Submitted URL: https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%2F%2Fwww.bukalapak.c...
Effective URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Submission Tags: falconsandbox
Submission: On September 21 via api from US — Scanned from DE

Summary

This website contacted 23 IPs in 6 countries across 17 domains to perform 66 HTTP transactions. The main IP is 45.60.243.175, located in United States and belongs to INCAPSULA, US. The main domain is www.bukalapak.com. The Cisco Umbrella rank of the primary domain is 126672.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 5th 2021. Valid for: a year.
This is the only time www.bukalapak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 45.60.154.227 19551 (INCAPSULA)
12 45.60.243.175 19551 (INCAPSULA)
8 95.101.23.179 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2.23.97.122 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f00... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f10... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.133 54113 (FASTLY)
3 23.48.23.25 20940 (AKAMAI-ASN1)
1 13.224.189.101 16509 (AMAZON-02)
1 13.225.78.28 16509 (AMAZON-02)
1 3.15.76.72 16509 (AMAZON-02)
1 2.18.79.132 20940 (AKAMAI-ASN1)
4 35.190.124.112 15169 (GOOGLE)
5 20.212.159.244 8075 (MICROSOFT...)
1 99.83.173.21 16509 (AMAZON-02)
1 35.71.187.5 16509 (AMAZON-02)
66 23
Apex Domain
Subdomains
Transfer
23 bukalapak.com
glimpse.bukalapak.com — Cisco Umbrella Rank: 328935
www.bukalapak.com — Cisco Umbrella Rank: 126672
s0.bukalapak.com — Cisco Umbrella Rank: 143357
t.bukalapak.com — Cisco Umbrella Rank: 79128
api.bukalapak.com — Cisco Umbrella Rank: 56938
276 KB
7 vidio.com
personalization.vidio.com — Cisco Umbrella Rank: 69003
cdp.vidio.com — Cisco Umbrella Rank: 72708
19 KB
6 vesta.io
collectorsvc.apac.vesta.io — Cisco Umbrella Rank: 62256
metrics.apac.vesta.io — Cisco Umbrella Rank: 522164
145 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
491 B
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
218 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 966
71 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 10655
certify.alexametrics.com — Cisco Umbrella Rank: 6042
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6352
608 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
500 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5636
www.google.com — Cisco Umbrella Rank: 2
850 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
166 KB
1 fpapi.io
tls-use1.fpapi.io — Cisco Umbrella Rank: 37260
331 B
1 vid.id
static-web.prod.vid.id — Cisco Umbrella Rank: 96791
5 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1613
430 B
66 17
Domain Requested by
9 www.bukalapak.com www.bukalapak.com
s0.bukalapak.com
8 s0.bukalapak.com www.bukalapak.com
s0.bukalapak.com
5 collectorsvc.apac.vesta.io s0.bukalapak.com
collectorsvc.apac.vesta.io
5 www.facebook.com www.bukalapak.com
connect.facebook.net
5 connect.facebook.net www.googletagmanager.com
connect.facebook.net
collectorsvc.apac.vesta.io
4 cdp.vidio.com static-web.prod.vid.id
4 analytics.tiktok.com www.googletagmanager.com
analytics.tiktok.com
3 personalization.vidio.com www.bukalapak.com
personalization.vidio.com
3 api.bukalapak.com s0.bukalapak.com
2 www.google.de www.bukalapak.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.bukalapak.com
2 unpkg.com 1 redirects www.bukalapak.com
2 t.bukalapak.com s0.bukalapak.com
2 www.googletagmanager.com www.bukalapak.com
www.googletagmanager.com
1 metrics.apac.vesta.io collectorsvc.apac.vesta.io
1 tls-use1.fpapi.io collectorsvc.apac.vesta.io
1 static-web.prod.vid.id personalization.vidio.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 certify.alexametrics.com
1 certify-js.alexametrics.com www.bukalapak.com
1 cdn.krxd.net www.bukalapak.com
1 www.google.com www.bukalapak.com
1 region1.analytics.google.com www.googletagmanager.com
1 glimpse.bukalapak.com 1 redirects
66 25

This site contains no links.

Subject Issuer Validity Valid
*.bukalapak.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-05 -
2022-12-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-01 -
2022-09-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
www.google.de
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-12-30 -
2022-12-29
a year crt.sh
www.static6.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-12 -
2023-07-13
a year crt.sh
certify-js.alexametrics.com
Amazon
2022-05-30 -
2023-06-27
a year crt.sh
certify.alexametrics.com
Amazon
2022-05-30 -
2023-06-28
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2022-09-12 -
2023-10-11
a year crt.sh
vid.id
DigiCert SHA2 Secure Server CA
2022-02-16 -
2023-01-21
a year crt.sh
cdp.vidio.com
GTS CA 1D4
2022-08-20 -
2022-11-18
3 months crt.sh
vsafe.apac.vesta.io
Go Daddy Secure Certificate Authority - G2
2022-01-31 -
2023-03-04
a year crt.sh
tls-use1.fpapi.io
R3
2022-08-11 -
2022-11-09
3 months crt.sh
metrics.apac.vesta.io
Amazon
2022-08-21 -
2023-09-19
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Frame ID: 63BFA93C4AA7B473CA4DE38EB3F6DD5D
Requests: 54 HTTP requests in this frame

Frame: https://personalization.vidio.com/embed.html
Frame ID: 42D7BECAB621B52F3F84B3615DDD604A
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D3036B582BA2BEF94E47CC35A6295352
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Situs Belanja Online dan Jual Beli Mudah Terpercaya | Bukalapak

Page URL History Show full URLs

  1. https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%... HTTP 301
    https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

66
Requests

98 %
HTTPS

39 %
IPv6

17
Domains

25
Subdomains

23
IPs

6
Countries

927 kB
Transfer

2733 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&o=U2hvcHBpbmcgRXhwZXJpZW5jZQ%3D%3D&p=0&subject=Penting%3A%2BKode%2BRahasia&tag=confirmation&template_id=0&type=ClickEmail&u=8r1c1n&user_email=siti.shara%40syngenta.com HTTP 301
    https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
www.bukalapak.com/confirmation/
Redirect Chain
  • https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&o=U2hvcH...
  • https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
22 KB
9 KB
Document
General
Full URL
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6ac96c902ffde611f45bc463dc98201a283bab0d001856b8250644c0015d49aa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 22:48:36 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend
westeros
x-cdn
Imperva
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-iinfo
13-494418-230341 pNNN RT(1663800516389 12) q(0 0 0 2) r(2 2) U12
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
114
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 22:48:36 GMT
location
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
strict-transport-security
max-age=15724800; includeSubDomains
x-cdn
Imperva
x-iinfo
7-5738158-5738161 nNNN RT(1663800515572 12) q(0 0 4 0) r(6 6) U11
ents-we-dested-their-had-tise-Cornesse-Exeunt-to
www.bukalapak.com/
156 KB
50 KB
Script
General
Full URL
https://www.bukalapak.com/ents-we-dested-their-had-tise-Cornesse-Exeunt-to
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
connector /
Resource Hash
9f448ea412b0a9f68d380738f4093e333653365ec148973211f590bdebad522f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
server
connector
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
13-494418-494474 NNNN CT(5 6 0) RT(1663800516389 301) q(0 0 1 -1) r(1 1) U2
cache-control
private, max-age=60
server-timing
bon, total;dur=0.16899499999999998
content-length
50877
x-cdn
Imperva
bazaar@2.41.1.css
s0.bukalapak.com/ast/bazaar-dweb/base/
124 KB
18 KB
Stylesheet
General
Full URL
https://s0.bukalapak.com/ast/bazaar-dweb/base/bazaar@2.41.1.css
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ecc100f8cdfe27c5bb9e395d98226c3586e737c042282e6a3396203b7523316e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 11:32:06 GMT
etag
"17039df1c8efe5ce901637f79088211a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
18437
expires
Wed, 21 Sep 2022 23:48:36 GMT
polyfills-84753b0e71d2ce8a7070.js
s0.bukalapak.com/marketplace/
129 KB
42 KB
Script
General
Full URL
https://s0.bukalapak.com/marketplace/polyfills-84753b0e71d2ce8a7070.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48f9146510aa8ad9146018d15d76a02b6df1f9afe4aebabe4d00b5d03f15a0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:39 GMT
etag
"02ff8d769decf2e460af21e1c8f49177"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
42936
expires
Wed, 21 Sep 2022 23:48:36 GMT
vnd-84753b0e71d2ce8a7070.js
s0.bukalapak.com/marketplace/
127 KB
45 KB
Script
General
Full URL
https://s0.bukalapak.com/marketplace/vnd-84753b0e71d2ce8a7070.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55cdf6ed42266a91ef60372bc0bb22166650950a475d0634b58dcc611f8c2797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:41 GMT
etag
"19eea1b99a59069d59ddd08755538f85"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
45830
expires
Wed, 21 Sep 2022 23:48:36 GMT
summoner-84753b0e71d2ce8a7070.js
s0.bukalapak.com/marketplace/
60 KB
20 KB
Script
General
Full URL
https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5fc23dde649c9e0bc33247a5ad56b5effce74200cb109590aef335fb0fb5a1c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:39 GMT
etag
"5600a386d58d593d07109cae1cc275a9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
20270
expires
Wed, 21 Sep 2022 23:48:36 GMT
app-84753b0e71d2ce8a7070.js
s0.bukalapak.com/marketplace/
135 KB
40 KB
Script
General
Full URL
https://s0.bukalapak.com/marketplace/app-84753b0e71d2ce8a7070.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bcab2c337f9dd6cac7fb54123beb4f55e2d0a76f57cef17028bf07a37c18348e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:38 GMT
etag
"a0e958927e1b4ec36123de91d8a92b12"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
40391
expires
Wed, 21 Sep 2022 23:48:36 GMT
vesta-84753b0e71d2ce8a7070.js
s0.bukalapak.com/marketplace/
6 KB
3 KB
Script
General
Full URL
https://s0.bukalapak.com/marketplace/vesta-84753b0e71d2ce8a7070.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65d588acf9f28f794017d3871783991b3ff26ff8fd814e011f2261ccec5acfd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:41 GMT
etag
"0689a6432c184d46da6d439dac90989e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
2505
expires
Wed, 21 Sep 2022 23:48:36 GMT
_Incapsula_Resource
www.bukalapak.com/
142 KB
20 KB
Script
General
Full URL
https://www.bukalapak.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=523348992
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1453273db2f91bf57fcdcaa2543b6b156836f7f293078ad2671fd15883059498

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20246
content-type
application/javascript
application-v2-84753b0e71d2ce8a7070.css
s0.bukalapak.com/marketplace/
29 KB
21 KB
Stylesheet
General
Full URL
https://s0.bukalapak.com/marketplace/application-v2-84753b0e71d2ce8a7070.css
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ecd8177a8492fa4527d411920f73ba0c1f2d020284e573cfb2a76c271337e3e3

Request headers

Referer
https://www.bukalapak.com/
Origin
https://www.bukalapak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:38 GMT
etag
"c789005c3a107a09e181368fa062fc7a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
21047
expires
Wed, 21 Sep 2022 23:48:36 GMT
gtm.js
www.googletagmanager.com/
303 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THDD63
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc915714243391970f804af3b196a3db1f93f2f07484da31c68bfd3d2ca57765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94292
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 22:04:26 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Sep 2022 22:48:37 GMT
_Incapsula_Resource
www.bukalapak.com/
1 B
35 B
Image
General
Full URL
https://www.bukalapak.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8844688597416475
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
track_external.json
www.bukalapak.com/
28 B
242 B
XHR
General
Full URL
https://www.bukalapak.com/track_external.json
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/vnd-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b6111a8db7c513ab149725f432d388ff04a6729a64fb6f12fe3239418d08e589
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-iinfo
13-494418-230341 pNYN RT(1663800516389 571) q(0 0 0 -1) r(3 3) U6
strict-transport-security
max-age=15724800; includeSubDomains
x-backend
siburung
track-external-visit
www.bukalapak.com/
62 B
228 B
XHR
General
Full URL
https://www.bukalapak.com/track-external-visit
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/vnd-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
108d1d501d86d83b0a53ceb3e68548aa3eaf5bd3ad873a18e418e05c6d8cc20f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
application/json
access-control-allow-origin
*
x-iinfo
13-494418-244779 pNYN RT(1663800516389 582) q(0 0 0 -1) r(3 3) U6
strict-transport-security
max-age=15724800; includeSubDomains
x-backend
siburung
westeros_auth_proxies
www.bukalapak.com/
210 B
584 B
XHR
General
Full URL
https://www.bukalapak.com/westeros_auth_proxies
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a94c677c675af1374c09dfd2674586a2528550fb5abcbb08a8cb46acb063bccc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-backend
westeros
date
Wed, 21 Sep 2022 22:48:37 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-494418-274584 pNYN RT(1663800516389 587) q(0 0 0 -1) r(3 3) U6
x-xss-protection
1; mode=block
access-control-allow-credentials
true
vary
Accept-Encoding
x-cdn
Imperva
e
t.bukalapak.com/
2 B
428 B
Fetch
General
Full URL
https://t.bukalapak.com/e
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/app-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.227 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
Env
production
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bukalapak.com
x-iinfo
14-17067966-17067766 PNYN RT(1663800516881 217) q(0 1 1 1) r(2 2) U6
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
e
t.bukalapak.com/ Frame
0
0
Preflight
General
Full URL
https://t.bukalapak.com/e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.227 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
env
Access-Control-Request-Method
POST
Origin
https://www.bukalapak.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Env
access-control-allow-methods
POST
access-control-allow-origin
https://www.bukalapak.com
access-control-max-age
300
content-length
0
date
Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cdn
Imperva
x-iinfo
14-17067966-17067766 PNNN RT(1663800516881 11) q(0 0 0 1) r(2 2) U6
svc-desktop-services-snackbar-index-84753b0e71d2ce8a7070.js
s0.bukalapak.com/marketplace/
10 KB
3 KB
Script
General
Full URL
https://s0.bukalapak.com/marketplace/svc-desktop-services-snackbar-index-84753b0e71d2ce8a7070.js
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/app-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
708c2842501b80fbbe909a3a56cb6c0eb0d688a9cb0ad49eacc684e8a97749a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 08:00:40 GMT
etag
"65dd7e5f548bf4e32b352e589b9cbf9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
3183
expires
Wed, 21 Sep 2022 23:48:37 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.0.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
577570
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1a22-hgiiFG7C7LJYmxvR7SzubSsy+G8"
fly-request-id
01GCZX07Q7Q78Z7M2AKK5H4X3P-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74e65970ecd39180-FRA

Redirect headers

date
Wed, 21 Sep 2022 22:48:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GDH3DR3AJ6PFCZW2T8EPDHJ5-fra
server
cloudflare
age
408
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@3.0.2/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74e65970bc9e9180-FRA
access-control-allow-origin
*
js
www.googletagmanager.com/gtag/
210 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R2T40V5QM5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fdc6efb47f2ecd0ecc31cad223528f7231b43b4268399a752e761c4a6b4c10bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74676
x-xss-protection
0
expires
Wed, 21 Sep 2022 22:48:37 GMT
sdk.js
analytics.tiktok.com/i18n/pixel/
127 KB
38 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8678773bb9d86b20fe04878d39f842598e74b85a467be6a0739ea0c74db78efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
42ed6735.4036205d
date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-222-0-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time
165,2.23.97.118
server-timing
cdn-cache; desc=MISS, edge; dur=151, origin; dur=15, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
20220921224837897F86A556B6EE4ABA8F
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.222.0.196
x-tt-trace-host
012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3a7a6edb35599b5a2d38bec009a1ceeb76c4b79d399c407743af1e405c989d3dfa1d9a30383124dab7e3fd09404242097233a28a40f5e8ce3c7039cfa77509ac6e
expires
Wed, 21 Sep 2022 22:48:37 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
6397
date
Wed, 21 Sep 2022 21:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Wed, 21 Sep 2022 23:02:00 GMT
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
X4FK4c9YEscgTUfYhDtNk4m4WQgOjRlM7nyx5l+L8uqLXKU743yeoUJ5xf4pfkDYAHSRhR0jmNopnpdipDEowA==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ents-we-dested-their-had-tise-Cornesse-Exeunt-to
www.bukalapak.com/
585 B
741 B
Fetch
General
Full URL
https://www.bukalapak.com/ents-we-dested-their-had-tise-Cornesse-Exeunt-to?d=www.bukalapak.com
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/ents-we-dested-their-had-tise-Cornesse-Exeunt-to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
connector /
Resource Hash
aaa6f143250909e7871f7e3bbd1fb3e33f5a12b2bdd434570f7ae8c7f2638190

Request headers

Accept
application/json; charset=utf-8
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
server
connector
content-type
application/json
access-control-allow-origin
*
x-iinfo
13-494418-494474 PNYN RT(1663800516389 834) q(0 0 0 -1) r(0 0) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=38.961244
x-cdn
Imperva
toggles
api.bukalapak.com/_exclusive/neo/
107 B
660 B
XHR
General
Full URL
https://api.bukalapak.com/_exclusive/neo/toggles?access_token=J1S0mvw8ZqNrn8kKWwSiRKiH9lrDRbcl3mKnrX9PFTgmog
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
348144ef91f759d9e57ea42a782792fdd4f6ea60edbadf717b580b921a293988
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Imperva
x-route-pattern
/_exclusive/neo/toggles
x-iinfo
14-566951-477617 pNYN RT(1663800517318 214) q(0 0 0 2) r(2 2) U5
vary
Origin
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bukalapak.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
toggles
api.bukalapak.com/_exclusive/neo/ Frame
0
0
Preflight
General
Full URL
https://api.bukalapak.com/_exclusive/neo/toggles?access_token=J1S0mvw8ZqNrn8kKWwSiRKiH9lrDRbcl3mKnrX9PFTgmog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bukalapak.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bukalapak.com
access-control-max-age
86400
content-length
0
date
Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cdn
Imperva
x-iinfo
14-566951-477617 pNNN RT(1663800517318 13) q(0 0 0 0) r(2 2) U5
identity.js
connect.facebook.net/signals/plugins/
64 KB
20 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
ZEe2xwBlM6gexiaAF6gffhMXpfGbAVnkaXDLGyt+lafn6tI7tlK/Vt32P+BfUWk2dVnwdVrOBt9H0fBwB6d9iA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
410856109079318
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/410856109079318?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
99306dcb7352777a519f45710985c25befca6709d69bd5db16a846814c140b2d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86060
x-xss-protection
0
pragma
public
x-fb-debug
SLRyfWDdyAh/LqMxUdWMlM18eOHqEDG6N8lMx9+SpAQ6QuLriZSt8G+aa5DOjA/2+/sQhNuS6+qnvrPAiRizRQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
349 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-R2T40V5QM5&gtm=2oe9j0&_p=1812571398&_gaz=1&cid=1156350718.1663800517&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663800517&sct=1&seg=0&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&dt=Situs%20Belanja%20Online%20dan%20Jual%20Beli%20Mudah%20Terpercaya%20%7C%20Bukalapak&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2T40V5QM5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 22:48:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bukalapak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R2T40V5QM5&cid=1156350718.1663800517&gtm=2oe9j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2T40V5QM5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 22:48:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bukalapak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R2T40V5QM5&cid=1156350718.1663800517&gtm=2oe9j0&aip=1&z=2052692901
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 22:48:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-12425854-1&cid=1156350718.1663800517&jid=2147039513&gjid=2059597594&_gid=12419507.1663800517&_u=YCDAgEABAAAAAE~&z=1079917706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Sep 2022 22:48:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.bukalapak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1812571398&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&ul=en-us&de=UTF-8&dt=Situs%20Belanja%20Online%20dan%20Jual%20Beli%20Mudah%20Terpercaya%20%7C%20Bukalapak&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=2147039513&gjid=2059597594&cid=1156350718.1663800517&tid=UA-12425854-1&_gid=12419507.1663800517&gtm=2wg9j0THDD63&cd2=Guest&z=25122954
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 19:18:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12602
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=410856109079318&ev=PageView&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&rl=&if=false&ts=1663800517401&sw=1600&sh=1200&ud[cn]=a56145270ce6b3bebd1dd012b73948677dd618d496488bc608a3cb43ce3547dd&v=2.9.83&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1663800517400.74702036&it=1663800517300&coo=false&tm=1&rqm=GET
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 21 Sep 2022 22:48:37 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-12425854-1&cid=1156350718.1663800517&jid=2147039513&_u=YCDAgEABAAAAAE~&z=644701754
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 22:48:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-12425854-1&cid=1156350718.1663800517&jid=2147039513&_u=YCDAgEABAAAAAE~&z=644701754
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 22:48:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
42ed6c19.40362189
date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-222-0-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time
103,2.23.97.118
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=6, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
20220921224837897F86A556B6EE4ABAA7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.222.0.196
x-tt-trace-host
012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3a7a6edb35599b5a2d38bec009a1ceeb76c4b79d399c407743af1e405c989d3dfa97b24aabfe0232d2d4348532bd406b2e7aa36ce81daa090d06b13411ace69441
expires
Wed, 21 Sep 2022 22:48:37 GMT
config.js
analytics.tiktok.com/i18n/pixel/
867 B
1 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7EMQ24RNSL79GUTC4B0&hostname=www.bukalapak.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
05b15b9380be5bd4111e848854bfd1ef98b52baae76eb0426f28ae604a1d9ccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
11dc8a0d.403621cb
date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-36-66-38.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time
103,2.23.97.118
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=5, inner; dur=3
content-length
349
pragma
no-cache
server
nginx
x-tt-logid
202209212248379972B86144E27F4DFDE7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.36.66.38
x-tt-trace-host
012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3afa56961b8f4d989dcd9a040de4d0b812dfc31c3877c4846f32140032d901ee50b86a5d15e584d0ad40bb5149c73e111ea3cd96589338c68fc2e71293a4d2f736
expires
Wed, 21 Sep 2022 22:48:37 GMT
westeros_auth_proxies
www.bukalapak.com/
210 B
475 B
XHR
General
Full URL
https://www.bukalapak.com/westeros_auth_proxies
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a94c677c675af1374c09dfd2674586a2528550fb5abcbb08a8cb46acb063bccc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-backend
westeros
date
Wed, 21 Sep 2022 22:48:37 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-iinfo
13-494418-274584 pNYN RT(1663800516389 1352) q(0 0 0 -1) r(3 3) U6
x-xss-protection
1; mode=block
access-control-allow-credentials
true
vary
Accept-Encoding
x-cdn
Imperva
pixel
analytics.tiktok.com/api/v2/
0
685 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
cce9aa8c.403622a1
date
Wed, 21 Sep 2022 22:48:37 GMT
x-cache-remote
TCP_MISS from a23-222-0-201.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time
123,2.23.97.118
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=18, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220921224837647F8106BA360D3DD751
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.222.0.201
x-tt-trace-host
012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3aeb061680a8641d677d08a4eefb9a6b9de9e40f57118642f04d0b85119934c73776689f443411883ad4bd98d8af36d267607c095bb60c52240b54ed5df2165a34
expires
Wed, 21 Sep 2022 22:48:37 GMT
tgpnc5f66.js
cdn.krxd.net/controltag/
2 B
430 B
Script
General
Full URL
https://cdn.krxd.net/controltag/tgpnc5f66.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 21 Sep 2022 22:48:37 GMT
via
1.1 varnish, 1.1 varnish
age
603
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22
x-served-by
config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000162-IAD, cache-hhn4052-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1663800518.804558,VS0,VE1
etag
"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1
embed.html
personalization.vidio.com/ Frame 42D7
1 KB
998 B
Document
General
Full URL
https://personalization.vidio.com/embed.html
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-25.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
bf962d4454782196e44e22e305684485271e82e07fa6dc763dede14b0e6358db

Request headers

Referer
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
598
content-type
text/html
date
Wed, 21 Sep 2022 22:48:37 GMT
etag
"bf09eeb2fb34d7151ed49bf8a4dae7d1"
last-modified
Mon, 07 Mar 2022 09:28:14 GMT
server
UploadServer
unused62
8096267
vary
Accept-Encoding
x-goog-hash
crc32c=fTHzvw== md5=vwnusvs01xUe1Jv4pNrn0Q==
x-guploader-uploadid
ADPycdvgacihFML2KfiXVIN3B2yBcqC4xOmOh7GEwY3IYQ9rbDE9OIz5BhfPxu_TaE4-hWBbw4TPjWD8WXJjcYzv8BU
embed.js
personalization.vidio.com/
28 KB
11 KB
Script
General
Full URL
https://personalization.vidio.com/embed.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-25.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
001019d8761f1b4efd62710dd3c7772556a73dc4aaab4e12707db4c3022b9a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvFrGPsGcwV9jP9gB0IVDXpGw5sN2aFEWPgx_rJeg-3o-d0JnQD_R2y9fDjSES2Fkl8MKZtruE1gj8ZYBJJX1U
x-goog-hash
crc32c=YeMUWQ==, md5=C8ZHz56alkvUyh7+dDqaxw==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10552
last-modified
Mon, 07 Mar 2022 09:28:12 GMT
server
UploadServer
etag
"0bc647cf9e9a964bd4ca1efe743a9ac7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
atrk.js
certify-js.alexametrics.com/
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 06:04:40 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
9305038
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
nOxenwVg78ferD0rKtGMJflze30Zh2ZAmhJbyfbfdSl1aV81FTdKuw==
atrk.gif
certify.alexametrics.com/
43 B
551 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Situs%20Belanja%20Online%20dan%20Jual%20Beli%20Mudah%20Terpercaya%20%7C%20Bukalapak&time=1663800517806&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&random_number=18406388328&sess_cookie=68629dc4183623d24ad7f68fdf0&sess_cookie_flag=1&user_cookie=68629dc4183623d24ad7f68fdf0&user_cookie_flag=1&dynamic=true&domain=bukalapak.com&account=4Fkbi1aoZM00Ua&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-28.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 02:09:43 GMT
Via
1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
74335
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C2
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
HxgEOx26689TBJtWjDpIFqbPFIcBWjgRiVUiXbFgtSQ2UE05QCOyDg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.76.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-76-72.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:38 GMT
server
Server
ahoy-falcon-2022-01-13-02-35-43.js
static-web.prod.vid.id/ahoy/ Frame 42D7
15 KB
5 KB
Script
General
Full URL
https://static-web.prod.vid.id/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Requested by
Host: personalization.vidio.com
URL: https://personalization.vidio.com/embed.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.132 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-132.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32

Request headers

Referer
https://personalization.vidio.com/
Origin
https://personalization.vidio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 08:20:30 GMT
server
UploadServer
etag
"c805d2d1d4987fcfda26b9bfd5956759"
vary
Accept-Encoding
x-goog-hash
crc32c=q/fApw==, md5=yAXS0dSYf8/aJrm/1ZVnWQ==
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-transform, max-age=31453341
access-control-allow-methods
GET,POST
accept-ranges
bytes
x-guploader-uploadid
ADPycdsVHQUTYtvHk8GQV-lTmbSkcJgr6fpsCr0Y5UIu5w4jr2s2jEP1LR-PCkLxYtFfiQ9IsFM0QEl-Z0cySm4DkYo
content-length
4447
embed-internal.e8fa0db3036d99f15525.js
personalization.vidio.com/ Frame 42D7
18 KB
7 KB
Script
General
Full URL
https://personalization.vidio.com/embed-internal.e8fa0db3036d99f15525.js
Requested by
Host: personalization.vidio.com
URL: https://personalization.vidio.com/embed.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-25.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
98d93aebb9f36b59f681e57cf0e84f102fcd39ceab9c0f7c93f457f9ff4427c2

Request headers

Referer
https://personalization.vidio.com/embed.html
Origin
https://personalization.vidio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Wed, 21 Sep 2022 22:48:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdseN2Hl_oT59xtnRVnJ4VDv2f6Gias2gndZaAV0jOmcAaCXHKcz124joRMJWtAxvS6auJ5_kqk93i5yvgncbDc
x-goog-hash
crc32c=5OLK/g==, md5=nZyKBt91RyK3EOVPHmVZ+Q==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
7046
last-modified
Mon, 07 Mar 2022 09:28:11 GMT
server
UploadServer
etag
"9d9c8a06df754722b710e54f1e6559f9"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
/
www.facebook.com/tr/ Frame D303
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.bukalapak.com
Referer
https://www.bukalapak.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.bukalapak.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 22:48:37 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
visits
cdp.vidio.com/ahoy/ Frame
0
0
Preflight
General
Full URL
https://cdp.vidio.com/ahoy/visits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.124.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://personalization.vidio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Accept, Content-Type, X-Requested-With
access-control-allow-methods
POST
access-control-allow-origin
https://personalization.vidio.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Sep 2022 22:48:38 GMT
server
nginx
server-node
emtek-cdp-vertx-prod-zq6n
via
1.1 google
visits
cdp.vidio.com/ahoy/ Frame 42D7
0
12 B
XHR
General
Full URL
https://cdp.vidio.com/ahoy/visits
Requested by
Host: static-web.prod.vid.id
URL: https://static-web.prod.vid.id/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.124.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://personalization.vidio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://personalization.vidio.com
date
Wed, 21 Sep 2022 22:48:38 GMT
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
server-node
emtek-cdp-vertx-prod-zgfq
fds-sessions
api.bukalapak.com/_exclusive/payments/credit-cards/
91 B
579 B
XHR
General
Full URL
https://api.bukalapak.com/_exclusive/payments/credit-cards/fds-sessions?access_token=J1S0mvw8ZqNrn8kKWwSiRKiH9lrDRbcl3mKnrX9PFTgmog
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0eb80db5686a46fbff05324f66fc724628370c994b854292ce08fc572be30f84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Imperva
x-route-pattern
/_exclusive/payments/credit-cards/fds-sessions
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.bukalapak.com
x-iinfo
14-566951-477617 pNYN RT(1663800517318 732) q(0 0 0 -1) r(3 3) U5
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
29b693be15276d64305bd58e24b15f9d
vdccs.js
collectorsvc.apac.vesta.io/DCCSProxy/Service/
142 KB
143 KB
Script
General
Full URL
https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143
Requested by
Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/vesta-84753b0e71d2ce8a7070.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b732a522be4e8d7246eb7b3b6502a9b37714573bba086f4771e51f577235e05
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 22:48:39 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, X-Custom-Header
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
InsertUserData
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/ Frame
0
0
Preflight
General
Full URL
https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertUserData
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bukalapak.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, X-Custom-Header
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Date
Wed, 21 Sep 2022 22:48:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b542cd53e3af1271d6f73def8dd7c024447ccfa82d177f9e73138d97ec162588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LzgpDVB32AwGrzwpoLen0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
K/XhwJRzoqoIMxBiWfkDuIy+xGdkJQPy0xlOM7MeugILGxzr7m/NFTOEoCOrW32RtloqS+JP8zd3lupWeEhkmQ==
x-fb-content-md5
d02a16e8e6c2db9ee5c93944ae1f957e
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 21 Sep 2022 22:48:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ea1399ed13fa5fdfb82c90aa9a71d04b"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 21 Sep 2022 23:06:34 GMT
InsertUserData
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/
20 B
627 B
XHR
General
Full URL
https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertUserData
Requested by
Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1acb58320a660fa8c651a61aa84acfd385b0cd0be1c27e774478977475d3be52
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 21 Sep 2022 22:48:40 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Security-Policy
default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Headers
Content-Type, X-Custom-Header
Content-Length
20
X-XSS-Protection
1; mode=block
/
tls-use1.fpapi.io/
204 B
331 B
XHR
General
Full URL
https://tls-use1.fpapi.io/
Requested by
Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.173.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a64bed9ff5004f5b3.awsglobalaccelerator.com
Software
/
Resource Hash
4ee471d4c389d1ed0e2d427ef0ed282323d81d930a30e26ad5358ac76398c55a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=2592000, immutable, private
date
Wed, 21 Sep 2022 22:48:40 GMT
content-length
204
content-type
text/plain; charset=utf-8
sdk.js
connect.facebook.net/en_US/
313 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d1c65fab129966702ab7e5a2f499882d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5829627535a23ecd89d818a4b6c7062dedecaae16702877bdf359ed992e9dec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bukalapak.com/
Origin
https://www.bukalapak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MGqgFFLQEpvtDsHju8Oz9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87333
x-fb-rlafr
0
x-fb-debug
bNGYD8ORf4d+26mbJ7JP9l3T+Qk3aLKB7eaXZ/+rnC9cNGsrdo4/jdglZFS/2ClmQMxgpYD/kZ6Z6zH9GwiJnw==
x-fb-content-md5
2e98c6cd19769d22c628eacf5f34ea5b
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 21 Sep 2022 22:48:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8683960670f9111b8b2b981a92f713e3"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 21 Sep 2023 22:06:43 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=941008879243673&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d1c65fab129966702ab7e5a2f499882d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
2vjpL6o5klUwvT8j/3a9IyCf2jEozi23OJ17NUIFnGUt5ifRQuAD70uTS7VZxyikXMeT00fCxfMNtEvioEy06g==
fb-s
unknown
date
Wed, 21 Sep 2022 22:48:39 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bukalapak.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=941008879243673&ev=fb_page_view&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&rl=&if=false&ts=1663800519969&sw=1600&sh=1200&at=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 21 Sep 2022 22:48:39 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=941008879243673&ev=fb_page_view&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&rl=&if=false&ts=1663800519972&sw=1600&sh=1200&at=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bukalapak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:48:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 21 Sep 2022 22:48:39 GMT
/
metrics.apac.vesta.io/
356 B
858 B
XHR
General
Full URL
https://metrics.apac.vesta.io/?ci=js/3.5.6
Requested by
Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.187.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a21127ed02ce71173.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e80e1aa3fa612afee5083f2b71de17328e672175cfc2cfac8f5fe2a6711fe97b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

content-security-policy
default-src 'none'; frame-ancestors 'none'
referrer-policy
no-referrer
server
nginx
date
Wed, 21 Sep 2022 22:48:41 GMT
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
https://www.bukalapak.com
access-control-expose-headers
Retry-After
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
vary
Origin
content-length
356
x-content-type-options
nosniff
events
cdp.vidio.com/ Frame 42D7
0
12 B
XHR
General
Full URL
https://cdp.vidio.com/events
Requested by
Host: static-web.prod.vid.id
URL: https://static-web.prod.vid.id/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.124.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://personalization.vidio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://personalization.vidio.com
date
Wed, 21 Sep 2022 22:48:41 GMT
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
server-node
emtek-cdp-vertx-prod-zq6n
events
cdp.vidio.com/ Frame
0
0
Preflight
General
Full URL
https://cdp.vidio.com/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.124.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://personalization.vidio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Accept, Content-Type, X-Requested-With
access-control-allow-methods
POST
access-control-allow-origin
https://personalization.vidio.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Sep 2022 22:48:41 GMT
server
nginx
server-node
emtek-cdp-vertx-prod-zq6n
via
1.1 google
InsertFingerprintPro
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/
45 B
652 B
XHR
General
Full URL
https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertFingerprintPro
Requested by
Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe76fa9203057f310284e662210a817cc642fc5e1e94dcc995d3e750359725b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bukalapak.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 21 Sep 2022 22:48:41 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Security-Policy
default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Headers
Content-Type, X-Custom-Header
Content-Length
45
X-XSS-Protection
1; mode=block
InsertFingerprintPro
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/ Frame
0
0
Preflight
General
Full URL
https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertFingerprintPro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bukalapak.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, X-Custom-Header
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Date
Wed, 21 Sep 2022 22:48:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| USER string| IDENTITY string| BROWSER_ID string| APP_SHELL object| APP object| a0_0x1bd3 function| a0_0x3b41 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha object| dataLayer object| regeneratorRuntime function| setImmediate function| clearImmediate function| Vue object| Vuex object| STORE function| axios function| ENGINE object| API object| westerosJsonp object| webpackChunkExternalVisitTracker object| externalTracker object| Tracker object| TRACKER_P object| vestaQueue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids object| VidioPersonalizationHandler object| webVitals function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| TiktokAnalyticsObject object| ttq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge string| userId string| email undefined| phone object| vestaSession function| setCookie function| getParam object| gclid object| merchid object| blca function| Krux object| a object| _atrk_opts function| atrk boolean| _atrk_fired object| VidioPersonalization function| ontouchstart object| FingerprintJS object| vStream object| vCustomer object| vestaConfig object| PointerEventsPolyfill function| VestaJSONProxy function| fbAsyncInit number| verOffset number| width number| height object| FB object| __buffer

30 Cookies

Domain/Path Name / Value
www.bukalapak.com/confirmation Name: logLevel
Value: 0
www.bukalapak.com/confirmation Name: vstreamID
Value: 121_2033198143
.bukalapak.com/ Name: visid_incap_2719319
Value: eGd+4LlMSk2oyr5YHQdFNcOUK2MAAAAAQUIPAAAAAACga0cXvWix6xpQ8oLlZgo0
.bukalapak.com/ Name: incap_ses_273_2719319
Value: JUUqfY4coFEqCONRyuTJA8SUK2MAAAAAjrO3uNo+SplmBJq+Ugho+Q==
www.bukalapak.com/ Name: browser_id
Value: 1bd6735f445bda6be1e65ec74f677cff
.bukalapak.com/ Name: identity
Value: c47a0cba7ff96076dd5d72394db7768c
.bukalapak.com/ Name: browser_id
Value: 39d8556afefee2628bb1ffeb5c2c9256
.bukalapak.com/ Name: session_id
Value: 376b2cc6a4e2bb3f07bd8422ab508c9a
.bukalapak.com/ Name: nlbi_2720203
Value: FfifAbVRESx1fVm2aKZlFQAAAABHAq7ntn30oE894sTu6osQ
.bukalapak.com/ Name: visid_incap_2720203
Value: FKO6/Z97Tbm76ckHemPGccSUK2MAAAAAQUIPAAAAAAC5ZZUYppRG/BJTn9MXP20o
.bukalapak.com/ Name: incap_ses_7228_2720203
Value: gpHVWDjDalsmUDQLOQRPZMSUK2MAAAAAFhkn+F9HAjdUFyUllIxyng==
.bukalapak.com/ Name: external_visit_tracker_marketplace
Value: {%22referrer%22:%22%22%2C%22url%22:%22https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=%22%2C%22max_ages%22:%222022-09-21T23:18:36.970Z%22}
.bukalapak.com/ Name: nlbi_2720203_2147483392
Value: NK7cDHu6rR/h20AGaKZlFQAAAABRFA8/gA9NDIPhCXmVvtHn
.www.bukalapak.com/ Name: reese84
Value: 3:qQs7NNSc+F2fKkn3dgw1uQ==:5QctgtPAlTB9/yXs3nuWW0T19mlxFfIP7p9+dnQ19DiCMaqS4jYI6Eud0rEPM7RgcfR155GDsboPeOEBq/i+S5BQ4CT4CLWmxu2TewbHOE4OTEypZ4AHCm/L+JENo67wmtkJbMosRLKqnRz/ng/bk+5T6hH7DwfxZlJ74Rdj0BjIqITTDdOFh7Z9To8kGwR1iIixZCxQlaXtW1r2fmsi393e0jwukKgg+KcwBOY3bbYjC7PrbphwE5AvgbfTBNIVMx1t8OEvtbU2FczMmEsO5fXzRYagQDk79P+qPbB7s1PCVy+aK1CzzfNkyfj/+RKW8FvLs58/KTc+hA0fUfmzu/69sJpP+bK80pGafuOn2qpzlfuX5oQeG5JFfkrqg0qmX5fd0kgfcLcQZ6Wbgo8V7YepIG0QX4rKp/tz52gUwbLDIKb51p2KSzJYgfTsztT/:xqtgbVDv97Syd9CcKMYDybEfAzltLlAmf8C8ah1LVh8=
.bukalapak.com/ Name: _ga_R2T40V5QM5
Value: GS1.1.1663800517.1.0.1663800517.60.0.0
.bukalapak.com/ Name: _ga
Value: GA1.2.1156350718.1663800517
.bukalapak.com/ Name: _gid
Value: GA1.2.12419507.1663800517
.bukalapak.com/ Name: _dc_gtm_UA-12425854-1
Value: 1
.bukalapak.com/ Name: _fbp
Value: fb.1.1663800517400.74702036
.tiktok.com/ Name: _ttp
Value: 2F6788YGGEyaH6XUuAhS5ztVP32
.bukalapak.com/ Name: _tt_enable_cookie
Value: 1
.bukalapak.com/ Name: _ttp
Value: b1be062e-a95d-4e8b-a36f-5fecb469137a
.bukalapak.com/ Name: _gcl_au
Value: 1.1.636475229.1663800518
.bukalapak.com/ Name: __asc
Value: 68629dc4183623d24ad7f68fdf0
.bukalapak.com/ Name: __auc
Value: 68629dc4183623d24ad7f68fdf0
.vidio.com/ Name: ahoy_visitor
Value: 2b9b27f2-c15e-42dd-a4bd-524bd2d3d756
.vidio.com/ Name: ahoy_visit
Value: 1c1a2bc0-3488-447b-b05f-af4c177700ef
.bukalapak.com/ Name: lskjfewjrh34ghj23brjh234
Value: NVJnU2g0dUhTRld6SGY2Y0s1dVJZY3NHVytWSnB0Nmhhb1RKRS82MGR2TFQwYzNBc1V1U3UvcERJZmtOZmVQc2ZnakJQRnkxTXJsNVZPd1V3Z082cnc9PS0teFlQVWFyckhyMVErZGhNd3p5ZEZaQT09--6501906036a61292526595323873ffa20c030b10
.vesta.io/ Name: _iidt
Value: NJmllm9ZnLrX8C9oOtkQ7sGeFdAdRx6DcAwXqbvt6Ae4pX9HxqnYigWtMthbOA3L6j8x/z8kcI2T8Mc2SuOlulYRrm0we9U=
.bukalapak.com/ Name: _vid_t
Value: jzNgjFd7u6JzGoB6oaGm9gbelQrUnjJ2ZpDKKMJytuVrTToobsk5n/gWNnEaJAMxvOdS/G7WDLkAjXQQyqe9fI3akM8NYAc=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.bukalapak.com
cdn.krxd.net
cdp.vidio.com
certify-js.alexametrics.com
certify.alexametrics.com
collectorsvc.apac.vesta.io
connect.facebook.net
glimpse.bukalapak.com
metrics.apac.vesta.io
personalization.vidio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.analytics.google.com
s0.bukalapak.com
static-web.prod.vid.id
stats.g.doubleclick.net
t.bukalapak.com
tls-use1.fpapi.io
unpkg.com
www.bukalapak.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.189.101
13.225.78.28
151.101.194.133
2.18.79.132
2.23.97.122
20.212.159.244
2001:4860:4802:34::36
23.48.23.25
2606:4700::6810:7aaf
2a00:1450:4001:813::200e
2a00:1450:400c:c06::9d
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2008
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.15.76.72
35.190.124.112
35.71.187.5
45.60.154.227
45.60.243.175
95.101.23.179
99.83.173.21
001019d8761f1b4efd62710dd3c7772556a73dc4aaab4e12707db4c3022b9a2c
05b15b9380be5bd4111e848854bfd1ef98b52baae76eb0426f28ae604a1d9ccf
0eb80db5686a46fbff05324f66fc724628370c994b854292ce08fc572be30f84
108d1d501d86d83b0a53ceb3e68548aa3eaf5bd3ad873a18e418e05c6d8cc20f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1453273db2f91bf57fcdcaa2543b6b156836f7f293078ad2671fd15883059498
1acb58320a660fa8c651a61aa84acfd385b0cd0be1c27e774478977475d3be52
348144ef91f759d9e57ea42a782792fdd4f6ea60edbadf717b580b921a293988
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48f9146510aa8ad9146018d15d76a02b6df1f9afe4aebabe4d00b5d03f15a0f4
4ee471d4c389d1ed0e2d427ef0ed282323d81d930a30e26ad5358ac76398c55a
55cdf6ed42266a91ef60372bc0bb22166650950a475d0634b58dcc611f8c2797
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32
5829627535a23ecd89d818a4b6c7062dedecaae16702877bdf359ed992e9dec5
5b732a522be4e8d7246eb7b3b6502a9b37714573bba086f4771e51f577235e05
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fc23dde649c9e0bc33247a5ad56b5effce74200cb109590aef335fb0fb5a1c3
65d588acf9f28f794017d3871783991b3ff26ff8fd814e011f2261ccec5acfd1
6ac96c902ffde611f45bc463dc98201a283bab0d001856b8250644c0015d49aa
708c2842501b80fbbe909a3a56cb6c0eb0d688a9cb0ad49eacc684e8a97749a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8678773bb9d86b20fe04878d39f842598e74b85a467be6a0739ea0c74db78efa
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
98d93aebb9f36b59f681e57cf0e84f102fcd39ceab9c0f7c93f457f9ff4427c2
99306dcb7352777a519f45710985c25befca6709d69bd5db16a846814c140b2d
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f448ea412b0a9f68d380738f4093e333653365ec148973211f590bdebad522f
a94c677c675af1374c09dfd2674586a2528550fb5abcbb08a8cb46acb063bccc
aaa6f143250909e7871f7e3bbd1fb3e33f5a12b2bdd434570f7ae8c7f2638190
abe76fa9203057f310284e662210a817cc642fc5e1e94dcc995d3e750359725b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
b542cd53e3af1271d6f73def8dd7c024447ccfa82d177f9e73138d97ec162588
b6111a8db7c513ab149725f432d388ff04a6729a64fb6f12fe3239418d08e589
bc915714243391970f804af3b196a3db1f93f2f07484da31c68bfd3d2ca57765
bcab2c337f9dd6cac7fb54123beb4f55e2d0a76f57cef17028bf07a37c18348e
bf962d4454782196e44e22e305684485271e82e07fa6dc763dede14b0e6358db
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80e1aa3fa612afee5083f2b71de17328e672175cfc2cfac8f5fe2a6711fe97b
ecc100f8cdfe27c5bb9e395d98226c3586e737c042282e6a3396203b7523316e
ecd8177a8492fa4527d411920f73ba0c1f2d020284e573cfb2a76c271337e3e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdc6efb47f2ecd0ecc31cad223528f7231b43b4268399a752e761c4a6b4c10bb