www.bukalapak.com
45.60.243.175

Go To Rescan
Add Verdict Report

Submitted URL:
https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%2F%2Fwww.bukalapak.c...
Effective URL:
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Submission Tags: falconsandbox
Submission: On September 21 via api (September 21st 2022, 10:48:35 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 17 domains to perform 66 HTTP transactions. The main IP is 45.60.243.175, located in United States and belongs to INCAPSULA, US. The main domain is www.bukalapak.com. The Cisco Umbrella rank of the primary domain is 126672.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 5th 2021. Valid for: a year.

This is the only time www.bukalapak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	45.60.154.227 45.60.154.227	19551 (INCAPSULA) (INCAPSULA)
12	45.60.243.175 45.60.243.175	19551 (INCAPSULA) (INCAPSULA)
8	95.101.23.179 95.101.23.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:80c::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.23.97.122 2.23.97.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	23.48.23.25 23.48.23.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.189.101 13.224.189.101	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.28 13.225.78.28	16509 (AMAZON-02) (AMAZON-02)
1	3.15.76.72 3.15.76.72	16509 (AMAZON-02) (AMAZON-02)
1	2.18.79.132 2.18.79.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	35.190.124.112 35.190.124.112	15169 (GOOGLE) (GOOGLE)
5	20.212.159.244 20.212.159.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	99.83.173.21 99.83.173.21	16509 (AMAZON-02) (AMAZON-02)
1	35.71.187.5 35.71.187.5	16509 (AMAZON-02) (AMAZON-02)
66	23

3 45.60.154.227 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

glimpse.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.60.243.175 (United States)

ASN19551 (INCAPSULA, US)

www.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.23.179 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-179.deploy.static.akamaitechnologies.com

s0.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.97.122 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-122.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.23.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-25.deploy.static.akamaitechnologies.com

personalization.vidio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-101.fra2.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.15.76.72 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-76-72.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.132 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-132.deploy.static.akamaitechnologies.com

static-web.prod.vid.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.124.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.124.190.35.bc.googleusercontent.com

cdp.vidio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.212.159.244 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collectorsvc.apac.vesta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.173.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a64bed9ff5004f5b3.awsglobalaccelerator.com

tls-use1.fpapi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.187.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: a21127ed02ce71173.awsglobalaccelerator.com

metrics.apac.vesta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	bukalapak.com 1 redirects glimpse.bukalapak.com — Cisco Umbrella Rank: 328935 www.bukalapak.com — Cisco Umbrella Rank: 126672 s0.bukalapak.com — Cisco Umbrella Rank: 143357 t.bukalapak.com — Cisco Umbrella Rank: 79128 api.bukalapak.com — Cisco Umbrella Rank: 56938	276 KB
7	vidio.com personalization.vidio.com — Cisco Umbrella Rank: 69003 cdp.vidio.com — Cisco Umbrella Rank: 72708	19 KB
6	vesta.io collectorsvc.apac.vesta.io — Cisco Umbrella Rank: 62256 metrics.apac.vesta.io — Cisco Umbrella Rank: 522164	145 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	491 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	218 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 966	71 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 10655 certify.alexametrics.com — Cisco Umbrella Rank: 6042	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6352	608 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	500 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5636 www.google.com — Cisco Umbrella Rank: 2	850 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	166 KB
1	fpapi.io tls-use1.fpapi.io — Cisco Umbrella Rank: 37260	331 B
1	vid.id static-web.prod.vid.id — Cisco Umbrella Rank: 96791	5 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1613	430 B
66	17

	Domain	Requested by
9	www.bukalapak.com	www.bukalapak.com s0.bukalapak.com
8	s0.bukalapak.com	www.bukalapak.com s0.bukalapak.com
5	collectorsvc.apac.vesta.io	s0.bukalapak.com collectorsvc.apac.vesta.io
5	www.facebook.com	www.bukalapak.com connect.facebook.net
5	connect.facebook.net	www.googletagmanager.com connect.facebook.net collectorsvc.apac.vesta.io
4	cdp.vidio.com	static-web.prod.vid.id
4	analytics.tiktok.com	www.googletagmanager.com analytics.tiktok.com
3	personalization.vidio.com	www.bukalapak.com personalization.vidio.com
3	api.bukalapak.com	s0.bukalapak.com
2	www.google.de	www.bukalapak.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.bukalapak.com
2	unpkg.com	1 redirects www.bukalapak.com
2	t.bukalapak.com	s0.bukalapak.com
2	www.googletagmanager.com	www.bukalapak.com www.googletagmanager.com
1	metrics.apac.vesta.io	collectorsvc.apac.vesta.io
1	tls-use1.fpapi.io	collectorsvc.apac.vesta.io
1	static-web.prod.vid.id	personalization.vidio.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1	certify.alexametrics.com
1	certify-js.alexametrics.com	www.bukalapak.com
1	cdn.krxd.net	www.bukalapak.com
1	www.google.com	www.bukalapak.com
1	region1.analytics.google.com	www.googletagmanager.com
1	glimpse.bukalapak.com	1 redirects
66	25

This site contains no links.

Subject Issuer	Validity	Valid
*.bukalapak.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-05` - `2022-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
www.static6.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-12` - `2023-07-13`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2022-05-30` - `2023-06-27`	a year	crt.sh
certify.alexametrics.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2022-09-12` - `2023-10-11`	a year	crt.sh
vid.id DigiCert SHA2 Secure Server CA	`2022-02-16` - `2023-01-21`	a year	crt.sh
cdp.vidio.com GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
vsafe.apac.vesta.io Go Daddy Secure Certificate Authority - G2	`2022-01-31` - `2023-03-04`	a year	crt.sh
tls-use1.fpapi.io R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
metrics.apac.vesta.io Amazon	`2022-08-21` - `2023-09-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Frame ID: 63BFA93C4AA7B473CA4DE38EB3F6DD5D
Requests: 54 HTTP requests in this frame

Frame: https://personalization.vidio.com/embed.html
Frame ID: 42D7BECAB621B52F3F84B3615DDD604A
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D3036B582BA2BEF94E47CC35A6295352
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%... HTTP 301
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk= Page URL

Detected technologies

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

66
Requests

98 %
HTTPS

39 %
IPv6

17
Domains

25
Subdomains

23
IPs

6
Countries

927 kB
Transfer

2733 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&o=U2hvcHBpbmcgRXhwZXJpZW5jZQ%3D%3D&p=0&subject=Penting%3A%2BKode%2BRahasia&tag=confirmation&template_id=0&type=ClickEmail&u=8r1c1n&user_email=siti.shara%40syngenta.com HTTP 301
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk= Show response
www.bukalapak.com/confirmation/
Redirect Chain

https://glimpse.bukalapak.com/redirect?idi=YzkyNTJjYzktNjA3Ni00MTI3LWI3NDUtOTdkZjY5OTY4ZWRj&link=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&o=U2hvcH...
https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

22 KB
9 KB

349ms
285ms

Document
text/html

45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6ac96c902ffde611f45bc463dc98201a283bab0d001856b8250644c0015d49aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 22:48:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend: westeros
x-cdn: Imperva
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-iinfo: 13-494418-230341 pNNN RT(1663800516389 12) q(0 0 0 2) r(2 2) U12
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 114
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 22:48:36 GMT
location: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
strict-transport-security: max-age=15724800; includeSubDomains
x-cdn: Imperva
x-iinfo: 7-5738158-5738161 nNNN RT(1663800515572 12) q(0 0 4 0) r(6 6) U11

GET
H2 200 ents-we-dested-their-had-tise-Cornesse-Exeunt-to Show response
www.bukalapak.com/ 156 KB
50 KB 22ms
22ms Script
text/javascript 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bukalapak.com/ents-we-dested-their-had-tise-Cornesse-Exeunt-to
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: 9f448ea412b0a9f68d380738f4093e333653365ec148973211f590bdebad522f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
server: connector
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 13-494418-494474 NNNN CT(5 6 0) RT(1663800516389 301) q(0 0 1 -1) r(1 1) U2
cache-control: private, max-age=60
server-timing: bon, total;dur=0.16899499999999998
content-length: 50877
x-cdn: Imperva

GET
H2 200 bazaar@2.41.1.css
s0.bukalapak.com/ast/bazaar-dweb/base/ 124 KB
18 KB 136ms
18ms Stylesheet
text/css 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/ast/bazaar-dweb/base/bazaar@2.41.1.css
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ecc100f8cdfe27c5bb9e395d98226c3586e737c042282e6a3396203b7523316e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 11:32:06 GMT
etag: "17039df1c8efe5ce901637f79088211a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 18437
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 polyfills-84753b0e71d2ce8a7070.js Show response
s0.bukalapak.com/marketplace/ 129 KB
42 KB 118ms
33ms Script
application/javascript 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/polyfills-84753b0e71d2ce8a7070.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48f9146510aa8ad9146018d15d76a02b6df1f9afe4aebabe4d00b5d03f15a0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:39 GMT
etag: "02ff8d769decf2e460af21e1c8f49177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 42936
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 vnd-84753b0e71d2ce8a7070.js Show response
s0.bukalapak.com/marketplace/ 127 KB
45 KB 18ms
18ms Script
application/javascript 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/vnd-84753b0e71d2ce8a7070.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55cdf6ed42266a91ef60372bc0bb22166650950a475d0634b58dcc611f8c2797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:41 GMT
etag: "19eea1b99a59069d59ddd08755538f85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 45830
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 summoner-84753b0e71d2ce8a7070.js Show response
s0.bukalapak.com/marketplace/ 60 KB
20 KB 24ms
23ms Script
application/javascript 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5fc23dde649c9e0bc33247a5ad56b5effce74200cb109590aef335fb0fb5a1c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:39 GMT
etag: "5600a386d58d593d07109cae1cc275a9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 20270
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 app-84753b0e71d2ce8a7070.js Show response
s0.bukalapak.com/marketplace/ 135 KB
40 KB 24ms
23ms Script
application/javascript 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/app-84753b0e71d2ce8a7070.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bcab2c337f9dd6cac7fb54123beb4f55e2d0a76f57cef17028bf07a37c18348e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:38 GMT
etag: "a0e958927e1b4ec36123de91d8a92b12"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 40391
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 vesta-84753b0e71d2ce8a7070.js Show response
s0.bukalapak.com/marketplace/ 6 KB
3 KB 33ms
32ms Script
application/javascript 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/vesta-84753b0e71d2ce8a7070.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65d588acf9f28f794017d3871783991b3ff26ff8fd814e011f2261ccec5acfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:41 GMT
etag: "0689a6432c184d46da6d439dac90989e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 2505
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 _Incapsula_Resource Show response
www.bukalapak.com/ 142 KB
20 KB 17ms
16ms Script
application/javascript 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bukalapak.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=523348992
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1453273db2f91bf57fcdcaa2543b6b156836f7f293078ad2671fd15883059498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20246
content-type: application/javascript

GET
H2 200 application-v2-84753b0e71d2ce8a7070.css
s0.bukalapak.com/marketplace/ 29 KB
21 KB 54ms
18ms Stylesheet
text/css 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/application-v2-84753b0e71d2ce8a7070.css
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ecd8177a8492fa4527d411920f73ba0c1f2d020284e573cfb2a76c271337e3e3

Request headers

Referer: https://www.bukalapak.com/
Origin: https://www.bukalapak.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:38 GMT
etag: "c789005c3a107a09e181368fa062fc7a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 21047
expires: Wed, 21 Sep 2022 23:48:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
93 KB 213ms
92ms Script
application/javascript 2a00:1450:400d:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THDD63

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc915714243391970f804af3b196a3db1f93f2f07484da31c68bfd3d2ca57765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94292
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 22:04:26 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 22:48:37 GMT

GET
H2 200 _Incapsula_Resource
www.bukalapak.com/ 1 B
35 B 7ms
7ms Image
text/plain 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bukalapak.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8844688597416475
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H2 200 track_external.json Show response
www.bukalapak.com/ 28 B
242 B 266ms
265ms XHR
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bukalapak.com/track_external.json

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/vnd-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6111a8db7c513ab149725f432d388ff04a6729a64fb6f12fe3239418d08e589

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 13-494418-230341 pNYN RT(1663800516389 571) q(0 0 0 -1) r(3 3) U6
strict-transport-security: max-age=15724800; includeSubDomains
x-backend: siburung

POST
H2 200 track-external-visit Show response
www.bukalapak.com/ 62 B
228 B 286ms
286ms XHR
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bukalapak.com/track-external-visit

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/vnd-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

108d1d501d86d83b0a53ceb3e68548aa3eaf5bd3ad873a18e418e05c6d8cc20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-iinfo: 13-494418-244779 pNYN RT(1663800516389 582) q(0 0 0 -1) r(3 3) U6
strict-transport-security: max-age=15724800; includeSubDomains
x-backend: siburung

POST
H2 200 westeros_auth_proxies Show response
www.bukalapak.com/ 210 B
584 B 307ms
306ms XHR
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bukalapak.com/westeros_auth_proxies

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a94c677c675af1374c09dfd2674586a2528550fb5abcbb08a8cb46acb063bccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-backend: westeros
date: Wed, 21 Sep 2022 22:48:37 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-494418-274584 pNYN RT(1663800516389 587) q(0 0 0 -1) r(3 3) U6
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
vary: Accept-Encoding
x-cdn: Imperva

POST
H2 200 e Show response
t.bukalapak.com/ 2 B
428 B 209ms
208ms Fetch
text/plain 45.60.154.227
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://t.bukalapak.com/e

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/app-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.227 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
Env: production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bukalapak.com
x-iinfo: 14-17067966-17067766 PNYN RT(1663800516881 217) q(0 1 1 1) r(2 2) U6
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 e
t.bukalapak.com/ Frame 0
0 290ms
205ms Preflight 45.60.154.227
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://t.bukalapak.com/e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.154.227 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: env
Access-Control-Request-Method: POST
Origin: https://www.bukalapak.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Env
access-control-allow-methods: POST
access-control-allow-origin: https://www.bukalapak.com
access-control-max-age: 300
content-length: 0
date: Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cdn: Imperva
x-iinfo: 14-17067966-17067766 PNNN RT(1663800516881 11) q(0 0 0 1) r(2 2) U6

GET
H2 200 svc-desktop-services-snackbar-index-84753b0e71d2ce8a7070.js Show response
s0.bukalapak.com/marketplace/ 10 KB
3 KB 18ms
18ms Script
application/javascript 95.101.23.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.bukalapak.com/marketplace/svc-desktop-services-snackbar-index-84753b0e71d2ce8a7070.js
Requested by: Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/app-84753b0e71d2ce8a7070.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.179 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 708c2842501b80fbbe909a3a56cb6c0eb0d688a9cb0ad49eacc684e8a97749a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 08:00:40 GMT
etag: "65dd7e5f548bf4e32b352e589b9cbf9a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 3183
expires: Wed, 21 Sep 2022 23:48:37 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.0.2/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

7 KB
3 KB

22ms
21ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 577570
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1a22-hgiiFG7C7LJYmxvR7SzubSsy+G8"
fly-request-id: 01GCZX07Q7Q78Z7M2AKK5H4X3P-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74e65970ecd39180-FRA

Redirect headers

date: Wed, 21 Sep 2022 22:48:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GDH3DR3AJ6PFCZW2T8EPDHJ5-fra
server: cloudflare
age: 408
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@3.0.2/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74e65970bc9e9180-FRA
access-control-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
73 KB 83ms
79ms Script
application/javascript 2a00:1450:400d:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R2T40V5QM5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc6efb47f2ecd0ecc31cad223528f7231b43b4268399a752e761c4a6b4c10bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74676
x-xss-protection: 0
expires: Wed, 21 Sep 2022 22:48:37 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 127 KB
38 KB 317ms
193ms Script
application/javascript 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8678773bb9d86b20fe04878d39f842598e74b85a467be6a0739ea0c74db78efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 42ed6735.4036205d
date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-222-0-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 165,2.23.97.118
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=15, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220921224837897F86A556B6EE4ABA8F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.222.0.196
x-tt-trace-host: 012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3a7a6edb35599b5a2d38bec009a1ceeb76c4b79d399c407743af1e405c989d3dfa1d9a30383124dab7e3fd09404242097233a28a40f5e8ce3c7039cfa77509ac6e
expires: Wed, 21 Sep 2022 22:48:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6397
date: Wed, 21 Sep 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 23:02:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 70ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THDD63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: X4FK4c9YEscgTUfYhDtNk4m4WQgOjRlM7nyx5l+L8uqLXKU743yeoUJ5xf4pfkDYAHSRhR0jmNopnpdipDEowA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 ents-we-dested-their-had-tise-Cornesse-Exeunt-to Show response
www.bukalapak.com/ 585 B
741 B 50ms
49ms Fetch
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bukalapak.com/ents-we-dested-their-had-tise-Cornesse-Exeunt-to?d=www.bukalapak.com
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/ents-we-dested-their-had-tise-Cornesse-Exeunt-to
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: aaa6f143250909e7871f7e3bbd1fb3e33f5a12b2bdd434570f7ae8c7f2638190

Request headers

Accept: application/json; charset=utf-8
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
server: connector
content-type: application/json
access-control-allow-origin: *
x-iinfo: 13-494418-494474 PNYN RT(1663800516389 834) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=38.961244
x-cdn: Imperva

POST
H2 200 toggles Show response
api.bukalapak.com/_exclusive/neo/ 107 B
660 B 208ms
207ms XHR
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bukalapak.com/_exclusive/neo/toggles?access_token=J1S0mvw8ZqNrn8kKWwSiRKiH9lrDRbcl3mKnrX9PFTgmog

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

348144ef91f759d9e57ea42a782792fdd4f6ea60edbadf717b580b921a293988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-route-pattern: /_exclusive/neo/toggles
x-iinfo: 14-566951-477617 pNYN RT(1663800517318 214) q(0 0 0 2) r(2 2) U5
vary: Origin
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bukalapak.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: 0

OPTIONS
H2 200 toggles
api.bukalapak.com/_exclusive/neo/ Frame 0
0 246ms
199ms Preflight 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bukalapak.com/_exclusive/neo/toggles?access_token=J1S0mvw8ZqNrn8kKWwSiRKiH9lrDRbcl3mKnrX9PFTgmog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bukalapak.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bukalapak.com
access-control-max-age: 86400
content-length: 0
date: Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cdn: Imperva
x-iinfo: 14-566951-477617 pNNN RT(1663800517318 13) q(0 0 0 0) r(2 2) U5

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 38ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: ZEe2xwBlM6gexiaAF6gffhMXpfGbAVnkaXDLGyt+lafn6tI7tlK/Vt32P+BfUWk2dVnwdVrOBt9H0fBwB6d9iA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 410856109079318 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 64ms
44ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410856109079318?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99306dcb7352777a519f45710985c25befca6709d69bd5db16a846814c140b2d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86060
x-xss-protection: 0
pragma: public
x-fb-debug: SLRyfWDdyAh/LqMxUdWMlM18eOHqEDG6N8lMx9+SpAQ6QuLriZSt8G+aa5DOjA/2+/sQhNuS6+qnvrPAiRizRQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 22:48:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
349 B 109ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R2T40V5QM5&gtm=2oe9j0&_p=1812571398&_gaz=1&cid=1156350718.1663800517&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663800517&sct=1&seg=0&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&dt=Situs%20Belanja%20Online%20dan%20Jual%20Beli%20Mudah%20Terpercaya%20%7C%20Bukalapak&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2T40V5QM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 22:48:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bukalapak.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 61ms
19ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R2T40V5QM5&cid=1156350718.1663800517&gtm=2oe9j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2T40V5QM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 22:48:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bukalapak.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 193ms
76ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R2T40V5QM5&cid=1156350718.1663800517&gtm=2oe9j0&aip=1&z=2052692901

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 22:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 25ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-12425854-1&cid=1156350718.1663800517&jid=2147039513&gjid=2059597594&_gid=12419507.1663800517&_u=YCDAgEABAAAAAE~&z=1079917706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Sep 2022 22:48:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.bukalapak.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 121ms
42ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1812571398&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&ul=en-us&de=UTF-8&dt=Situs%20Belanja%20Online%20dan%20Jual%20Beli%20Mudah%20Terpercaya%20%7C%20Bukalapak&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=2147039513&gjid=2059597594&cid=1156350718.1663800517&tid=UA-12425854-1&_gid=12419507.1663800517&gtm=2wg9j0THDD63&cd2=Guest&z=25122954

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 19:18:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12602
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 70ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410856109079318&ev=PageView&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&rl=&if=false&ts=1663800517401&sw=1600&sh=1200&ud[cn]=a56145270ce6b3bebd1dd012b73948677dd618d496488bc608a3cb43ce3547dd&v=2.9.83&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1663800517400.74702036&it=1663800517300&coo=false&tm=1&rqm=GET

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 21 Sep 2022 22:48:37 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 190ms
72ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-12425854-1&cid=1156350718.1663800517&jid=2147039513&_u=YCDAgEABAAAAAE~&z=644701754

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 22:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 128ms
72ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-12425854-1&cid=1156350718.1663800517&jid=2147039513&_u=YCDAgEABAAAAAE~&z=644701754

Requested by

Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 22:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 130ms
130ms Script
application/javascript 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 42ed6c19.40362189
date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-222-0-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 103,2.23.97.118
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=6, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20220921224837897F86A556B6EE4ABAA7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.222.0.196
x-tt-trace-host: 012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3a7a6edb35599b5a2d38bec009a1ceeb76c4b79d399c407743af1e405c989d3dfa97b24aabfe0232d2d4348532bd406b2e7aa36ce81daa090d06b13411ace69441
expires: Wed, 21 Sep 2022 22:48:37 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 867 B
1 KB 131ms
131ms Script
application/javascript 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7EMQ24RNSL79GUTC4B0&hostname=www.bukalapak.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05b15b9380be5bd4111e848854bfd1ef98b52baae76eb0426f28ae604a1d9ccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 11dc8a0d.403621cb
date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-36-66-38.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 103,2.23.97.118
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=5, inner; dur=3
content-length: 349
pragma: no-cache
server: nginx
x-tt-logid: 202209212248379972B86144E27F4DFDE7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.36.66.38
x-tt-trace-host: 012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3afa56961b8f4d989dcd9a040de4d0b812dfc31c3877c4846f32140032d901ee50b86a5d15e584d0ad40bb5149c73e111ea3cd96589338c68fc2e71293a4d2f736
expires: Wed, 21 Sep 2022 22:48:37 GMT

POST
H2 200 westeros_auth_proxies Show response
www.bukalapak.com/ 210 B
475 B 307ms
307ms XHR
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bukalapak.com/westeros_auth_proxies

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a94c677c675af1374c09dfd2674586a2528550fb5abcbb08a8cb46acb063bccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-backend: westeros
date: Wed, 21 Sep 2022 22:48:37 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-494418-274584 pNYN RT(1663800516389 1352) q(0 0 0 -1) r(3 3) U6
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
vary: Accept-Encoding
x-cdn: Imperva

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
685 B 160ms
159ms Ping
application/octet-stream 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7EMQ24RNSL79GUTC4B0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cce9aa8c.403622a1
date: Wed, 21 Sep 2022 22:48:37 GMT
x-cache-remote: TCP_MISS from a23-222-0-201.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 123,2.23.97.118
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=18, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220921224837647F8106BA360D3DD751
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.222.0.201
x-tt-trace-host: 012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3aeb061680a8641d677d08a4eefb9a6b9de9e40f57118642f04d0b85119934c73776689f443411883ad4bd98d8af36d267607c095bb60c52240b54ed5df2165a34
expires: Wed, 21 Sep 2022 22:48:37 GMT

GET
H2 200 tgpnc5f66.js Show response
cdn.krxd.net/controltag/ 2 B
430 B 53ms
7ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tgpnc5f66.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 21 Sep 2022 22:48:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 603
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000162-IAD, cache-hhn4052-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1663800518.804558,VS0,VE1
etag: "bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 embed.html Show response
personalization.vidio.com/ Frame 42D7 1 KB
998 B 127ms
8ms Document
text/html 23.48.23.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://personalization.vidio.com/embed.html
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-25.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bf962d4454782196e44e22e305684485271e82e07fa6dc763dede14b0e6358db

Request headers

Referer: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 598
content-type: text/html
date: Wed, 21 Sep 2022 22:48:37 GMT
etag: "bf09eeb2fb34d7151ed49bf8a4dae7d1"
last-modified: Mon, 07 Mar 2022 09:28:14 GMT
server: UploadServer
unused62: 8096267
vary: Accept-Encoding
x-goog-hash: crc32c=fTHzvw== md5=vwnusvs01xUe1Jv4pNrn0Q==
x-guploader-uploadid: ADPycdvgacihFML2KfiXVIN3B2yBcqC4xOmOh7GEwY3IYQ9rbDE9OIz5BhfPxu_TaE4-hWBbw4TPjWD8WXJjcYzv8BU

GET
H2 200 embed.js Show response
personalization.vidio.com/ 28 KB
11 KB 130ms
9ms Script
application/javascript 23.48.23.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://personalization.vidio.com/embed.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-25.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 001019d8761f1b4efd62710dd3c7772556a73dc4aaab4e12707db4c3022b9a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvFrGPsGcwV9jP9gB0IVDXpGw5sN2aFEWPgx_rJeg-3o-d0JnQD_R2y9fDjSES2Fkl8MKZtruE1gj8ZYBJJX1U
x-goog-hash: crc32c=YeMUWQ==, md5=C8ZHz56alkvUyh7+dDqaxw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 10552
last-modified: Mon, 07 Mar 2022 09:28:12 GMT
server: UploadServer
etag: "0bc647cf9e9a964bd4ca1efe743a9ac7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 40ms
8ms Script
application/javascript 13.224.189.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.bukalapak.com
URL: https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 06:04:40 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 9305038
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: nOxenwVg78ferD0rKtGMJflze30Zh2ZAmhJbyfbfdSl1aV81FTdKuw==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 48ms
7ms Image
image/gif 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Situs%20Belanja%20Online%20dan%20Jual%20Beli%20Mudah%20Terpercaya%20%7C%20Bukalapak&time=1663800517806&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&random_number=18406388328&sess_cookie=68629dc4183623d24ad7f68fdf0&sess_cookie_flag=1&user_cookie=68629dc4183623d24ad7f68fdf0&user_cookie_flag=1&dynamic=true&domain=bukalapak.com&account=4Fkbi1aoZM00Ua&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 02:09:43 GMT
Via: 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 74335
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: HxgEOx26689TBJtWjDpIFqbPFIcBWjgRiVUiXbFgtSQ2UE05QCOyDg==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 476ms
110ms Image
text/plain 3.15.76.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.76.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-76-72.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:38 GMT
server: Server

GET
H2 200 ahoy-falcon-2022-01-13-02-35-43.js Show response
static-web.prod.vid.id/ahoy/ Frame 42D7 15 KB
5 KB 135ms
18ms Script
application/javascript 2.18.79.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-web.prod.vid.id/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Requested by: Host: personalization.vidio.com
URL: https://personalization.vidio.com/embed.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.132 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-132.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32

Request headers

Referer: https://personalization.vidio.com/
Origin: https://personalization.vidio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:38 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 08:20:30 GMT
server: UploadServer
etag: "c805d2d1d4987fcfda26b9bfd5956759"
vary: Accept-Encoding
x-goog-hash: crc32c=q/fApw==, md5=yAXS0dSYf8/aJrm/1ZVnWQ==
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-transform, max-age=31453341
access-control-allow-methods: GET,POST
accept-ranges: bytes
x-guploader-uploadid: ADPycdsVHQUTYtvHk8GQV-lTmbSkcJgr6fpsCr0Y5UIu5w4jr2s2jEP1LR-PCkLxYtFfiQ9IsFM0QEl-Z0cySm4DkYo
content-length: 4447

GET
H2 200 embed-internal.e8fa0db3036d99f15525.js Show response
personalization.vidio.com/ Frame 42D7 18 KB
7 KB 8ms
8ms Script
application/javascript 23.48.23.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://personalization.vidio.com/embed-internal.e8fa0db3036d99f15525.js
Requested by: Host: personalization.vidio.com
URL: https://personalization.vidio.com/embed.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-25.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 98d93aebb9f36b59f681e57cf0e84f102fcd39ceab9c0f7c93f457f9ff4427c2

Request headers

Referer: https://personalization.vidio.com/embed.html
Origin: https://personalization.vidio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 21 Sep 2022 22:48:37 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdseN2Hl_oT59xtnRVnJ4VDv2f6Gias2gndZaAV0jOmcAaCXHKcz124joRMJWtAxvS6auJ5_kqk93i5yvgncbDc
x-goog-hash: crc32c=5OLK/g==, md5=nZyKBt91RyK3EOVPHmVZ+Q==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 7046
last-modified: Mon, 07 Mar 2022 09:28:11 GMT
server: UploadServer
etag: "9d9c8a06df754722b710e54f1e6559f9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D303 0
18 B 41ms
18ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.bukalapak.com
Referer: https://www.bukalapak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.bukalapak.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 22:48:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 visits
cdp.vidio.com/ahoy/ Frame 0
0 389ms
326ms Preflight
text/plain 35.190.124.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/ahoy/visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.124.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://personalization.vidio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://personalization.vidio.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 22:48:38 GMT
server: nginx
server-node: emtek-cdp-vertx-prod-zq6n
via: 1.1 google

POST
H3 200 visits Show response
cdp.vidio.com/ahoy/ Frame 42D7 0
12 B 359ms
329ms XHR
text/plain 35.190.124.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/ahoy/visits
Requested by: Host: static-web.prod.vid.id
URL: https://static-web.prod.vid.id/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.124.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://personalization.vidio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://personalization.vidio.com
date: Wed, 21 Sep 2022 22:48:38 GMT
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
server-node: emtek-cdp-vertx-prod-zgfq

GET
H2 200 fds-sessions Show response
api.bukalapak.com/_exclusive/payments/credit-cards/ 91 B
579 B 264ms
264ms XHR
application/json 45.60.243.175
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bukalapak.com/_exclusive/payments/credit-cards/fds-sessions?access_token=J1S0mvw8ZqNrn8kKWwSiRKiH9lrDRbcl3mKnrX9PFTgmog

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/summoner-84753b0e71d2ce8a7070.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.175 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0eb80db5686a46fbff05324f66fc724628370c994b854292ce08fc572be30f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-route-pattern: /_exclusive/payments/credit-cards/fds-sessions
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.bukalapak.com
x-iinfo: 14-566951-477617 pNYN RT(1663800517318 732) q(0 0 0 -1) r(3 3) U5
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 29b693be15276d64305bd58e24b15f9d

GET
H/1.1 200 vdccs.js Show response
collectorsvc.apac.vesta.io/DCCSProxy/Service/ 142 KB
143 KB 1096ms
351ms Script
text/javascript 20.212.159.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143

Requested by

Host: s0.bukalapak.com
URL: https://s0.bukalapak.com/marketplace/vesta-84753b0e71d2ce8a7070.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b732a522be4e8d7246eb7b3b6502a9b37714573bba086f4771e51f577235e05

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 22:48:39 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Methods: GET, POST
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, X-Custom-Header
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H/1.1 200 InsertUserData
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/ Frame 0
0 487ms
164ms Preflight 20.212.159.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertUserData

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bukalapak.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type, X-Custom-Header
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Date: Wed, 21 Sep 2022 22:48:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b542cd53e3af1271d6f73def8dd7c024447ccfa82d177f9e73138d97ec162588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LzgpDVB32AwGrzwpoLen0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: K/XhwJRzoqoIMxBiWfkDuIy+xGdkJQPy0xlOM7MeugILGxzr7m/NFTOEoCOrW32RtloqS+JP8zd3lupWeEhkmQ==
x-fb-content-md5: d02a16e8e6c2db9ee5c93944ae1f957e
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 22:48:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ea1399ed13fa5fdfb82c90aa9a71d04b"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Sep 2022 23:06:34 GMT

POST
H/1.1 200 InsertUserData Show response
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/ 20 B
627 B 168ms
168ms XHR
application/json 20.212.159.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertUserData

Requested by

Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1acb58320a660fa8c651a61aa84acfd385b0cd0be1c27e774478977475d3be52

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 21 Sep 2022 22:48:40 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Security-Policy: default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Headers: Content-Type, X-Custom-Header
Content-Length: 20
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
tls-use1.fpapi.io/ 204 B
331 B 310ms
98ms XHR
text/plain 99.83.173.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tls-use1.fpapi.io/

Requested by

Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.173.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a64bed9ff5004f5b3.awsglobalaccelerator.com

Software

Resource Hash

4ee471d4c389d1ed0e2d427ef0ed282323d81d930a30e26ad5358ac76398c55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Wed, 21 Sep 2022 22:48:40 GMT
content-length: 204
content-type: text/plain; charset=utf-8

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
85 KB 38ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d1c65fab129966702ab7e5a2f499882d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5829627535a23ecd89d818a4b6c7062dedecaae16702877bdf359ed992e9dec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bukalapak.com/
Origin: https://www.bukalapak.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MGqgFFLQEpvtDsHju8Oz9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87333
x-fb-rlafr: 0
x-fb-debug: bNGYD8ORf4d+26mbJ7JP9l3T+Qk3aLKB7eaXZ/+rnC9cNGsrdo4/jdglZFS/2ClmQMxgpYD/kZ6Z6zH9GwiJnw==
x-fb-content-md5: 2e98c6cd19769d22c628eacf5f34ea5b
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 22:48:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8683960670f9111b8b2b981a92f713e3"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Sep 2023 22:06:43 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 51ms
51ms Fetch
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=941008879243673&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d1c65fab129966702ab7e5a2f499882d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 2vjpL6o5klUwvT8j/3a9IyCf2jEozi23OJ17NUIFnGUt5ifRQuAD70uTS7VZxyikXMeT00fCxfMNtEvioEy06g==
fb-s: unknown
date: Wed, 21 Sep 2022 22:48:39 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bukalapak.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941008879243673&ev=fb_page_view&dl=https%3A%2F%2Fwww.bukalapak.com%2Fconfirmation%2Fc2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk%3D&rl=&if=false&ts=1663800519969&sw=1600&sh=1200&at=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 21 Sep 2022 22:48:39 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bukalapak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 22:48:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 21 Sep 2022 22:48:39 GMT

POST
H2 200 / Show response
metrics.apac.vesta.io/ 356 B
858 B 763ms
254ms XHR
text/plain 35.71.187.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.apac.vesta.io/?ci=js/3.5.6

Requested by

Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.187.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a21127ed02ce71173.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e80e1aa3fa612afee5083f2b71de17328e672175cfc2cfac8f5fe2a6711fe97b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
server: nginx
date: Wed, 21 Sep 2022 22:48:41 GMT
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://www.bukalapak.com
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
vary: Origin
content-length: 356
x-content-type-options: nosniff

POST
H3 200 events Show response
cdp.vidio.com/ Frame 42D7 0
12 B 367ms
367ms XHR
text/plain 35.190.124.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/events
Requested by: Host: static-web.prod.vid.id
URL: https://static-web.prod.vid.id/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.124.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://personalization.vidio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://personalization.vidio.com
date: Wed, 21 Sep 2022 22:48:41 GMT
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
server-node: emtek-cdp-vertx-prod-zq6n

OPTIONS
H3 200 events
cdp.vidio.com/ Frame 0
0 335ms
334ms Preflight
text/plain 35.190.124.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.124.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.124.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://personalization.vidio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://personalization.vidio.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 22:48:41 GMT
server: nginx
server-node: emtek-cdp-vertx-prod-zq6n
via: 1.1 google

POST
H/1.1 200 InsertFingerprintPro Show response
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/ 45 B
652 B 251ms
251ms XHR
application/json 20.212.159.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertFingerprintPro

Requested by

Host: collectorsvc.apac.vesta.io
URL: https://collectorsvc.apac.vesta.io/DCCSProxy/Service/vdccs.js?AccountName=bukalapak&WebSessionID=121_2033198143

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abe76fa9203057f310284e662210a817cc642fc5e1e94dcc995d3e750359725b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bukalapak.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 21 Sep 2022 22:48:41 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Security-Policy: default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Headers: Content-Type, X-Custom-Header
Content-Length: 45
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 InsertFingerprintPro
collectorsvc.apac.vesta.io/DataCollectorProxy/Service/ Frame 0
0 165ms
164ms Preflight 20.212.159.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://collectorsvc.apac.vesta.io:8443/DataCollectorProxy/Service/InsertFingerprintPro

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.212.159.244 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bukalapak.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type, X-Custom-Header
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'none'; font-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'
Date: Wed, 21 Sep 2022 22:48:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bukalapak.com/confirmation	1969-12-31 23:59:59	Name: logLevel Value: 0
www.bukalapak.com/confirmation	1969-12-31 23:59:59	Name: vstreamID Value: 121_2033198143
.bukalapak.com/	1970-01-20 14:55:35	Name: visid_incap_2719319 Value: eGd+4LlMSk2oyr5YHQdFNcOUK2MAAAAAQUIPAAAAAACga0cXvWix6xpQ8oLlZgo0
.bukalapak.com/	1969-12-31 23:59:59	Name: incap_ses_273_2719319 Value: JUUqfY4coFEqCONRyuTJA8SUK2MAAAAAjrO3uNo+SplmBJq+Ugho+Q==
www.bukalapak.com/	1969-12-31 23:59:59	Name: browser_id Value: 1bd6735f445bda6be1e65ec74f677cff
.bukalapak.com/	1970-01-20 15:46:00	Name: identity Value: c47a0cba7ff96076dd5d72394db7768c
.bukalapak.com/	1970-01-20 15:46:00	Name: browser_id Value: 39d8556afefee2628bb1ffeb5c2c9256
.bukalapak.com/	1969-12-31 23:59:59	Name: session_id Value: 376b2cc6a4e2bb3f07bd8422ab508c9a
.bukalapak.com/	1969-12-31 23:59:59	Name: nlbi_2720203 Value: FfifAbVRESx1fVm2aKZlFQAAAABHAq7ntn30oE894sTu6osQ
.bukalapak.com/	1970-01-20 14:55:34	Name: visid_incap_2720203 Value: FKO6/Z97Tbm76ckHemPGccSUK2MAAAAAQUIPAAAAAAC5ZZUYppRG/BJTn9MXP20o
.bukalapak.com/	1969-12-31 23:59:59	Name: incap_ses_7228_2720203 Value: gpHVWDjDalsmUDQLOQRPZMSUK2MAAAAAFhkn+F9HAjdUFyUllIxyng==
.bukalapak.com/	1970-01-20 06:10:02	Name: external_visit_tracker_marketplace Value: {%22referrer%22:%22%22%2C%22url%22:%22https://www.bukalapak.com/confirmation/c2l0aS5zaGFyYUBzeW5nZW50YS5jb206NjYzMzk=%22%2C%22max_ages%22:%222022-09-21T23:18:36.970Z%22}
.bukalapak.com/	1969-12-31 23:59:59	Name: nlbi_2720203_2147483392 Value: NK7cDHu6rR/h20AGaKZlFQAAAABRFA8/gA9NDIPhCXmVvtHn
.www.bukalapak.com/	1970-01-20 06:53:12	Name: reese84 Value: 3:qQs7NNSc+F2fKkn3dgw1uQ==:5QctgtPAlTB9/yXs3nuWW0T19mlxFfIP7p9+dnQ19DiCMaqS4jYI6Eud0rEPM7RgcfR155GDsboPeOEBq/i+S5BQ4CT4CLWmxu2TewbHOE4OTEypZ4AHCm/L+JENo67wmtkJbMosRLKqnRz/ng/bk+5T6hH7DwfxZlJ74Rdj0BjIqITTDdOFh7Z9To8kGwR1iIixZCxQlaXtW1r2fmsi393e0jwukKgg+KcwBOY3bbYjC7PrbphwE5AvgbfTBNIVMx1t8OEvtbU2FczMmEsO5fXzRYagQDk79P+qPbB7s1PCVy+aK1CzzfNkyfj/+RKW8FvLs58/KTc+hA0fUfmzu/69sJpP+bK80pGafuOn2qpzlfuX5oQeG5JFfkrqg0qmX5fd0kgfcLcQZ6Wbgo8V7YepIG0QX4rKp/tz52gUwbLDIKb51p2KSzJYgfTsztT/:xqtgbVDv97Syd9CcKMYDybEfAzltLlAmf8C8ah1LVh8=
.bukalapak.com/	1970-01-20 15:46:00	Name: _ga_R2T40V5QM5 Value: GS1.1.1663800517.1.0.1663800517.60.0.0
.bukalapak.com/	1970-01-20 15:46:00	Name: _ga Value: GA1.2.1156350718.1663800517
.bukalapak.com/	1970-01-20 06:11:26	Name: _gid Value: GA1.2.12419507.1663800517
.bukalapak.com/	1970-01-20 06:10:00	Name: _dc_gtm_UA-12425854-1 Value: 1
.bukalapak.com/	1970-01-20 08:19:36	Name: _fbp Value: fb.1.1663800517400.74702036
.tiktok.com/	1970-01-20 15:31:36	Name: _ttp Value: 2F6788YGGEyaH6XUuAhS5ztVP32
.bukalapak.com/	1970-01-20 15:31:36	Name: _tt_enable_cookie Value: 1
.bukalapak.com/	1970-01-20 15:31:36	Name: _ttp Value: b1be062e-a95d-4e8b-a36f-5fecb469137a
.bukalapak.com/	1970-01-20 08:19:36	Name: _gcl_au Value: 1.1.636475229.1663800518
.bukalapak.com/	1970-01-20 06:10:02	Name: __asc Value: 68629dc4183623d24ad7f68fdf0
.bukalapak.com/	1970-01-20 14:57:02	Name: __auc Value: 68629dc4183623d24ad7f68fdf0
.vidio.com/	1970-01-20 15:46:00	Name: ahoy_visitor Value: 2b9b27f2-c15e-42dd-a4bd-524bd2d3d756
.vidio.com/	1970-01-20 06:10:02	Name: ahoy_visit Value: 1c1a2bc0-3488-447b-b05f-af4c177700ef
.bukalapak.com/	1969-12-31 23:59:59	Name: lskjfewjrh34ghj23brjh234 Value: NVJnU2g0dUhTRld6SGY2Y0s1dVJZY3NHVytWSnB0Nmhhb1RKRS82MGR2TFQwYzNBc1V1U3UvcERJZmtOZmVQc2ZnakJQRnkxTXJsNVZPd1V3Z082cnc9PS0teFlQVWFyckhyMVErZGhNd3p5ZEZaQT09--6501906036a61292526595323873ffa20c030b10
.vesta.io/	1970-01-20 14:55:36	Name: _iidt Value: NJmllm9ZnLrX8C9oOtkQ7sGeFdAdRx6DcAwXqbvt6Ae4pX9HxqnYigWtMthbOA3L6j8x/z8kcI2T8Mc2SuOlulYRrm0we9U=
.bukalapak.com/	1970-01-20 14:55:36	Name: _vid_t Value: jzNgjFd7u6JzGoB6oaGm9gbelQrUnjJ2ZpDKKMJytuVrTToobsk5n/gWNnEaJAMxvOdS/G7WDLkAjXQQyqe9fI3akM8NYAc=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.bukalapak.com
cdn.krxd.net
cdp.vidio.com
certify-js.alexametrics.com
certify.alexametrics.com
collectorsvc.apac.vesta.io
connect.facebook.net
glimpse.bukalapak.com
metrics.apac.vesta.io
personalization.vidio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.analytics.google.com
s0.bukalapak.com
static-web.prod.vid.id
stats.g.doubleclick.net
t.bukalapak.com
tls-use1.fpapi.io
unpkg.com
www.bukalapak.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.189.101
13.225.78.28
151.101.194.133
2.18.79.132
2.23.97.122
20.212.159.244
2001:4860:4802:34::36
23.48.23.25
2606:4700::6810:7aaf
2a00:1450:4001:813::200e
2a00:1450:400c:c06::9d
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2008
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.15.76.72
35.190.124.112
35.71.187.5
45.60.154.227
45.60.243.175
95.101.23.179
99.83.173.21
001019d8761f1b4efd62710dd3c7772556a73dc4aaab4e12707db4c3022b9a2c
05b15b9380be5bd4111e848854bfd1ef98b52baae76eb0426f28ae604a1d9ccf
0eb80db5686a46fbff05324f66fc724628370c994b854292ce08fc572be30f84
108d1d501d86d83b0a53ceb3e68548aa3eaf5bd3ad873a18e418e05c6d8cc20f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1453273db2f91bf57fcdcaa2543b6b156836f7f293078ad2671fd15883059498
1acb58320a660fa8c651a61aa84acfd385b0cd0be1c27e774478977475d3be52
348144ef91f759d9e57ea42a782792fdd4f6ea60edbadf717b580b921a293988
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48f9146510aa8ad9146018d15d76a02b6df1f9afe4aebabe4d00b5d03f15a0f4
4ee471d4c389d1ed0e2d427ef0ed282323d81d930a30e26ad5358ac76398c55a
55cdf6ed42266a91ef60372bc0bb22166650950a475d0634b58dcc611f8c2797
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32
5829627535a23ecd89d818a4b6c7062dedecaae16702877bdf359ed992e9dec5
5b732a522be4e8d7246eb7b3b6502a9b37714573bba086f4771e51f577235e05
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fc23dde649c9e0bc33247a5ad56b5effce74200cb109590aef335fb0fb5a1c3
65d588acf9f28f794017d3871783991b3ff26ff8fd814e011f2261ccec5acfd1
6ac96c902ffde611f45bc463dc98201a283bab0d001856b8250644c0015d49aa
708c2842501b80fbbe909a3a56cb6c0eb0d688a9cb0ad49eacc684e8a97749a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8678773bb9d86b20fe04878d39f842598e74b85a467be6a0739ea0c74db78efa
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
98d93aebb9f36b59f681e57cf0e84f102fcd39ceab9c0f7c93f457f9ff4427c2
99306dcb7352777a519f45710985c25befca6709d69bd5db16a846814c140b2d
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f448ea412b0a9f68d380738f4093e333653365ec148973211f590bdebad522f
a94c677c675af1374c09dfd2674586a2528550fb5abcbb08a8cb46acb063bccc
aaa6f143250909e7871f7e3bbd1fb3e33f5a12b2bdd434570f7ae8c7f2638190
abe76fa9203057f310284e662210a817cc642fc5e1e94dcc995d3e750359725b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
b542cd53e3af1271d6f73def8dd7c024447ccfa82d177f9e73138d97ec162588
b6111a8db7c513ab149725f432d388ff04a6729a64fb6f12fe3239418d08e589
bc915714243391970f804af3b196a3db1f93f2f07484da31c68bfd3d2ca57765
bcab2c337f9dd6cac7fb54123beb4f55e2d0a76f57cef17028bf07a37c18348e
bf962d4454782196e44e22e305684485271e82e07fa6dc763dede14b0e6358db
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80e1aa3fa612afee5083f2b71de17328e672175cfc2cfac8f5fe2a6711fe97b
ecc100f8cdfe27c5bb9e395d98226c3586e737c042282e6a3396203b7523316e
ecd8177a8492fa4527d411920f73ba0c1f2d020284e573cfb2a76c271337e3e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdc6efb47f2ecd0ecc31cad223528f7231b43b4268399a752e761c4a6b4c10bb

www.bukalapak.com Open in urlscan Pro 45.60.243.175

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

39 %IPv6

17 Domains

25 Subdomains

23 IPs

6 Countries

927 kBTransfer

2733 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bukalapak.com
45.60.243.175

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

39 %
IPv6

17
Domains

25
Subdomains

23
IPs

6
Countries

927 kB
Transfer

2733 kB
Size

30
Cookies

66 HTTP transactions
0 data transactions