ebef8a665c406"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 31474

GET
H2 200 c21fc5130f7aec74c5ef9d744411a486.png
i.pinimg.com/originals/c2/1f/c5/ 58 KB
58 KB 196ms
180ms Image
image/png 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c2/1f/c5/c21fc5130f7aec74c5ef9d744411a486.png
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 04f8b847be99070b09f7109acc310f7f6d19dedb8a43d2c0f8e4b06ab2a435e2

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d80477
etag: "9d3f9aeb328e40a86d9028c6fad3fb79"
vary: Origin
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 58925

GET
H2 200 944834d852dd0fd694250712edfc2b1e.jpg
i.pinimg.com/474x/94/48/34/ 12 KB
12 KB 181ms
181ms Image
image/jpeg 2a02:26f0:6c00:2a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/474x/94/48/34/944834d852dd0fd694250712edfc2b1e.jpg
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 03c671c0bc58f14a8bd05b8f2deb04f360fc5e965aa57a67c0986df9714a8f13

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.eeba1002.1626734795.10d8047b
etag: "f45c949727adde61b63856bce8c0b535"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 12158

GET
H2 200 zb.js Show response
au.lif.co.id/wp-content/plugins/zerobounce/res/js/ 238 B
451 B 14ms
14ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

48278256ddcfe26a0ff820c23771028804c3eb712e6329f939993f8b505648d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/zerobounce/res/js/zb.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
last-modified: Mon, 08 Feb 2021 18:15:50 GMT
server: nginx
etag: "60217fd6-ee"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 238
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 jsscript.min.js Show response
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/ 45 KB
14 KB 19ms
19ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/jsscript.min.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

c59450d753faa88015a67dcbe38fc265d60f1c220086bc2fddb6572bd4aa111c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/flatsimplebingit/includes/assets/js/jsscript.min.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 22:24:08 GMT
server: nginx
etag: W/"5fdd2c08-b3f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 rating.js Show response
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/ 1 KB
839 B 16ms
12ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/rating.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

2636d17b8f17ecca666a78942cf022a5301d69c514abbdd242e01e4390d8287d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/flatsimplebingit/includes/assets/js/rating.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 22:24:08 GMT
server: nginx
etag: W/"5fdd2c08-456"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 custom.main.js Show response
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/ 2 KB
1 KB 16ms
12ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

0276c1ed6244ebd50f0467edb6836ab0673002c37374929442f7b94548f9c90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 22:24:08 GMT
server: nginx
etag: W/"5fdd2c08-747"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 wp-embed.min.js Show response
au.lif.co.id/wp-includes/js/ 1 KB
1002 B 19ms
15ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-includes/js/wp-embed.min.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 23:09:31 GMT
server: nginx
etag: W/"60a6ec2b-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 image.js Show response
au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
893 B 20ms
17ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/image.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/featured-image-from-url/includes/html/js/image.js
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 22:00:51 GMT
server: nginx
etag: W/"60a6dc13-8df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Tue, 20 Jul 2021 10:46:35 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 33ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:43:59 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 725516805

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://au.lif.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:08:26 GMT
x-content-type-options: nosniff
age: 2289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:08:26 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://au.lif.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 15625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:10 GMT

GET
H2 200 fontawesome-webfont.woff
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/ 43 KB
44 KB 24ms
22ms Font
font/woff 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/dgrd5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
origin: https://au.lif.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
:path: /wp-content/themes/flatsimplebingit/includes/assets/fonts/fontawesome-webfont.woff?v=4.0.3
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: au.lif.co.id
referer: https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/dgrd5.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://au.lif.co.id
Referer: https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/dgrd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
last-modified: Fri, 18 Dec 2020 22:24:08 GMT
server: nginx
etag: "5fdd2c08-ad90"
strict-transport-security: max-age=31536000
content-type: font/woff
accept-ranges: bytes
content-length: 44432

GET
H2 200 admin-ajax.php Show response
au.lif.co.id/wp-admin/ 7 KB
3 KB 2614ms
2614ms Script
application/javascript 162.55.38.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://au.lif.co.id/wp-admin/admin-ajax.php?action=zbjs&task=getjs&md5=cb27f3b10a6114b9b8c84722545b75c8

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.38.55.162.clients.your-server.de

Software

nginx /

Resource Hash

85644de7b8a129b7eb64cc67de5e4a44507b969b9b8df4554344f531f6ab108e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-admin/admin-ajax.php?action=zbjs&task=getjs&md5=cb27f3b10a6114b9b8c84722545b75c8
pragma: no-cache
cookie: X_CACHE_KEY=ace63a13bb0c5555cdc2fe75a9357d94
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.lif.co.id
referer: https://au.lif.co.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 48 B
182 B 309ms
104ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1626734795605&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:192443478&@b3:1626734796&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fau.lif.co.id%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 Niagara Falls, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: d8f2e856c8d7729204f78731e51c1901df0ef7e5266c562ddccb40564cc3d91e

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 22:46:35 GMT
Connection: close
Content-Length: 48
Content-Type: text/html;charset=UTF-8

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ 244 KB
90 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2549139592322417&plah=au.lif.co.id&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Jul 2021 22:46:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame D216 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.lif.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 04:16:37 GMT
expires: Mon, 02 Aug 2021 04:16:37 GMT
content-type: text/html; charset=ISO-8859-7
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 66598
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 82ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=au.lif.co.id&callback=_gfp_s_&client=ca-pub-2549139592322417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2549139592322417&plah=au.lif.co.id&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4e6b2efec4593cc7940dcff1c824994591d6106c93e65c3426daa819633fabca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=au.lif.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au.lif.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F78 58 KB
22 KB 420ms
405ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96f6620b0748f9953654b9e8c47f49d38548cfa1856371f138add4319d8378d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.lif.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Jul 2021 22:46:36 GMT
server: cafe
content-length: 22526
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 23:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 22:46:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Mon, 19 Jul 2021 22:46:35 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26B7 436 B
235 B 218ms
218ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795618&bpp=1&bdt=170&idt=109&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3335640630109&frm=20&pv=1&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VaNV88nTVf&p=https%3A//au.lif.co.id&dtd=114

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad381026126e32ad24c2f5973fa60151666633440f6b743ac15f90bfd475fcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795618&bpp=1&bdt=170&idt=109&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3335640630109&frm=20&pv=1&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VaNV88nTVf&p=https%3A//au.lif.co.id&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.lif.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Jul 2021 22:46:35 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 23:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 22:46:35 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0097 9 KB
4 KB 195ms
194ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1626734795&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.lif.co.id%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795626&bpp=1&bdt=178&idt=134&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=3335640630109&frm=20&pv=1&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=140

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602bbc850b32a8ce6e92e6aa62dd77055647fa95712b2db74f8fba27a1c505f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1626734795&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.lif.co.id%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795626&bpp=1&bdt=178&idt=134&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=3335640630109&frm=20&pv=1&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.lif.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Jul 2021 22:46:35 GMT
server: cafe
content-length: 4024
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 23:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 22:46:35 GMT
cache-control: private

GET
H2 200 8032553958329332431
tpc.googlesyndication.com/daca_images/simgad/ Frame 0F78 87 KB
87 KB 32ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8032553958329332431

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8b63e6385dbe62afe02ba9457bdf203773f653138f43ec812590a65130fb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 21:00:06 GMT
x-content-type-options: nosniff
age: 351990
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88633
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 16:28:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Jul 2022 21:00:06 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 0F78 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 22:39:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 0F78 2 KB
1 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 22:45:52 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F78 124 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Mon, 19 Jul 2021 22:46:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 0F78 14 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 22:37:29 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 0F78 26 KB
11 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 21:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
server: cafe
etag: 11229175930449698035
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 21:59:12 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0F78 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuxhKywD2YO-SLZfx3wOhg4nICKzA1sNjg5TenJkO3-Ttiq4JEAEgv8jtFGCVAqABxsH-kwPIAQKoAwHIA8kEqgSsAU_QOGuNYwb5Yg8Ewg-GifsKPNLHZrUbUw9agmu_KXtqJTiQrA9MtUc0izlo3LM71ZkF0kK2iQXUzC9Rx63aN5LiPRAxcpkWILKz0X3C2lSPW37MPrjlkhCuesKf4H7oKrm_T2mJU_C81qycpHpEkXN7P21-9eXrP_iZxRsgMGo2G70sJULqI6lhtnuum7pwsa4l4wyPrc6dhmiFAfP7ILFtibCA_gF_Zw9xAHnABPmh-tTRA5IFBAgEGAGSBQQIBRgEoAYCgAeivoFsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcDEL020ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTI1NDkxMzk1OTIzMjI0MTc&sigh=bq9APICLdeA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Jul 2021 22:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Jul 2021 22:46:36 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AAE 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1626734795&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fau.lif.co.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626734795614&bpp=4&bdt=166&idt=81&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=3335640630109&frm=20&pv=2&ga_vid=836776852.1626734796&ga_sid=1626734796&ga_hid=1551172855&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1489214172447722&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GUsYPapDvw&p=https%3A//au.lif.co.id&dtd=98

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 19 Jul 2021 22:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0F78 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c49322d9bf7202a1cbc5a664d991ed05292c8caff57b310d13ea7da21b8e7a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AAE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk2kNpK0qnKP6vgGclUzZHNiV7j2brVTa_LpAwu9XEsZ6DefTa4VDCHK7Y4Roo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Jul 2021 22:46:36 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 19-Jul-2021 23:46:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 22:46:36 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Jul 2021 22:46:36 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame ADCA 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 19:51:29 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F78 42 B
64 B 54ms
40ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIefCWpIGEPHssu-UNH0OQ7v6AX7yVz5T_0s7ChhDJG_uB1UeQeL5qlrmI1_zK2hluSSUw4jk_siSeU8EefcvKtFC4NOWjyABdwAOzfnxxzS8_o5CFMjfjuOec4Q&sai=AMfl-YR8_Sppv-KmNaYfAZ0w6u7UhuOYPvqro2ib-Q8m7GNfZJBzOyvj5XrHku4Vk6js1tYUIbbe18yOaPfZ&sig=Cg0ArKJSzKaX4xS0stl1EAE&id=lidar2&mcvt=1000&p=138,436,326,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4110568496&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626734795716&dlt=422&rpt=76&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 22:46:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abe50c2ff0ba3e6e0c476a3600e6f9dbf4db2bd94e8639d0813ce6ae8b1c9f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /Ep7HRPLQgHD484xYPkDuA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: /oeEM4oNrxMbH3V1HuoB3zORebD6JlBwuWhxup+mMdATXBk/DP44f3Y8sjGh64zp/nJPFx1ahWed6TcsTeIrpA==
x-fb-trip-id: 686109401
x-fb-content-md5: 5501be521e26d7c79d82540b60623048
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Mon, 19 Jul 2021 22:46:38 GMT
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e573b3166e29d010943df0f97c476d14"
timing-allow-origin: *
expires: Mon, 19 Jul 2021 23:03:00 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 53ms
31ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e937d811b94340c4079f2ca18978600021ad0fb83e2f9eb3533f9415f8e3321

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GV+Nn1NgOW7SWi0YlvrTsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "38d1367120f0b148c2898fcb31bac827"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-GV+Nn1NgOW7SWi0YlvrTsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 19 Jul 2021 22:46:38 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 22:46:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67DF)
Age: 1477
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa1815bf5d08876a025c2afb5622e6fe7821333c19ae08c5f2c2e52cc8797e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 22:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8475
x-xss-protection: 0

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 227 KB
66 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=afc3e70db65f1bb41a116020126ef8b9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ace2a410e603395ad253d9e72447d96c60912fada08d0eb1288bfe2da54ca9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://au.lif.co.id
Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: y9dTELv1kmLUkwALlo7QzA==
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Jul 2022 22:34:17 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67703
x-fb-rlafr: 0
x-fb-debug: 6wOd+mVC0V+OA2/PHubaf3d22AmwUeuzR/fb97/A2bQpaGxXLeeLkQivI+i29obI3HVbjCZ1R3E0vKbD7eujKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 2dafacec2af4551df44cc9983b6cbe2d
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Jul 2021 22:46:38 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5730299ff7730eb07e39e78c1d62c48d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 19 Jul 2021 22:46:38 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 2A4A 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fau.lif.co.id
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://au.lif.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 612436
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Jul 2021 22:46:38 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B838 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.lif.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 19 Jul 2021 20:43:37 GMT
expires: Tue, 19 Jul 2022 20:43:37 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FB0 783 B
528 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

270531bc2f56598427054ecf1c347aca438b456e0e2001bcd2ecb699e12ab071

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tQh00mygyWnlfjTSgProvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.lif.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=219=RE4z_kafHfN6BU59Um8V5CPP5a3FNR8BxHp6Xj5m2VpmD8Q2vn3OdVJZ5fK3zZXO_kVHfFi6hwYotZJ_E8lq8gJz7TNnHydfJxJt_8wrzErbTNTAIv0KGjE0W5bgCeb1YrRv3OsIW2FmhYZfaF4OP0pBV8qhrSI64uvZvxxzFKo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.lif.co.id/

Response headers

expires: Mon, 19 Jul 2021 22:46:38 GMT
date: Mon, 19 Jul 2021 22:46:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tQh00mygyWnlfjTSgProvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 509
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 141 KB
141 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 17:34:33 GMT
vary: Accept-Encoding, Origin
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
x-content-type-options: nosniff
age: 18725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144268
x-xss-protection: 0
expires: Tue, 19 Jul 2022 17:34:33 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2A4A 183 B
416 B 166ms
136ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9e5c43ff25b0cc3e48a48079d845a7aa86b5112c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fau.lif.co.id

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:46:37 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 22:46:38 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 3e06f72c9ec9dedd562088e96ceb4b14e3de460a9327771ca963ad0ba3b3ae66
content-length: 152

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame B838 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 19:51:29 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=1489214172447722&bg=!YmGlYSXNAAZjFomlYxY7ACkAdvg8WhjeKuZPzPfrvd-ZMuVRnpvL_5a17bHdfgcmuvPDDxkFdY1FmQIAAAA_UgAAAAhoAQcKAHiKvDQjMGC7SvZ_ET3B6PLX6Hwjl6moXHYLxAZ_-kb58-dtZoCrrTtCCZ7igmn4u7KC-htHH3yhLJ50mA7K6mgh7xP0DhhGOrvi51Q7moXLg0th3OhiCG3P4mYXaUboD1d7rz9BZ-YTpzXx6awGoau1kERpaoJWydyZAmxdS54DzKHXPhQcbqeeDQIMQUsPmu335EEP22DmHdhZHi2ARCqkgxp-5R6e26kAksvHmSOHuJzXzlNJeIeKxl3hpqfr4P29Cv1G5VTAKutQow7LMss0PYjc7Gon87VHHDx4IRbHK1IaPSu5quK2Esue-zW3LZqcC50O--kTcJVnDXc-h3nwHdlRZgIN7ODFCqMTbWbf--iXQU2MRLID9zy6mqudUT8wFn3QzsI4lSygiFB04on0ZcWbg_2K4I0jKYw0_l4hrftjArjha-lEAq3BwUVwOoKg5Ef7Lfi4d_R1HNOz8xpU-_5qtVJ3RAryFUYOlgSfIEXJnudZ9S5HAsqe45nJ9BKgL6YM0EOcodaREH93tgn1zn9PjCq6H29OLEbCKqKvACPuYkV4y5_CnH7Qlaqz3JxZ-ulOFG8L1p5j2LZ4kLrsPrQIAoXqPFXEdSHGg-Oe3UBQ8W1DPI71Ug9UgDw1J_IFq2uwTQ2vlpt3cTX6zT7KWb6iOTv2_JcyVLmiCDvcXC1cxLENJMjzeBDwUk1hsxUoUREgyXU_5s_0sRmcOux1xHjSNiNJrL9QybZiUDL6vGJUwHfx3rKvMhVeq-cfvU72GsKOFYIjIr0cRAcudiKNty57_DDxW7GkhOdbYgX_mZxy4yedzHErSPclCZ744hVy3vIoK38SzF3ltcQ3EcmmpYxY31K34SZ5-ynhHMdBH_z3K4Qk22-Rl7aGI9gvx_wWR2kyiWhpkVHZ0dLxh2WTfQEKEDIidVpsTW4eNxPPoRTcC1lqS-EpyM58hRwDipJmVl61uKTupX3O-VXxjGbL6l_Ixu3wLg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.lif.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 22:46:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:52:18	Name: DSID Value: NO_DATA
.lif.co.id/	1970-01-20 05:13:50	Name: __gads Value: ID=7223be427a248078-22c9b9cc7fc800ce:T=1626734795:RT=1626734795:S=ALNI_MYyf9Dn6CipuTbsKCbYl2WhyW8kdQ
au.lif.co.id/	1970-01-20 04:37:50	Name: HstCns4513355 Value: 1
au.lif.co.id/	1970-01-20 04:37:50	Name: HstPt4513355 Value: 1
au.lif.co.id/	1970-01-20 04:37:50	Name: HstPn4513355 Value: 1
.doubleclick.net/	1970-01-20 05:13:50	Name: IDE Value: AHWqTUk2kNpK0qnKP6vgGclUzZHNiV7j2brVTa_LpAwu9XEsZ6DefTa4VDCHK7Y4Roo
au.lif.co.id/	1970-01-20 04:37:50	Name: HstCmu4513355 Value: 1626734795605
au.lif.co.id/	1970-01-20 04:37:50	Name: HstCla4513355 Value: 1626734795605
au.lif.co.id/	1970-01-20 04:37:50	Name: HstCfa4513355 Value: 1626734795605
au.lif.co.id/	1970-01-20 04:37:50	Name: HstCnv4513355 Value: 1
au.lif.co.id/	1978-01-11 21:31:40	Name: X_CACHE_KEY Value: ace63a13bb0c5555cdc2fe75a9357d94

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://au.lif.co.id/wp-content/cache/wpfc-minified/22c680ik/dgrd5.js(Line 19) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
au.lif.co.id
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.pinimg.com
i2.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
s10.histats.com
s4.histats.com
syndication.twitter.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
104.244.42.136
142.250.181.226
162.55.38.158
192.0.77.2
192.99.8.34
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:26f0:6c00:2a6::1931
2a03:2880:f01c:8012:face:b00c:0:3
46.105.201.240
0276c1ed6244ebd50f0467edb6836ab0673002c37374929442f7b94548f9c90b
03c671c0bc58f14a8bd05b8f2deb04f360fc5e965aa57a67c0986df9714a8f13
04f8b847be99070b09f7109acc310f7f6d19dedb8a43d2c0f8e4b06ab2a435e2
0eff96d38af8b7cec92519f5d782f07c9e8e6e168fb93b0e70334605ece0d778
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a573a5e967cfa5db2a53b62598f96aed9705604a6fecc2c0f331b28b6714574
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2636d17b8f17ecca666a78942cf022a5301d69c514abbdd242e01e4390d8287d
270531bc2f56598427054ecf1c347aca438b456e0e2001bcd2ecb699e12ab071
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3a8b63e6385dbe62afe02ba9457bdf203773f653138f43ec812590a65130fb7b
48278256ddcfe26a0ff820c23771028804c3eb712e6329f939993f8b505648d0
4e6b2efec4593cc7940dcff1c824994591d6106c93e65c3426daa819633fabca
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
602bbc850b32a8ce6e92e6aa62dd77055647fa95712b2db74f8fba27a1c505f7
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7c49322d9bf7202a1cbc5a664d991ed05292c8caff57b310d13ea7da21b8e7a9
7e937d811b94340c4079f2ca18978600021ad0fb83e2f9eb3533f9415f8e3321
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
85644de7b8a129b7eb64cc67de5e4a44507b969b9b8df4554344f531f6ab108e
875eab035958b7ebd3173d19445ae17afa9b77e659067fa9f093d0917b42b372
8cafaaa832d1a44fcd5bc9ef333879f4bd0c65b26908da587e38bedb7058aea4
96f6620b0748f9953654b9e8c47f49d38548cfa1856371f138add4319d8378d9
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa1815bf5d08876a025c2afb5622e6fe7821333c19ae08c5f2c2e52cc8797e48
abe50c2ff0ba3e6e0c476a3600e6f9dbf4db2bd94e8639d0813ce6ae8b1c9f65
acd918fab60bd4d01f1b3b5df64d70c705feb862f2c1622c9510548df2f74a94
ace2a410e603395ad253d9e72447d96c60912fada08d0eb1288bfe2da54ca9eb
ad381026126e32ad24c2f5973fa60151666633440f6b743ac15f90bfd475fcca
b355d58d988eeffda5b68a2dbd138c103f57580361573eadc5d2f4b66e872e30
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c1aae5e535a5f98e04dd700409222fd2cff522663c090c33b8cd93d1eaaf6e34
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c59450d753faa88015a67dcbe38fc265d60f1c220086bc2fddb6572bd4aa111c
c7730370729040a76deef535ffcd68dcfe08787a608f083223b1eb046829de24
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d6081fdc0c15e254f8661b839092a65e6b1a13d5b39f7efe44716b43fb45f8a1
d8f2e856c8d7729204f78731e51c1901df0ef7e5266c562ddccb40564cc3d91e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
eb92e21bae70a7d8ae8c4656e24df67d0adb3bef23339e42e3cf93809cbf0431
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e
f89e8e146057831bb8eed8f3eaa50aca5401be90bb5b3561c089f9ed10958f23

au.lif.co.id Open in urlscan Pro 162.55.38.158

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

71 %IPv6

14 Domains

19 Subdomains

21 IPs

4 Countries

2541 kBTransfer

3871 kBSize

11 Cookies

0 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

au.lif.co.id
162.55.38.158

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

19
Subdomains

21
IPs

4
Countries

2541 kB
Transfer

3871 kB
Size

11
Cookies

60 HTTP transactions
1 data transactions