www.babla.co.id Open in urlscan Pro
2606:4700:20::681a:809 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Submission: On April 10 via manual (April 10th 2022, 6:07:33 pm UTC) from ID — Scanned from DE

Summary HTTP 307 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 85 IPs in 10 countries across 66 domains to perform 307 HTTP transactions. The main IP is 2606:4700:20::681a:809, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.babla.co.id. The Cisco Umbrella rank of the primary domain is 239759.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.

This is the only time www.babla.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:20:... 2606:4700:20::681a:809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::ac43:4950	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	52.218.45.120 52.218.45.120	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	23.0.33.234 23.0.33.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
11	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
2	52.29.60.125 52.29.60.125	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::ac43:1997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:c000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:402... 2607:f8b0:4023:c0b::78	15169 (GOOGLE) (GOOGLE)
1	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:18::8	15169 (GOOGLE) (GOOGLE)
2 8	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
6 12	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4 15	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	184.30.209.152 184.30.209.152	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.35.228.201 23.35.228.201	16625 (AKAMAI-AS) (AKAMAI-AS)
7 17	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	2a05:d018:d29... 2a05:d018:d29:3602:79ce:4a08:37f6:a715	16509 (AMAZON-02) (AMAZON-02)
2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 11	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
2 2	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
15	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
3 5	54.77.12.91 54.77.12.91	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	72.251.245.179 72.251.245.179	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 3	23.75.246.168 23.75.246.168	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.122.208.3 3.122.208.3	16509 (AMAZON-02) (AMAZON-02)
1 1	52.200.205.250 52.200.205.250	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.93 85.114.159.93	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1 1	23.88.75.186 23.88.75.186	() ()
1 1	54.81.207.173 54.81.207.173	() ()
2 2	35.201.96.126 35.201.96.126	() ()
1	104.36.113.68 104.36.113.68	() ()
1 2	77.243.60.138 77.243.60.138	() ()
1 2	18.215.193.43 18.215.193.43	() ()
1 1	18.156.0.31 18.156.0.31	() ()
1 1	159.65.197.210 159.65.197.210	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
307	85

5 2606:4700:20::681a:809 (United States)

ASN13335 (CLOUDFLARENET, US)

www.babla.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4950 (United States)

ASN13335 (CLOUDFLARENET, US)

static.bab.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.218.45.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.52 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.60.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-60-125.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

idm-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:c0b::78 (Las Vegas, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:18::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5edndl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.248.245.213 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.35.228.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.209.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-209-152.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.228.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:79ce:4a08:37f6:a715 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.46.154.242 (Ashburn, United States) 6 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (Leesburg, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (Monrovia, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.170.64 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.77.12.91 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-12-91.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.208.3 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-208-3.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.205.250 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-205-250.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.186 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.207.173 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (None, ) 2 redirects

ASN- ()

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.68 (None, )

ASN- ()

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (None, ) 1 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.215.193.43 (None, ) 1 redirects

ASN- ()

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 340 bid.g.doubleclick.net — Cisco Umbrella Rank: 500 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	219 KB
30	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 csm.eu.criteo.net — Cisco Umbrella Rank: 7420 pix.eu.criteo.net — Cisco Umbrella Rank: 7400	263 KB
28	googlesyndication.com b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	132 KB
26	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457 ads.pubmatic.com — Cisco Umbrella Rank: 461 image6.pubmatic.com — Cisco Umbrella Rank: 622 simage2.pubmatic.com — Cisco Umbrella Rank: 620 image2.pubmatic.com — Cisco Umbrella Rank: 898 image4.pubmatic.com — Cisco Umbrella Rank: 880 simage4.pubmatic.com aud.pubmatic.com	33 KB
16	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 758 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11325 ads.eu.criteo.com — Cisco Umbrella Rank: 7422 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9840 gum.criteo.com — Cisco Umbrella Rank: 383 mug.criteo.com — Cisco Umbrella Rank: 2668 dis.criteo.com — Cisco Umbrella Rank: 706	81 KB
16	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 458 eus.rubiconproject.com — Cisco Umbrella Rank: 567 token.rubiconproject.com — Cisco Umbrella Rank: 675 pixel.rubiconproject.com — Cisco Umbrella Rank: 350	21 KB
14	3lift.com 6 redirects tlx.3lift.com — Cisco Umbrella Rank: 569 eb2.3lift.com — Cisco Umbrella Rank: 400	6 KB
14	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 463 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575 dsum.casalemedia.com — Cisco Umbrella Rank: 1317	14 KB
11	amazon-adsystem.com 6 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 281	6 KB
11	yahoo.com 3 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 846 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ads.yahoo.com — Cisco Umbrella Rank: 1132 ups.analytics.yahoo.com	4 KB
11	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1356	6 KB
10	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282 jnn-pa.googleapis.com — Cisco Umbrella Rank: 272 fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 417	178 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	95 KB
9	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 248 acdn.adnxs.com — Cisco Umbrella Rank: 597	67 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	731 KB
8	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	3 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	15 KB
8	bab.la static.bab.la — Cisco Umbrella Rank: 207914	220 KB
7	amazonaws.com s3-eu-west-1.amazonaws.com	73 KB
6	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 8978 cdn.pbstck.com — Cisco Umbrella Rank: 10694 intake.pbstck.com — Cisco Umbrella Rank: 8926	52 KB
5	crwdcntrl.net 3 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	2 KB
5	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 262 gcdn.2mdn.net — Cisco Umbrella Rank: 1008 r3---sn-4g5edndl.c.2mdn.net — Cisco Umbrella Rank: 345463	91 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
5	babla.co.id www.babla.co.id — Cisco Umbrella Rank: 239759	140 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 577	2 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 723	4 KB
4	openx.net idm-d.openx.net — Cisco Umbrella Rank: 39414 u.openx.net — Cisco Umbrella Rank: 709	650 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1879 mp.4dex.io — Cisco Umbrella Rank: 2587	25 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1082	1 KB
3	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1718 mwzeom.zeotap.com — Cisco Umbrella Rank: 1566	1 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2962	1 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 482	1 KB
2	audrte.com 1 redirects a.audrte.com	4 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	742 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 884	1 KB
2	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 3130 pubmatic-match.dotomi.com	290 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5130	637 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 445	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 593	602 B
2	bing.com c.bing.com — Cisco Umbrella Rank: 234	877 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 289	470 B
2	ad4m.at 1 redirects as.ad4m.at — Cisco Umbrella Rank: 2723 ad4m.at — Cisco Umbrella Rank: 2329	831 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7579	914 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5166	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	turn.com 1 redirects ad.turn.com	518 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	615 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1390	379 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1504	408 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 423	538 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 825	610 B
1	rlcdn.com api.rlcdn.com Failed id.rlcdn.com — Cisco Umbrella Rank: 601
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1396	689 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 92681	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 63407	273 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 65798	243 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1209	248 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	88 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 212	3 KB
0	fg8dgt.com Failed m.fg8dgt.com Failed
307	66

	Domain	Requested by
17	cm.g.doubleclick.net	7 redirects eb2.3lift.com ssum-sec.casalemedia.com
16	static.criteo.net	ads.eu.criteo.com static.bab.la static.criteo.net
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com www.babla.co.id imasdk.googleapis.com
12	eb2.3lift.com	6 redirects static.bab.la eb2.3lift.com
11	s.amazon-adsystem.com	6 redirects eb2.3lift.com ssum-sec.casalemedia.com
11	prg.smartadserver.com	static.bab.la
10	simage2.pubmatic.com	ads.pubmatic.com
10	pix.eu.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com www.googletagservices.com
9	www.youtube.com	www.babla.co.id www.youtube.com
9	securepubads.g.doubleclick.net	www.babla.co.id securepubads.g.doubleclick.net b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
8	match.adsrvr.org	2 redirects static.bab.la eb2.3lift.com ssum-sec.casalemedia.com
8	fastlane.rubiconproject.com	static.bab.la
8	static.bab.la	www.babla.co.id
7	ib.adnxs.com	1 redirects static.bab.la acdn.adnxs.com
7	s3-eu-west-1.amazonaws.com	www.babla.co.id
6	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
6	www.google.com	1 redirects www.youtube.com tpc.googlesyndication.com b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com www.babla.co.id
6	c2shb.ssp.yahoo.com	static.bab.la
5	sync.crwdcntrl.net	3 redirects ssum-sec.casalemedia.com
5	image2.pubmatic.com	ads.pubmatic.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
5	www.babla.co.id	www.babla.co.id ajax.googleapis.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com
4	js-sec.indexww.com	static.bab.la ssum-sec.casalemedia.com
4	gum.criteo.com	2 redirects static.criteo.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	intake.pbstck.com	www.babla.co.id
4	b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.youtube.com www.babla.co.id
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	pixel.onaudience.com	3 redirects
3	pr-bh.ybp.yahoo.com	2 redirects
3	px.ads.linkedin.com	eb2.3lift.com
3	ads.pubmatic.com	static.bab.la ads.pubmatic.com
3	mug.criteo.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
3	htlb.casalemedia.com	static.bab.la
2	a.audrte.com	1 redirects
2	uipglob.semasio.net	1 redirects
2	visitor.fiftyt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	mwzeom.zeotap.com	ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	pixel.rubiconproject.com	1 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	b1sync.zemanta.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	x.bidswitch.net	eb2.3lift.com
2	eus.rubiconproject.com	static.bab.la eus.rubiconproject.com
2	acdn.adnxs.com	static.bab.la
2	u.openx.net	static.bab.la
2	r3---sn-4g5edndl.c.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	s0.2mdn.net	www.babla.co.id
2	www.googletagservices.com	b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
2	ads.eu.criteo.com	b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	idm-d.openx.net	static.bab.la
2	bidder.criteo.com	static.bab.la
2	ad.yieldlab.net	static.bab.la
2	mp.4dex.io	static.bab.la
2	tlx.3lift.com	static.bab.la
2	hbopenbid.pubmatic.com	static.bab.la
2	script.4dex.io	static.bab.la script.4dex.io
2	www.google-analytics.com	www.babla.co.id
1	ad.turn.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com
1	ups.analytics.yahoo.com	1 redirects
1	aud.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	ad4m.at	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	1 redirects
1	id.rlcdn.com
1	ads.yahoo.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	partner.blau.de	www.babla.co.id
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	as.ad4m.at	1 redirects
1	rtb.fr.eu.criteo.com	www.babla.co.id
1	rtb.nl.eu.criteo.com	www.babla.co.id
1	a.teads.tv	static.bab.la
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdn.pbstck.com	boot.pbstck.com
1	boot.pbstck.com	static.bab.la
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	www.babla.co.id
0	m.fg8dgt.com Failed
0	api.rlcdn.com Failed	static.bab.la
307	116

This site contains links to these domains. Also see Links.

Domain
bab.la
www.facebook.com
twitter.com
en.bab.la
en.wikipedia.org
wordnet.princeton.edu
vk.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2021-08-04` - `2022-08-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-29` - `2022-06-07`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Frame ID: 9AE54EC0008D979E688863C9D1E3661E
Requests: 93 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qi059-CYUsA
Frame ID: CC4E696A8D8BD108DF119AC41AAE346C
Requests: 20 HTTP requests in this frame

Frame: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60F4E9961F6A08B3AD77E83CD0C1014A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF02C290B5C90F667C6C1D8BC253AB42
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C21B514150FF62215095DC6A84BCF26
Requests: 2 HTTP requests in this frame

Frame: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CDEB3E3F16DA2F4469B421C945DC743D
Requests: 10 HTTP requests in this frame

Frame: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86D192992149606877A1C09A7437704A
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GQKd_mIAAG0RD6U4maNh4082iXbCw&u=%7CU3hRj9QATRfmw2DXnGdM%2BUGuTgutNi04X5KF9F%2FE3ug%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzf3765y_SwX21p3b2QoaQT9c7rlkzAXVy_1qCz-JXwUDerX97hIwH3z7j-sLQ6saFdYGmu_yTYIHvwUmj1CL8X_HOu3Y5A5TjXa8uQw21leLl-IgGcTKgvp2MesUOOgW8y5MLhd5XPxQR2UUmGHC7_XCnl_AC62JT-l00PABwWMnA6MyXKVAUEnkyhKL3qFMcid0knsp46M_BJWm2UJAgQMEqYG4hiBHAcCjfotdyM0QRuPDUFAWUvWAFhROHZy6RVP7aynKqgQXSBLgcNMBYoFT8VZgewwLM3TYHoRY9Qkv-UXAqrReYTZoPQmJih7yJV02oDUPCggxDdscmP4GcE7p4wMGDYDNf82QdkuqPUD1yNU3RJisPiBDq1fe8Bb5BA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNBhN3hxTYuSoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP4BT9Cm075ma4yIaUcEgMyhaAjI7ZX0Hd2gu-yDh2ekrNdPD09i0MJLbYDXQ7hiY0zGbIjaIQ9YtX-g9Wa0WXhC3KhGMwukt5Jae0m1x6HDqlP7jGVsOHca2cwwwEXAxOPNTiRigMHSvKmC-TWjp2ZD_Kh6XJTk07Frj8r289E_XP0Xs6AOz5EWrpQxEZWJVMO8Iob9iu-KtXWKn6iB0ivhqNjjGDllsppO-79xEaTL2VkoOct3fC1NiQSp-WmiUG_WETFU9Ma-WSVKxKpQfw1efkzBrt0mozmsQZhwL-_AcZqACKnN5JTScn9DCb-2ZN5eVw4D7xHNAd-C2Itio8HgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3JvVRoF3q7T0UmydKPTNZ6ORzwUw%26client%3Dca-pub-0177898417266954%26adurl%3D
Frame ID: AA170163F11546AC22754A5081E559F7
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GUKd_mIAAG0RBfz0hQRh2wlmOGGng&u=%7CU3hRj9QATRcp3sS8RRHgW5cBpKorj9E4GTGrxxmqazI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLqbjaxRXLWjqUlvF7jKunYYT-0NoXQF-fpWIMXrGb-HTNwsWhZCk8yj4hCFWFrIemsZjdGXQkZj5c-PKOq1vuYU9P4VyAINa9viSKuyxy2P-Oser_DK7EXNHeywyLtg1u9Hgd8773ByJ5Ewr6_8EC5sNjeEOePLHpvr6ZLM7bMZmCDxFaBiLse7c6LHlMvcyaYVp_Y0BYHuHJ6b6r56n6HYJC32mYOr3SdrGYDdHB6boqlH8GBP11WntWFDLoFgdBZvJLHv2kqCaG8qjQDCskMdPbvWhs4RLg14mj-QVXw1f9WwMi6qwY1E4S_a-ZxT7gbV46OGs0TLalkUmAlv8lYKT7n_chdO8frOAcHBHzA-B9gSMR-dToIoxX09eqPJKE03zibF03c0S&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMyIe3hxTYuWoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP8BT9CGwS8WsHRTUgb6UA33JUUJrA76hwYf0g7sHKcvs_RmRf-0QQtVGHnPgPq9YIQhtS7tuuVs0V9ioe7jLDjVxlRn01qry4_qvRmnWyxrwfaUYAEyqB_mdjfV3JON-y0B07-yApVrgYmitrtg6WkqtgIgFUqvZ7SDZNexc6YQhHS3jmASdiKxB3WMsmBElQ4dQSJ_R4ANE7RgklDzdg_tIHI9QO4aptuzpcTNKh7XQSA0plnCBryc_rdLK7X-TKk1fKD3PNaKMNM5FCZlNuutyl59mhYwHRGTdDc-6-7brGTW1VTHTQ0v8_uEZUBsXmgw62n7x71ODMHCmC9MEbyw4AQBgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bKvxKSHed7ySNgRd9FRSDRHqJZQ%26client%3Dca-pub-0177898417266954%26adurl%3D
Frame ID: 123CF41206251136D32AFA521267AF89
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: E608700CACCA0D1ECC5B35C0FCC63F49
Requests: 19 HTTP requests in this frame

Frame: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC6D575F69731D5B1C61B589B05F779C
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.babla.co.id
Frame ID: 9395E25A7B9B63DE6152D10AF53DF0B3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8B4F4DF50BF2BFF9BA158F23B89E00A2
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 743738C3A0365150BD46B8C7B8E62E50
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ACE5CEB758EC6DF697A6FE7229BEC2C7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8138F9EDABE446BDD4F6EA90F168402C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BA27304944570D01BC58BBCD05D677C9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 30B560F81B19CE59DF2776F080D66825
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A0277BC7DD367022D6B1A4B474BBDF06
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C20ED47A9F5C6141728951D15DB9F10C
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A844F4935B07AF1A2AA46E4DA4D81ABE
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Frame ID: FDCB36C34A86E2429935CC129D8D290A
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Frame ID: 9CC34E5081216F0B51A19017DD1CB772
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F054207DC78DCA9ACB3C16C2CBC70F19
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 575B81825E92D261D4B513F6C25E1A6E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 15056941CCB83FFCDC3BB5D9DFF63802
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D
Frame ID: 885258FAFD86F30E6C401271AD5B0161
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&gdpr=0&gdpr_consent=
Frame ID: 7F4AE3D21F95B65F9E08340D217A05F8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4783300139410853172
Frame ID: 52E363D33BFB06577F80899AD21B04A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: A21FC50C2D84DBF1FD8AC7FD2945A931
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7085038404388911259
Frame ID: 0ABC1172F5AD1B8201988A86B3801C47
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlMc5AAHdEOqwgA-&gdpr=0&gdpr_consent=&_test=YlMc5AAHdEOqwgA-
Frame ID: 7376CC796E854B51AFAF93FB9061B329
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 99783371475A7A9795B5E00AB595A30D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w9yYVrfxSgxS23L_XkPp0cEbDiQ
Frame ID: CACF21C5E9360F097A3A2F4F6AE5FA8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PROW - Terjemahan bahasa Indonesia - kamus bab.la

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

307
Requests

84 %
HTTPS

46 %
IPv6

66
Domains

116
Subdomains

85
IPs

10
Countries

2769 kB
Transfer

8058 kB
Size

85
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://bab.la/company/privacy-policy
Title: Cari tahu selengkapnya

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&quote=PROW+-+Terjemahan+bahasa+Indonesia+-+kamus+bab.la

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=PROW+-+Terjemahan+bahasa+Indonesia+-+kamus+bab.la&url=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&hashtags=babla%2Cdictionary

Search URL Search Domain Scan URL

URL: https://en.bab.la/dictionary/english-indonesian/prow
Title: en English

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Ralph_Hotere
Title: open_in_new Tautan ke sumber

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Battle_of_Cape_Ecnomus
Title: open_in_new Tautan ke sumber

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/MV_Caedmon
Title: open_in_new Tautan ke sumber

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Ghanjah
Title: open_in_new Tautan ke sumber

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Culture_of_Basilan
Title: open_in_new Tautan ke sumber

Search URL Search Domain Scan URL

URL: http://wordnet.princeton.edu/
Title: © Princeton University

Search URL Search Domain Scan URL

URL: https://www.facebook.com/babla.languages

Search URL Search Domain Scan URL

URL: https://vk.com/bablaru

Search URL Search Domain Scan URL

URL: https://www.instagram.com/babla.languages/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bab-la---loving-languages

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bablalanguages/featured

Search URL Search Domain Scan URL

URL: https://twitter.com/babla

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 139

https://as.ad4m.at/ad/tai?a=158504&b=3&c=3&d=1&e=775&f=&g=dbmnat_Pros_Allnet&gdpr=&gdpr_consent=&gdpr_pd= HTTP 307
https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022041020072766961572769X117667V1225131106MSviewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet

Request Chain 173

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 198

https://gum.criteo.com/sid/json?origin=publishertag&domain=babla.co.id&sn=ChromeSyncframe&so=0&topUrl=www.babla.co.id&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_qLKNXxsUTY2S2Z1VHRhS2VRQkx3dWFKMWpnbUMzdDIrTit2OVo0M0FkRy8yNXhsK1pSUW10SGp2NWxKQXFveTU3ZFhzVXRoWlEveXlMTVNaQ0owM0pRUUc4bFVCR0RTZjdnakl3VkhRMHFyN0t5UmFpaDZ3NjFjWlM0YU9rbVhSYjQ0dWVRYThiNW9RUldCYUJHR1IwSDd5RWNYTVh3eFUxbHdFbmxmMm9sKzlqSWVZeUtrTUltSjZPT1A4TU5sazVIYzVENWtqYm5HR0JIMmxsdUNISmVYRUU2ekRjNytRSkVGWXpVVk5wUE50SVpzTGhyczZIQTNsOUFVMzZBZExUUHdDWEVXQjVTR2c4aS8ydXo4ZHV6cm9OQT09fA&cppv=2

Request Chain 200

https://gcdn.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A56A9FF2DEA31B29667FBEEBEE9A17F613F63031.19795FB02EFF2B90F7AAFACE96C1B4B5BCDC6EC1/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5edndl.c.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2CE655E239694FC5B1CC1C92FF992F6EEC44797B.1D670F077763548DEDB3AB2CF48ABC9D612E7290/key/cms1/cms_redirect/yes/mh/eS/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1649613500/mv/u/mvi/3/pl/53/file/file.mp4

Request Chain 212

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.babla.co.id%2F&domain=www.babla.co.id&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=rK4mOHxVUVFhSWcwbmxvQUthQVB0d3lJaE5CMktpTFIyZXBrRGg2Sm52L0Zmb2NONzRWZlNFa2JXcHdKT0ZneTBnTnQybXdtQTRYMWFqV0V4TjN6eGJNRzRmdnd1TXNpL0pXL2x6UUNBWTFCZURTVXRKRkNaOGthWkVMVFE3WDZFaDZrUEh3QXk5OWl4NG4rL1dNUHhZRXlUelBZSDNBV1VJQ21DQVBEbVhMTy9FT2JEeFRYMElOZiswM0EwK2ZadW9lc3lvWWxEQm9zeDFlbGQyV1FFUlpRQVljTlhza0RLUWZzM0NxMGFqR3FJVjl4Vy9tL3NGODN6Tm9JbERHZXVhZjBWVFZUMnI5SVlVaEhxZDIvZ2ZZQWxodz09fA&cppv=2

Request Chain 215

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 221

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 227

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Request Chain 229

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Request Chain 231

https://pr-bh.ybp.yahoo.com/sync/triplelift/4338619261717351934100?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xK5BTAJE2oQph_mIxjC1P_uTVikpq4WxfNaqkT4dVg--~A&dongle=0883

Request Chain 234

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4338619261717351934100 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t

Request Chain 235

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 238

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Request Chain 240

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Request Chain 242

https://pr-bh.ybp.yahoo.com/sync/triplelift/4338619261717351934100?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-GEb9ARdE2oS4MAVpJB_ZRNaYmrQetHSPmrarSdkQag--~A&dongle=0883

Request Chain 245

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4338619261717351934100 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t

Request Chain 246

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 250

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 251

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 253

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1TLM0D9-6-L2U6&sigv=1&esig=2~e89b5762632cce20cd230222da08249155a22214

Request Chain 254

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1TLM0D9-6-L2U6

Request Chain 255

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFUTE0wRDktNi1MMlU2

Request Chain 257

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1YjllN2RjMmE5ZDhjZjhmZDI1YzE0NDI5OWQ1MjU3MmI1ODBmOQ

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDlnOeNvHH9gCdJywd16Bco&google_cver=1

Request Chain 259

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2H8V2Dn9Qqy1KKdRWGFR7g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2H8V2Dn9Qqy1KKdRWGFR7g

Request Chain 261

https://c1.adform.net/serving/cookie/match?party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D

Request Chain 262

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&gdpr=0&gdpr_consent=

Request Chain 263

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4783300139410853172

Request Chain 264

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=urCSUX2yTRC4sbY_eDY3bQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 266

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc6d6253-1ce2-4500-b4fa-5e45b636f145

Request Chain 267

https://pixel.onaudience.com/?partner=214&mapped=BAB09251-7DB2-4D10-B8B1-B63F7836376D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=dbf853ab-9581-4999-9d51-8ad8d1083e04&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95fc1399978d94dc/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=739c4cacfcbc6b2171808e3d185c547e&gdpr=1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=95fc1399978d94dc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=43dc34c3-6d97-43c0-4b88-16426b4ae29d&reqId=ebe8ccc2-868d-4bbd-474c-0fdc0c1faf96&zcluid=95fc1399978d94dc&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJnmDm9tinN_O-3AggcaTiY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=43dc34c3-6d97-43c0-4b88-16426b4ae29d&reqId=ebe8ccc2-868d-4bbd-474c-0fdc0c1faf96&zcluid=95fc1399978d94dc&zdid=1332

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkFCMDkyNTEtN0RCMi00RDEwLUI4QjEtQjYzRjc4MzYzNzZE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEORGdS-gsLfZtywOZTehmyA&google_cver=1

Request Chain 271

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2165095886364596985

Request Chain 272

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dbf853ab-9581-4999-9d51-8ad8d1083e04

Request Chain 273

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3564401216501117414&gdpr=0&gdpr_consent=

Request Chain 274

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf

Request Chain 276

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t

Request Chain 277

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlMc4UkpWOKmc9FnKmq4gAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1

Request Chain 279

https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y

Request Chain 281

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7029004501938460023&uid=Q7029004501938460023&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 282

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649700450&gdpr=1

Request Chain 285

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t

Request Chain 286

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlMc4UkpWOKmc9FnKmq4gAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1

Request Chain 288

https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y

Request Chain 289

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gUSIbw411NDBYe5&gdpr=1

Request Chain 290

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=149e7c3f-0a48-42de-90d6-7d33f7a38dbc&expiration=1681150050

Request Chain 297

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7085038404388911259

Request Chain 298

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YlMc5AAHdEOqwgA- HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlMc5AAHdEOqwgA-&gdpr=0&gdpr_consent=&_test=YlMc5AAHdEOqwgA-

Request Chain 299

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 300

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w9yYVrfxSgxS23L_XkPp0cEbDiQ

Request Chain 301

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&addseg=19,36,42

Request Chain 302

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BAB09251-7DB2-4D10-B8B1-B63F7836376D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BAB09251-7DB2-4D10-B8B1-B63F7836376D&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 304

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D HTTP 302
https://a.audrte.com/p

Request Chain 306

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sa_4YLxE2uXXbDffBGCpqyajg.sPuNo-~A&gdpr=0&gdpr_consent=

Request Chain 307

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=150a7d1f-ddb1-4193-bfed-3ff4060f102a

Request Chain 309

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:876a107b-3b20-4e2c-bedc-830114f79f58&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 310

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7038684863358579859&gdpr=0&gdpr_consent=&us_privacy=

307 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request prow Show response
www.babla.co.id/bahasa-inggris-bahasa-indonesia/ 68 KB
13 KB 587ms
255ms Document
text/html 2606:4700:20::681a:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0afaa30634451791bd237725e2cba7a572f053b55dc4fcf2ccd4eab3049993

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 max-age=15780000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store,no-cache,must-revalidate post-check=0,pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 6f9d6c087c203747-MXP
content-encoding: br
content-language: id
content-type: text/html;charset=UTF-8
date: Sun, 10 Apr 2022 18:07:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 10 Apr 2022 18:07:25 GMT
link: <https://en.bab.la/dictionary/english-indonesian/prow>; rel="alternate"; hreflang="en"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfT040mT7Bj3yWtSguKsxsoA3i7NB6gJL9ts8Qn9pA%2FbhFC%2FR9%2FKf53UgsuoTTY69j2%2FajXFZ9o16eX7JmcWapdjwLeyPsqVrHFx4KIUmAsmvGbVAAWWK2OANADeCEnZq3Pe3exGQOWIRk5yEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000 max-age=15780000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 76ms
23ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

3bc1f399f92bba28ccdefca0513e5736dea94230ec89985a2affc058aba24934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28370
x-xss-protection: 0
server: sffe
etag: "1184 / 178 of 1000 / last-modified: 1649562339"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 10 Apr 2022 18:07:25 GMT

GET
H2 200 pb-babla.min.js Show response
static.bab.la/js/vendor/ 347 KB
102 KB 157ms
104ms Script
application/javascript 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9233e060958a4be52c37a9aac0d8f769de4d5d9eecdccd87e0b6ba450ba92d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Apr 2022 13:44:08 GMT
server: cloudflare
etag: W/"56d97-5dbfc8e48cbc9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPTGfRtdW17enEk5MUgQJA2XganZ2eI8GOURgHo0X2p0XSpr%2B2w7Ta29YE3QNlXjhM8SSfS%2FL5XBKxuspvcnyEPjnoMiRq8Qz2EAtV50c9cz73qlzXGsMPrnSlFjiMO5qQk%2FNEcz%2FJ0povo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0ade8b83b8-MXP

GET
H2 200 iaw-babla.min.js Show response
static.bab.la/js/vendor/ 376 KB
43 KB 125ms
124ms Script
application/javascript 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/js/vendor/iaw-babla.min.js?v=1649252656
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c666ae759d6b39fb201d8646ae4045f58e2f65b61128659ecfaad9a24fb996f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Apr 2022 13:28:42 GMT
server: cloudflare
etag: W/"5deff-5dbfc570a363f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhRfIbcSbU3KWNQEKt%2BXbFQpEc0PBM3bPAW9kE%2FJtsTkAphK%2FzHbYuWyU7lKJILB5VC3m66oRN05MuOBwHCcbOQv%2FWalPvNn46C%2BpbeLfuYfiq53XOSP6WWz9KzmX3JVaExsy4JiCfeoR94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0b786383b8-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1955
date: Sun, 10 Apr 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 10 Apr 2022 19:34:50 GMT

GET
H2 200 Material_Icons-400-fallback1.woff2
www.babla.co.id/fonts/google/ 121 KB
122 KB 244ms
241ms Font
application/octet-stream 2606:4700:20::681a:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babla.co.id/fonts/google/Material_Icons-400-fallback1.woff2

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Origin: https://www.babla.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
cf-cache-status: BYPASS
last-modified: Wed, 06 Apr 2022 13:44:15 GMT
server: cloudflare
etag: "1e5d4-5dbfc8eb20550"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhFRq2NDrEvDnFFeZvCBWEK8MqIDOmH3KgMvrBCYDO1LTGhGPkKa%2BW8aSb0y46kJePdjQh9%2BScKhapPWXIUg3Auk6sa9pLN%2FOuzXln%2B60rGwCx5mfPb0mlJUBJUb2a5k%2FGdAEYmAZM0oiK3hIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000
accept-ranges: bytes
cf-ray: 6f9d6c0a98793747-MXP
content-length: 124372

GET
H2 200 icomoon.ttf
www.babla.co.id/fonts/icomoon/ 3 KB
3 KB 211ms
209ms Font
application/font-sfnt 2606:4700:20::681a:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babla.co.id/fonts/icomoon/icomoon.ttf?gex2r4

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6d3d0e52df21431faa9ce892825477821ea7a61c557b21900319c2660941311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Origin: https://www.babla.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 21 May 2021 08:39:35 GMT
server: cloudflare
etag: W/"dc4-5c2d2ffe725b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ge%2BK1HytDtAzLaVDAiXVdEkox%2BOva9AU5pQMq0tg66VlngLLaFYD3CjtmWddPb%2FWL3eA4P6%2Fdbf0es0zPqHA1DuuwEgcHG6%2F55CL6gW2AE66hLNx%2FVlCzdNmfKqVCqztTXbNkwmVrYl0zimBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000
cf-ray: 6f9d6c0a987e3747-MXP

GET
H2 200 fonts.css
www.babla.co.id/css/ 2 KB
1 KB 221ms
219ms Stylesheet
text/css 2606:4700:20::681a:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babla.co.id/css/fonts.css?v=1649252656

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3f8e703556ed5844d21cb430a071e95ceaf2c0eb60255979bb4e872da0916fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 06 Apr 2022 13:44:17 GMT
server: cloudflare
etag: W/"7ee-5dbfc8ec8f851-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt7ycTi9bbnMpjCz8%2FEEjDrEnwzWqxWFgBRLZYHtoIqCKJhUdd6fyDL1XPV39omLSPXT8VofVMbp7B2dGNhoqRyZfSt5ISTdeSWu4cp9d%2BMsBmVVdEnUmDCep2PhI%2BLYAC8CrVP2ft00Q0Ji3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15768000
cf-ray: 6f9d6c0a98743747-MXP

GET
H2 200 basic.css
static.bab.la/css/ 101 KB
20 KB 136ms
85ms Stylesheet
text/css 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/css/basic.css?v=1649252656
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1662c3a71b5a56c517a3eacb1d7dd2428180f0e49aea25f9de5c8cfe5db4d50e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Apr 2022 13:29:01 GMT
server: cloudflare
etag: W/"1955f-5dbfc5833a25b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4BN3JTLYn9RjJEFD37Su8g4rsXfHY9eUfCq%2FaRp9595gobGDfYH6hv1qT86LElC2EOWTvQ0mE5Yq97BlCYw%2F8xCuCxyS0Qqa55SMM1YWYq1BvmQfy9Brs8csIgdvzoFHUWwtHq%2BbjQy21c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0ade7e83b8-MXP

GET
H2 200 adserver.css
static.bab.la/css/ 821 B
935 B 143ms
93ms Stylesheet
text/css 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/css/adserver.css?v=1649252656
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85536f1615289518b0bcca6b63793f7c21aab9903e0142995f8ccc3fd32d0d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Apr 2022 13:29:01 GMT
server: cloudflare
etag: W/"335-5dbfc5830951c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jkqs8IxBg0ANzSzIBN1XgM5I7CmjvWeZ06EZC%2F%2FTQU%2Fgu8K%2FxYexDVvroCLAT9rebh3%2FjHjQDd21QTIhxI3XQn7ovMRdsyQMiH105g2wcKkMZ3DeEKjjetMSEHVViScSvU%2BFSZKiNvxEqGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0ade8483b8-MXP

GET
H2 200 extra.css
static.bab.la/css/ 82 KB
15 KB 273ms
224ms Stylesheet
text/css 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/css/extra.css?v=1649252656
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490b77ad61fab2dd3b79fd532a09c304d7989943f3f5bea054046211704e9720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Apr 2022 13:34:22 GMT
server: cloudflare
etag: W/"1486f-5dbfc6b4dc332-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyVq4cVYZa8oSF8SROJJ7loiqj1qQB2GlDMt2c1uWXSgv0nao806LX4gJPtIL7FgvB4VAKuhdOdn45DxFvkXYbazDcMobaqXH6AHthNlS76V7puHLxqXHhYVp6Z9MONS3%2BoBIsdnJRIXSMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0ade8883b8-MXP

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 105ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 17:24:15 GMT

GET
H2 200 bootstrap.min.js Show response
static.bab.la/js/vendor/ 39 KB
12 KB 124ms
123ms Script
application/javascript 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/js/vendor/bootstrap.min.js
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 27 Jul 2020 14:06:39 GMT
server: cloudflare
etag: W/"9b00-5ab6cd4df86e3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFeKR0S8V9ouiMzFyctxIiFm11ooUIm1hcEj%2F7HTDarsC3U7OK91SJSapNeIUo%2F8GRrFifscfonFSVotOLNpm9ajvRei9kO%2BkhKyeoU5kZDytyOpcW5AuQKzrKWtah%2Fw7O4mT9E1NoAwjHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0b786d83b8-MXP

GET
H2 200 scrollFixedTypeahead.min.js Show response
static.bab.la/js/vendor/ 45 KB
14 KB 92ms
91ms Script
application/javascript 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/js/vendor/scrollFixedTypeahead.min.js
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63884073c630b7bdab4841eccb77662d05bfe036e441a4e4e8753a647e44ce0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 27 Jul 2020 14:06:39 GMT
server: cloudflare
etag: W/"b2d6-5ab6cd4df9683-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6KRKx9EsFw3HstiT2XU%2BeSMDNYIdNtgodfzl7uXUuWRaOQMxfYiCLlKbB1K0wVezGymP7MgzSFSJleZBbRlym%2F%2FtWh6sl8ncDBVRJoVgwEcnNvx%2BMHhTbjttmUmi3isB%2B5kvWLWdBT3%2FKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0b787483b8-MXP

GET
H2 200 babla.js Show response
static.bab.la/js/ 44 KB
14 KB 92ms
92ms Script
application/javascript 2606:4700:20::ac43:4950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bab.la/js/babla.js?v=1649252656
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7dbf82a052d0cf78f2cfc7fe652ab100a8f5d0b942245059410d09b807c946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Apr 2022 13:29:10 GMT
server: cloudflare
etag: W/"b1f6-5dbfc58c0edfd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Br5tayrV9SScFU7Az6YhOgCAe2R1dd7ENMZ05MiwaVPE8K4VBB5ZpbCy8VOkYZzSlaOZ1dpNS8y%2FS%2FdX%2FF94wSq2Tq54AjPepWUD9wtk6PvwOYJ87H9wrovSrlup6N8KuTW%2BJs5ybWdL2lY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f9d6c0b787783b8-MXP

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK babla-logo-white.svg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/ 4 KB
5 KB 168ms
44ms Image
image/svg+xml 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/babla-logo-white.svg
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94059e53a13ebb0d9bca105db7af3d6187d1080fd3507764efdce2e0557fe420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Thu, 28 Oct 2021 08:58:01 GMT
Server: AmazonS3
x-amz-request-id: 004QSPDKNJFXDMPT
ETag: "de341bf8a3e5c29eefe44610ea9f38f2"
x-amz-version-id: JRMGq.FHSNb4jrS6pdl8ashaFpHdj_eO
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 4231
x-amz-id-2: T4OktSUCPThUwrxc/u8fQpK+LVqJ7SlAFtZcug189zrDfgeWMl0HxuTGG3LZ3nvjEJd1ZHWvwjg=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 324ms
34ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-149407836-1&cid=1152423371.1649614046&jid=587474613&gjid=1313045182&_gid=1205511347.1649614046&_u=YGBAgAABAAAAAE~&z=474296802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 10 Apr 2022 18:07:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=847148642&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&ul=en-us&de=UTF-8&dt=PROW%20-%20Terjemahan%20bahasa%20Indonesia%20-%20kamus%20bab.la&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=587474613&gjid=1313045182&cid=1152423371.1649614046&tid=UA-149407836-1&_gid=1205511347.1649614046&cd1=languages&cd2=dictionary&cd3=entry&z=2053235393

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 05:04:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46972
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qi059-CYUsA Show response
www.youtube.com/embed/ Frame CC4E 60 KB
26 KB 109ms
71ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qi059-CYUsA

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d92fbb01affbba7b3508caa233e8dec138785da2d35b01bcbec95e02fce3e656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 10 Apr 2022 18:07:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022040501.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
125 KB 28ms
9ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128191
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 10 Apr 2023 17:57:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 102 B
118 B 38ms
20ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.babla.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

fe98486bb8e0cb99b230caa8b8fccea37cd931d9f02e9f941bbfd1ec3293a7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Sun, 10 Apr 2022 18:07:26 GMT

GET
H/1.1 200
OK babla-logo.svg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/ 4 KB
5 KB 142ms
46ms Image
image/svg+xml 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/babla-logo.svg
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ca3f6d64956475bf9563c55e5c8afb1156bf568e2b2c7a80d72a4a0235b7bf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Thu, 28 Oct 2021 08:58:06 GMT
Server: AmazonS3
x-amz-request-id: 004XQ13ME662CMJZ
ETag: "f2577bdb317484b284f837ecf6811e92"
x-amz-version-id: paumI7g1q96AgDO0K44PkMWmx5EVGcmf
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 4210
x-amz-id-2: Jjimx6R9L5pbmCGcHf0/KlOo4YkcJBonYmvtUbjUx1SBH4epWX/L0yIEDd4ByCbm/JQ5QiTr0aU=

GET
H/1.1 200
OK flags-v8.gif
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/ 39 KB
40 KB 140ms
45ms Image
image/gif 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/flags-v8.gif
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 310372b7d5bcc0b083eb61b6bc180ca8153040080b6c323310ae7ad4645ccd64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Thu, 28 Oct 2021 08:58:00 GMT
Server: AmazonS3
x-amz-request-id: 004Q5R10945W6MDV
ETag: "28372d6e5791ffff253fe9fd7082836f"
x-amz-version-id: lFLDrheCHo82cFjo2LuXOR0UVTy7oiXr
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 40179
x-amz-id-2: zSIRpda+qWDZ2RN18xIiU2gbWhdJ22T2IXz5K5KeoK/EmGZwZWqNcjc/cmsGuaNVsV7zBGrWcH0=

GET
H/1.1 200
OK exchange.svg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/ 2 KB
2 KB 141ms
46ms Image
image/svg+xml 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/exchange.svg
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb5917fad36a8737b6aadd461a6c9c4052244472f68f7de691c8cfffce6651fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Thu, 28 Oct 2021 08:58:04 GMT
Server: AmazonS3
x-amz-request-id: 004GT4PWXB3AK6SJ
ETag: "26e7a81fe71b7bf74c28f7c54bba7612"
x-amz-version-id: 57zZ.vUPcrkhLXjtDbKIwZwCzlxH70Ow
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 1564
x-amz-id-2: YVoO58UJ8HNFxh29raH6i0JF7xuUbllLSoddRix722Qou6W06XhIJcfZ05M1OMlof/p3W1NKh6k=

GET
H/1.1 200
OK teaser-conjugations.jpg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/ 6 KB
7 KB 134ms
42ms Image
image/jpeg 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/teaser-conjugations.jpg
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 41fa467ca228570a4c0becbfce550a7661e1b7a3df6d70b007d03f54e73a3be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Tue, 01 Feb 2022 13:18:59 GMT
Server: AmazonS3
x-amz-request-id: 004WRQW9K1PX52GF
ETag: "2358355614771c8d1da8a6d8ceaf4d91"
x-amz-version-id: rkFnvfOjC1LNbN_SxU054G_h24iYdJ6y
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 6341
x-amz-id-2: d+kda5ddzYaXJlGM/I2DP8vqOn9WMJ/E9B+SZajgSMBeJeOyW4eOR9IQIhY0/2Yofm/UnBNNDk8=

GET
H/1.1 200
OK teaser-company.jpg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/ 10 KB
10 KB 143ms
48ms Image
image/jpeg 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/teaser-company.jpg
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2267d17819c0c925964c7178c787daa18b6dea25258ea2aefc76d850718efd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Tue, 01 Feb 2022 13:18:58 GMT
Server: AmazonS3
x-amz-request-id: 004G6C4CDSK26Y43
ETag: "9a984e9fce28040db48ee438f8a7cb68"
x-amz-version-id: b0IeHPoxy0vjx2sHQTMdw.alLpIJD6KH
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 9926
x-amz-id-2: vbTT7Up6Ld5zh67GxyrWHLPjZGyS4JT2wOyUDnIfJ1fDyMvJFRpQktwDpaOms/Xc4YkQxNuAJwU=

GET
H/1.1 200
OK teaser-hangman.jpg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/ 5 KB
5 KB 42ms
42ms Image
image/jpeg 52.218.45.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/teaser-hangman.jpg
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.45.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5a0a190df74deff90aa44798af044bcab474553769cc2a7f7688aacff9000e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
Last-Modified: Tue, 01 Feb 2022 13:18:53 GMT
Server: AmazonS3
x-amz-request-id: 004WVZ2HDKHY4XX1
ETag: "11630db369924bb4493cee1c8936cb8a"
x-amz-version-id: UmAHLw4UMk8Df_tR6eSFhaYIAnbZ5gBE
Cache-Control: max-age=86400,public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 4989
x-amz-id-2: UublwWbpsWtm61EWAQrDb+ddEPTpQevBEu3BrnM7Juljins6/b077zqV4KnnWS4xaXlSGDS8wrI=

GET
H2 200 f18c027f-eefb-48c2-b89a-f013e1828e06 Show response
boot.pbstck.com/v1/tag/ 1 KB
925 B 158ms
76ms Script
application/javascript 2606:4700:10::6816:5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f18c027f-eefb-48c2-b89a-f013e1828e06
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/iaw-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7127bb4ac6035761b86da45e9c91c8418da8c882c78f6a2ce61496a88bf30bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
cf-ray: 6f9d6c0d395d83a6-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
962 B 83ms
32ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
content-type: application/javascript
x-amz-request-id: txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2: txcb277395650a4fbcbe1a5-00623993cb
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hknnwCh9NXGCHnFIDYBgRBzWhF0wXNrgezSl0So0uKQVnN8OvJWNYXryF8%2FqWsHhzegotkbEmWhk%2FWUR6W4mJjdUoozh8MmDhX3MmMzNuNeuhOczGNG7VhjTTJr6MgtDPVNfezAnKgh33hob"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1647940521027959
cache-control: public, max-age=1800
cf-ray: 6f9d6c0d0a4359e3-MXP
expires: Sun, 10 Apr 2022 18:37:26 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 484 B
1 KB 161ms
71ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1444176&size_id=2&alt_size_ids=31%2C39%2C40%2C55%2C57&p_pos=atf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Ftopslot&tk_flint=pbjs_lite_v6.18.0&x_source.tid=7ad23234-462d-4178-92ff-e52c20babc04&l_pb_bid_id=245d014c764db4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Ftopslot&slots=1&rand=0.25241353804995437
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 912f7c9d543d77ac3792241bb3a47d3f3baa35896ac8fec7e2f6490e1e3edeb6

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 484
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 484 B
1 KB 169ms
80ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1657660&size_id=15&alt_size_ids=9%2C8%2C10%2C17%2C32&p_pos=atf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Fleftslot&tk_flint=pbjs_lite_v6.18.0&x_source.tid=a02e1b15-ecd7-4c53-8b16-83e0e886570f&l_pb_bid_id=3009083ba27e33&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Fleftslot&slots=1&rand=0.7475213355888259
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b5c8050cb1abe7ac6eb0225ad2fa7db8569b3fdb2f67779a4bfe1d64c9df7dff

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 484
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 485 B
1 KB 236ms
146ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1444174&size_id=15&alt_size_ids=9%2C8%2C10%2C17%2C32&p_pos=atf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Frightslot&tk_flint=pbjs_lite_v6.18.0&x_source.tid=fc4be0b9-8b71-4cb3-9382-558627f75ac1&l_pb_bid_id=429470ed80f76&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Frightslot&slots=1&rand=0.5642737670421207
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 760afd3f25f7ddf2a155fbba51b021d995e8d3fb1255ae50d34f065fa27891b8

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 485
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 473 B
1 KB 368ms
277ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1444168&size_id=15&alt_size_ids=16&p_pos=btf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Fbtmslot&tk_flint=pbjs_lite_v6.18.0&x_source.tid=7f68c16b-3ad6-45ca-a62a-277c3a18481b&l_pb_bid_id=53d829228aa175&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Fbtmslot&slots=1&rand=0.8105147929532155
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6fb8353188e58fbbb49adacb8129a7c683f8a1a773d32f3f06c552c1b75e8623

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 473
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
330 B 137ms
90ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=421252&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2268e0f9335940b5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow%22%2C%22domain%22%3A%22babla.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22babla.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A22%2C%22msi%22%3A22%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227ff2eda994704c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22750x100%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22750x200%22%7D%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22950x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A120%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22980x120%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22980x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F23202586%2Fbabla%2Ftopslot%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Ftopslot%22%7D%7D%2C%7B%22id%22%3A%228c9842d714ab8e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22250x360%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F23202586%2Fbabla%2Fleftslot%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Fleftslot%22%7D%7D%2C%7B%22id%22%3A%2294cb314f433f0f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22250x360%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F23202586%2Fbabla%2Frightslot%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Frightslot%22%7D%7D%2C%7B%22id%22%3A%2210f560fee0af0bd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22421222%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22421222%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F23202586%2Fbabla%2Fbtmslot%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Fbtmslot%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2284f3dd19-3720-4393-aabc-28a7328996c5%22%7D%5D%7D%5D%7D%7D
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 338500270906aaa0d9e04683185f3786b3d661fc48cf2ffae235ea39f6fff34f

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.36], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.babla.co.id
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Sun, 10 Apr 2022 18:07:26 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 33 KB
10 KB 245ms
200ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

623726792321de0c1d606533650c9d62311913859aebac565b2632eb2a40eb1f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 10 Apr 2022 18:07:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6f7e0c08-d2c8-4f7a-80ab-1da091d208b6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 351ms
91ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.babla.co.id
date: Sun, 10 Apr 2022 18:07:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 167ms
85ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
562 B 213ms
132ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
562 B 242ms
162ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 165ms
85ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 182ms
102ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 161ms
82ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 313ms
151ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
467 B 303ms
266ms XHR
application/json 52.29.60.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.18.0&referrer=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tmax=1300

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.60.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-60-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
accept-ch: sec-ch-save-data,sec-ch-width,sec-ch-viewport-height,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-arch,sec-ch-rtt,sec-ch-downlink,sec-ch-ect,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-dpr,sec-ch-device-memory
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
589 B 137ms
67ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f99071bf4ecb465e444e9ee981c7bf3b5c49b00144bddaa5f8b6a806b1d3e70

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6f9d6c0d6e770f76-MXP
pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

GET
H/1.1 200
OK 12215272,12215262,12215267,12215257 Show response
ad.yieldlab.net/yp/ 2 B
757 B 87ms
34ms XHR
application/json 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/12215272,12215262,12215267,12215257?ts=1649614046219&json=true&ids=pubcid.org%3A84f3dd19-3720-4393-aabc-28a7328996c5&pubref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-132-239.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: de-DE
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 22
Expires: Sat, 09 Apr 2022 18:07:26 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 107ms
64ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.18.0&cb=67747902236

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 arj Show response
idm-d.openx.net/w/1.0/ 73 B
378 B 58ms
27ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idm-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7ad23234-462d-4178-92ff-e52c20babc04%2Ca02e1b15-ecd7-4c53-8b16-83e0e886570f%2Cfc4be0b9-8b71-4cb3-9382-558627f75ac1%2C7f68c16b-3ad6-45ca-a62a-277c3a18481b&nocache=1649614046221&pubcid=84f3dd19-3720-4393-aabc-28a7328996c5&aus=728x90%2C750x100%2C750x200%2C950x90%2C970x250%2C970x90%2C980x120%2C980x90%7C120x600%2C160x600%2C240x400%2C250x360%2C300x250%2C300x600%7C120x600%2C160x600%2C240x400%2C250x360%2C300x250%2C300x600%7C300x250%2C336x280&divids=ad_topslot%2Cad_leftslot%2Cad_rightslot%2Cad_btmslot&aucs=%252F23202586%252Fbabla%252Ftopslot%2C%252F23202586%252Fbabla%252Fleftslot%2C%252F23202586%252Fbabla%252Frightslot%2C%252F23202586%252Fbabla%252Fbtmslot&auid=540874654%2C541035810%2C540874653%2C540874649
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 65f8aa8e29a6672dc954c87f72557e86bf48a646abb7bf7cd542de46a632d36a

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.babla.co.id
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 173ms
131ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9694390178783c4ccf4165ed9f0295&cmd=bid&secure=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 96c883f1586c58d11af6b793b20290d2ec07d154a08b9f3d0636882466080bed

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 173ms
132ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9694390178783c4ccf41650d920279&cmd=bid&secure=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5a8135b028622082405eb7dfa7822247070514d5d68e21aebb9ce872afcedba8

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 148ms
107ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9699e70178783c43f94165106d0245&cmd=bid&secure=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3afe034ebfe61ce86fbb63b88908b9f689b0459837f48218acb394639bf5982f

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 114ms
73ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9699e70178783c43f941656fc20250&cmd=bid&secure=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7b21f09f9346124764660e065de2ec85a1184ae2a506f7fd1c9f5915be5ef86c

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
content-length: 62

GET
H3 200 www-player.css
www.youtube.com/s/player/3b5d5649/ Frame CC4E 346 KB
46 KB 29ms
9ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47442
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/ Frame CC4E 278 KB
86 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 15:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87898
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 09 Apr 2023 15:54:03 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame CC4E 2 MB
525 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537836
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/ Frame CC4E 9 KB
3 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 01:09:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Apr 2023 01:09:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC4E 15 KB
16 KB 49ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 456561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 11:18:05 GMT

GET
H2 200 index-monitoring-b34f022.js Show response
cdn.pbstck.com/ 181 KB
50 KB 99ms
32ms XHR
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-monitoring-b34f022.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f18c027f-eefb-48c2-b89a-f013e1828e06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b0da82a6ba44e4ca5e7531d5e1c17e6e96ab95408a799d93fb8dbb48a12ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 20481
x-guploader-uploadid: ADPycdv3FLPZcHhncmupoBmk7SbCysFS3S3TnEY6yYXLTbnG0SpuvK_hhOMjDOR6xR5y9vxEmvgAYTmeqssAeX5ZR5xABYIR0EYE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 13:38:57 GMT
server: cloudflare
etag: W/"70df9ac11f5713b7df84dc154d5b3451"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=PFjOEw==, md5=cN+awR9XE7ffhNwVTVs0UQ==
x-goog-generation: 1646228337450073
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 49916
cf-ray: 6f9d6c0e2e083750-MXP
expires: Sun, 17 Apr 2022 11:28:28 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 87ms
39ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99762
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx1693b6fd101542d288b74-00623993f5
x-amz-id-2: tx1693b6fd101542d288b74-00623993f5
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWiWkPW%2FJJKfQVT8EjPD%2FIfmi0%2BrlPz6iiCsFjtIOIQ92E7GAQRG9vn8OXYYxgNmf5jVnTx2kVyuyrYJTjLjLjwhSvQPCQV39iyDmUUjsPuMRg7%2Fvs1DkIFeXuqouAcWKtHkByXAokuJ%2F5hE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6f9d6c0e0b6a3751-MXP
access-control-allow-headers: Authorization

POST
H2 200 ta Show response
www.babla.co.id/ax/dictionary/ 2 B
837 B 123ms
123ms XHR
text/html 2606:4700:20::681a:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babla.co.id/ax/dictionary/ta

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:809 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVjXVsWOnvBHo2ok69%2BuhjHVY6X19%2FpnMkIXdsZNqox4LErAAs4vm1gpCtAsMTx2sCH9MG5RrS8vtBwy8r5LoUk1dw6ko8stojd%2FJlCja88cDGT24bSs6DyNZGiQOz6pezowTu8TTP%2Bm1q9YUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f9d6c0e7fd93747-MXP
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CC4E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

32ms
15ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bac4dd25b0742c184218d62275bf628e290fef0aa57e91298b71d1287fdd5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 10 Apr 2022 18:07:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CC4E 29 B
588 B 47ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 17:53:11 GMT
x-content-type-options: nosniff
age: 855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Apr 2022 18:08:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 272ms
24ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 10 Apr 2022 18:07:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CC4E 45 KB
22 KB 38ms
22ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29847a07229f24dc5257e2acdc7cb313e5311febb957a26bdefe6695e8786653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22217
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame CC4E 119 KB
37 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37727
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:09 GMT

GET
H2 200 s8EGneP7UUmAImXFT6e4tOuRTySRdivgljXd2wrnOoY.js Show response
www.google.com/js/th/ Frame CC4E 35 KB
14 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/s8EGneP7UUmAImXFT6e4tOuRTySRdivgljXd2wrnOoY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c1069de3fb5149802265c54fa7b8b4eb914f2491762be09635dddb0ae73a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 02:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 02:50:50 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame CC4E 27 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8162
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.babla.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.babla.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 517ms
516ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1399561068748672&correlator=2483546050169919&eid=31064685%2C31061165%2C31065518&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=23202586%2Cbabla_topslot%2Cbabla_leftslot%2Cbabla_rightslot%2Cbabla_btmslot&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C750x100%7C750x200%7C950x90%7C970x250%7C970x90%7C980x120%7C980x90%2C120x600%7C160x600%7C240x400%7C250x360%7C300x250%7C300x600%2C120x600%7C160x600%7C240x400%7C250x360%7C300x250%7C300x600%2C300x250%7C336x280&ifi=1&adks=4024796587%2C2437791816%2C1114375296%2C3620166985&sfv=1-0-38&ecs=20220410&fsapi=false&prev_scp=vp%3Dtop%26hp%3Dcenter%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D750x200%26hb_pb%3D0.00%26hb_adid%3D592a867b61ba979%26hb_bidder%3Dappnexus%7Cvp%3Dtop%26hp%3Dleft%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.00%26hb_adid%3D609cbc7d7129c4c%26hb_bidder%3Dappnexus%7Cvp%3Dtop%26hp%3Dright%26sri%3D0%7Cvp%3Dbtm%26hp%3Dcenter%26sri%3D0&eri=5&cust_params=stack%3Dgam%26babla_l%3Did%26babla_pc%3Ddictionary%26babla_edc%3Denid%26babla_dc%3Denid%26sfr%3Dlab_dict_enid%26ad_group%3D1%26up_recovery%3Dfalse%26excl_cat%3Dwprod&sc=1&cookie_enabled=1&abxe=1&dt=1649614046650&dlt=1649614045814&idt=318&biw=1600&bih=1200&adxs=436%2C55%2C1245%2C870&adys=307%2C457%2C442%2C3149&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C300x0%7C300x0%7C300x0&msz=728x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C315%2C1600%2C1600&ga_vid=1152423371.1649614046&ga_sid=1649614047&ga_hid=847148642&ga_fc=true&btvi=0%7C0%7C0%7C1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ee7910036d06a5e48e65573b3c8ae2b8b69ef15cd57993bd72513312ec22c397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10812
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60F4 6 KB
4 KB 70ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:26 GMT
expires: Mon, 10 Apr 2023 18:07:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CC4E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSajIdz5aOWiTiBnNNOKL5lr5GIEYvGygNvpqO6KE8=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CC4E 3 KB
3 KB 37ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSajIdz5aOWiTiBnNNOKL5lr5GIEYvGygNvpqO6KE8=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b473636cb1c10eee2ec98ad0ce8493fc7dca9259d2ff6d0669495f98e1f5d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 16:06:17 GMT
x-content-type-options: nosniff
age: 7269
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3050
x-xss-protection: 0
server: fife
etag: "v684d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 15:40:48 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/qi059-CYUsA/ Frame CC4E 88 KB
88 KB 83ms
56ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qi059-CYUsA/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23404eb7e3ad034c4ae180b3e8b613120b47e99e9266f3dc35952c4f777c9877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90057
x-xss-protection: 0
server: sffe
etag: "1612993977"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 10 Apr 2022 20:07:26 GMT

POST
H2 204 page Show response
intake.pbstck.com/v1/intake/ 0
42 B 71ms
61ms XHR
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/page?sId=fa44a47f&tId=f18c027f-eefb-48c2-b89a-f013e1828e06&c=1&ctr=DE
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f9d6c0fe9df3750-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK 12215260,12313284 Show response
ad.yieldlab.net/yp/ 2 B
757 B 32ms
32ms XHR
application/json 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/12215260,12313284?ts=1649614046689&json=true&ids=pubcid.org%3A84f3dd19-3720-4393-aabc-28a7328996c5&pubref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-132-239.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: de-DE
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 22
Expires: Sat, 09 Apr 2022 18:07:26 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 209ms
209ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a96989e0179791f18f52305a58d0027&cmd=bid&secure=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 52fa257bb139a1106d31ae133c4c77c78adbe8f00a9ff918af92fe3b94e6ee7f

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 171ms
171ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a969c6c0179791f18382305a7d00035&cmd=bid&secure=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 8f4b950f8fd71185e46b93313dac4915b86940bf6590c46c89f9afb0743aeb7f

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 35ms
35ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.babla.co.id
date: Sun, 10 Apr 2022 18:07:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 270ms
270ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=451339&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227057680e5f457d1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow%22%2C%22domain%22%3A%22babla.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22babla.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A12%2C%22msi%22%3A12%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227155c4a0f9a253%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%22750x100%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%22750x200%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F23202586%2Fbabla%2Fextraslot_1%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Fextraslot_1%22%7D%7D%2C%7B%22id%22%3A%2272c2a815800974c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%22750x100%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%22750x200%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F23202586%2Fbabla%2Fextraslot_2%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Fextraslot_2%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2284f3dd19-3720-4393-aabc-28a7328996c5%22%7D%5D%7D%5D%7D%7D
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2ae8e549eed064907cb4814f5fe7ee0404da87c227567b7dc57a2d7ace83280b

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.36], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.babla.co.id
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Sun, 10 Apr 2022 18:07:26 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 100ms
99ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=451339&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227057680e5f457d1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow%22%2C%22domain%22%3A%22babla.co.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22babla.co.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A2%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A2%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227155c4a0f9a253%22%2C%22ext%22%3A%7B%22siteID%22%3A%22451339%22%2C%22sid%22%3A%22300x250%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Fextraslot_1%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22skip%22%3A0%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A2%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%2272c2a815800974c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22555367%22%2C%22sid%22%3A%22300x250%22%2C%22gpid%22%3A%22%2F23202586%2Fbabla%2Fextraslot_2%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22skip%22%3A0%2C%22playbackmethod%22%3A%5B2%5D%2C%22placement%22%3A2%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2284f3dd19-3720-4393-aabc-28a7328996c5%22%7D%5D%7D%5D%7D%7D
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2ae8e549eed064907cb4814f5fe7ee0404da87c227567b7dc57a2d7ace83280b

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.36], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.babla.co.id
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Sun, 10 Apr 2022 18:07:26 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
466 B 124ms
123ms XHR
application/json 52.29.60.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.18.0&referrer=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tmax=1300

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.60.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-60-125.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
accept-ch: sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt,sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 485 B
941 B 74ms
73ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1502230&size_id=15&alt_size_ids=2%2C16%2C39%2C40%2C221&p_pos=btf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Fextraslot_1&tk_flint=pbjs_lite_v6.18.0&x_source.tid=ecd84073-2522-4ba4-96f4-d55cbb8c1aa0&l_pb_bid_id=77f0b606507b661&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Fextraslot_1&slots=1&rand=0.30433542003503944
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c9ad7f6da0bf492d071ff8f1f7c864332ef41b90daa648b64d13b27179b13cca

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 485
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 485 B
941 B 72ms
72ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=2278406&size_id=15&alt_size_ids=2%2C16%2C39%2C40%2C221&p_pos=btf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Fextraslot_1&tk_flint=pbjs_lite_v6.18.0&x_source.tid=ecd84073-2522-4ba4-96f4-d55cbb8c1aa0&l_pb_bid_id=78a3a07cee241e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Fextraslot_1&slots=1&rand=0.9650855958705273
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5bd7e0b18dc509c68f0f2b619915b7c3cd834b9a66fe77d54d59573946214db7

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 485
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 485 B
941 B 69ms
69ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1673718&size_id=15&alt_size_ids=2%2C16%2C39%2C40%2C221&p_pos=btf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Fextraslot_2&tk_flint=pbjs_lite_v6.18.0&x_source.tid=7a24074c-774d-40dc-860c-3f67aa30ace4&l_pb_bid_id=79a888e7f73d69d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Fextraslot_2&slots=1&rand=0.5562443977712639
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3d36e36027a54196995b2658d0d31ac14f0543407722ece94106c2c7a6646d91

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 485
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 485 B
941 B 71ms
70ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=2278408&size_id=15&alt_size_ids=2%2C16%2C39%2C40%2C221&p_pos=btf&eid_pubcid.org=84f3dd19-3720-4393-aabc-28a7328996c5%5E1&rf=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.ref=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.page=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&tg_i.domain=babla.co.id&tg_i.pbadslot=%2F23202586%2Fbabla%2Fextraslot_2&tk_flint=pbjs_lite_v6.18.0&x_source.tid=7a24074c-774d-40dc-860c-3f67aa30ace4&l_pb_bid_id=8031ad90750a1da&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=2&p_gpid=%2F23202586%2Fbabla%2Fextraslot_2&slots=1&rand=0.7706747931135567
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 93c4a575fb143c0fe4610139c46dd39ab46b460d2c2d177e07e08dc0e9d31da7

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 485
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
idm-d.openx.net/w/1.0/ 73 B
101 B 35ms
26ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idm-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ecd84073-2522-4ba4-96f4-d55cbb8c1aa0%2C7a24074c-774d-40dc-860c-3f67aa30ace4&nocache=1649614046700&pubcid=84f3dd19-3720-4393-aabc-28a7328996c5&aus=300x250%2C336x280%2C728x90%2C750x100%2C750x200%2C1x1%7C300x250%2C336x280%2C728x90%2C750x100%2C750x200%2C1x1&divids=ad_extraslot_1%2Cad_extraslot_2&aucs=%252F23202586%252Fbabla%252Fextraslot_1%2C%252F23202586%252Fbabla%252Fextraslot_2&auid=540922263%2C541044832
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: dafbbb391982070a41a5abadcdf64f9eb3662a8512e4bb29c2ecd928bf054625

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.babla.co.id
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
190 B 115ms
115ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 335885b94f8aacfe32d8ed64a18065321bc1c17570405e943eaf1ba2cb760ebd

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6f9d6c0ffc3d0f76-MXP
pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 47ms
46ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.18.0&cb=7104985095

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
248 B 220ms
109ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.babla.co.id
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 10 Apr 2022 18:07:26 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 59 KB
19 KB 231ms
231ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b4671c17ec3eb8b9ea6a7a419e026cff3ed8c2e7722c913331cfd01c603420e3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 10 Apr 2022 18:07:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e5ffd423-a94e-4a52-8141-f26622439d4a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.babla.co.id
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 47ms
46ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 127ms
127ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:25 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 28ms
28ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 153ms
153ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CC4E 4 KB
3 KB 56ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 18:07:26 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CC4E 0
9 B 22ms
11ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_deJjw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/qi059-CYUsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qi059-CYUsA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame CC4E 52 KB
15 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 10:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 11 Apr 2022 10:57:34 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 46ms
21ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b30dae716326d216db9ab33bab355e545f02f796cef3e1e41f360d68e7c450cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10515
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 18:07:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.babla.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 39ms
22ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.babla.co.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
35 KB 366ms
366ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1399561068748672&correlator=1881970820017419&eid=31064685%2C31061165%2C31065518&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=23202586%2Cbabla_extraslot&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C728x90%7C750x100%7C750x200%7C1x1%2C320x50%7C300x250%7C336x280%7C728x90%7C750x100%7C750x200%7C1x1&fluid=height%2Cheight&ifi=5&adks=2242229913%2C2242229912&sfv=1-0-38&ecs=20220410&fsapi=false&prev_scp=vp%3Dmid%26hp%3Dcenter%26si%3D1%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D750x100%26hb_pb%3D0.02%26hb_adid%3D101076ae74622564%26hb_bidder%3Dappnexus%7Cvp%3Dmid%26hp%3Dcenter%26si%3D2%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.08%26hb_adid%3D104b37f23263608f%26hb_bidder%3Dappnexus&eri=5&cust_params=stack%3Dgam%26babla_l%3Did%26babla_pc%3Ddictionary%26babla_edc%3Denid%26babla_dc%3Denid%26sfr%3Dlab_dict_enid%26ad_group%3D1%26up_recovery%3Dfalse%26excl_cat%3Dwprod&sc=1&cookie_enabled=1&abxe=1&dt=1649614046974&dlt=1649614045814&idt=318&biw=1600&bih=1200&adxs=370%2C370&adys=1621%2C2311&ucis=5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.babla.co.id%2Fbahasa-inggris-bahasa-indonesia%2Fprow&frm=20&vis=1&scr_x=0&scr_y=0&psz=860x0%7C860x0&msz=860x0%7C860x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=1152423371.1649614046&ga_sid=1649614047&ga_hid=847148642&ga_fc=true&btvi=2%7C3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ecf9b4bf48c77d6534111361336c14bbd9336603f81c599ac66ca1fcb14f8136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35325
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.babla.co.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF02 13 KB
5 KB 43ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 17:52:16 GMT
expires: Mon, 10 Apr 2023 17:52:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C21 783 B
534 B 33ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe91292d7d03317a293bea03b44d2ecc433cb3e8d50baa923ac094422fef369d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bb4CuI8g8ubsrOpcp2R9XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-bb4CuI8g8ubsrOpcp2R9XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:27 GMT
expires: Sun, 10 Apr 2022 18:07:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CC4E 98 B
142 B 22ms
21ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca2f82d11226b1c690c54b4b88cb08d8b821ec8b97a8be96bb118b455d24396a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 17ms
17ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 10 Apr 2022 18:07:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C21 0
0 87ms
72ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040501&jk=1399561068748672&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js Show response
pagead2.googlesyndication.com/bg/ Frame FF02 35 KB
13 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 12:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 12:19:04 GMT

POST
H3 204 error Show response
intake.pbstck.com/v1/intake/ 0
224 B 190ms
82ms XHR
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/error?sId=fa44a47f&tId=f18c027f-eefb-48c2-b89a-f013e1828e06&c=1&ctr=DE
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f9d6c134f2783b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF02 0
9 B 8ms
8ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Su_8sg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDEB 6 KB
3 KB 69ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:26 GMT
expires: Mon, 10 Apr 2023 18:07:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86D1 6 KB
3 KB 69ms
16ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:26 GMT
expires: Mon, 10 Apr 2023 18:07:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ 0
187 B 87ms
84ms XHR
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=fa44a47f&tId=f18c027f-eefb-48c2-b89a-f013e1828e06&c=4&ctr=DE
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f9d6c134f2083b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CDEB 0
0 47ms
47ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnWK13hxTYuSoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBPsBT9Cm075ma4yIaUcEgMyhaAjI7ZX0Hd2gu-yDh2ekrNdPD09i0MJLbYDXQ7hiY0zGbIjaIQ9YtX-g9Wa0WXhC3KhGMwukt5Jae0m1x6HDqlP7jGVsOHca2cwwwEXAxOPNTiRigMHSvKmC-TWjp2ZD_Kh6XJTk07Frj8r289E_XP0Xs6AOz5EWrpQxEZWJVMO8Iob9iu-KtXWKn6iB0ivhqNjjGDllsppO-79xEaTL2VkoOct3fC1NiQSp-WmiUG_WETFU9Ma-WSVKxKpQfw1efkzBrt0m4TuN0x__s_x_7Y4j2JRrHJ3GeMlJJ6c00BZj8fy88T3VhHUGyzTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0wMTc3ODk4NDE3MjY2OTU0GLLdHA&sigh=XWyaMwU31jg&uach_m=[UACH]&cid=CAQSPwCNIrLM4X-Z8tdgUy1Gm3_YqsuWtxu3iL1MV1koXL9wk0UuLCLDgahWWossM_Itof0LG-2aY-yNJ076QlQRChgB
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CDEB 0
0 70ms
21ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U_2jEuTTDsoH-gGdg2ICAgAAAHxT2JVOQ4RH9FjuoMpyq5YQ3hxTYi8Fg_WuYZNBy5yvABI&wp=YlMc3gAK1GQKd_mIAAG0RD6U4maNh4082iXbCw

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 294109
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AA17 47 KB
18 KB 71ms
30ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GQKd_mIAAG0RD6U4maNh4082iXbCw&u=%7CU3hRj9QATRfmw2DXnGdM%2BUGuTgutNi04X5KF9F%2FE3ug%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzf3765y_SwX21p3b2QoaQT9c7rlkzAXVy_1qCz-JXwUDerX97hIwH3z7j-sLQ6saFdYGmu_yTYIHvwUmj1CL8X_HOu3Y5A5TjXa8uQw21leLl-IgGcTKgvp2MesUOOgW8y5MLhd5XPxQR2UUmGHC7_XCnl_AC62JT-l00PABwWMnA6MyXKVAUEnkyhKL3qFMcid0knsp46M_BJWm2UJAgQMEqYG4hiBHAcCjfotdyM0QRuPDUFAWUvWAFhROHZy6RVP7aynKqgQXSBLgcNMBYoFT8VZgewwLM3TYHoRY9Qkv-UXAqrReYTZoPQmJih7yJV02oDUPCggxDdscmP4GcE7p4wMGDYDNf82QdkuqPUD1yNU3RJisPiBDq1fe8Bb5BA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNBhN3hxTYuSoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP4BT9Cm075ma4yIaUcEgMyhaAjI7ZX0Hd2gu-yDh2ekrNdPD09i0MJLbYDXQ7hiY0zGbIjaIQ9YtX-g9Wa0WXhC3KhGMwukt5Jae0m1x6HDqlP7jGVsOHca2cwwwEXAxOPNTiRigMHSvKmC-TWjp2ZD_Kh6XJTk07Frj8r289E_XP0Xs6AOz5EWrpQxEZWJVMO8Iob9iu-KtXWKn6iB0ivhqNjjGDllsppO-79xEaTL2VkoOct3fC1NiQSp-WmiUG_WETFU9Ma-WSVKxKpQfw1efkzBrt0mozmsQZhwL-_AcZqACKnN5JTScn9DCb-2ZN5eVw4D7xHNAd-C2Itio8HgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3JvVRoF3q7T0UmydKPTNZ6ORzwUw%26client%3Dca-pub-0177898417266954%26adurl%3D

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

88ac952f4677077d5c70b85d010b4dcead03c5540c0bce583d8fac27995b3af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SKMrIfyGqiWgeeHpQC9uUg8HX-hYx3kCaUz85v89k_NeLa303OuC0IgVRNu7LDl1jvzRTnEf4flBKavDPP-cCBWkcrDk-lrUQtxbchOrsP7ZcxlhW9XIXYsodwDW80CDgNpprmxfabWEzKNkD5JMUvRlg-27APv5g071LkBSVSR2DEKSuXrRv91DSLO4ojgxXigCjbgQiHdJh95oIird-ICUxtTsj490YtA9wDZ4yC8tT6gfkW-MV6i-agQJdrWXNOo4YA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5960921
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame CDEB 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 18:02:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDEB 119 KB
37 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 18:07:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame CDEB 15 KB
6 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 17:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 17:33:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CDEB 0
0 18ms
17ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyKn2KhxXfpfxhfY1aruhPyUZ2PySepfzq5l6CzJX6j2m013X7vfJTP2-BIlqV4690RMp-TC4ba4wEjNTc-ZZUe5CUMQ
Requested by: Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CDEB 22 KB
7 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 86D1 0
0 47ms
46ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD9Cb3hxTYuWoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBPwBT9CGwS8WsHRTUgb6UA33JUUJrA76hwYf0g7sHKcvs_RmRf-0QQtVGHnPgPq9YIQhtS7tuuVs0V9ioe7jLDjVxlRn01qry4_qvRmnWyxrwfaUYAEyqB_mdjfV3JON-y0B07-yApVrgYmitrtg6WkqtgIgFUqvZ7SDZNexc6YQhHS3jmASdiKxB3WMsmBElQ4dQSJ_R4ANE7RgklDzdg_tIHI9QO4aptuzpcTNKh7XQSA0plnCBryc_rdLK7X-TKk1fKD3PNaKMNM5FCZlNuutyl59mhYwHVORVaW5ZHLIE_jCdoT66_Um5_Eyb2503Nz41s8JeKNiFERoHDzz4AQBgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0wMTc3ODk4NDE3MjY2OTU0GLLdHA&sigh=k0SmQbk-e6o&uach_m=[UACH]&cid=CAQSPwCNIrLM4X-Z8tdgUy1Gm3_YqsuWtxu3iL1MV1koXL9wk0UuLCLDgahWWossM_Itof0LG-2aY-yNJ076QlQRChgB
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 86D1 0
0 63ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-b8EIWGBqwC2ASdg2ICAgAAAHxT2JVOQ4RH9FjuoMpyq5YQ3hxTYnayiKcPqlYfv7DVABI&wp=YlMc3gAK1GUKd_mIAAG0RBfz0hQRh2wlmOGGng

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 164176
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 123C 170 KB
53 KB 151ms
114ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GUKd_mIAAG0RBfz0hQRh2wlmOGGng&u=%7CU3hRj9QATRcp3sS8RRHgW5cBpKorj9E4GTGrxxmqazI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLqbjaxRXLWjqUlvF7jKunYYT-0NoXQF-fpWIMXrGb-HTNwsWhZCk8yj4hCFWFrIemsZjdGXQkZj5c-PKOq1vuYU9P4VyAINa9viSKuyxy2P-Oser_DK7EXNHeywyLtg1u9Hgd8773ByJ5Ewr6_8EC5sNjeEOePLHpvr6ZLM7bMZmCDxFaBiLse7c6LHlMvcyaYVp_Y0BYHuHJ6b6r56n6HYJC32mYOr3SdrGYDdHB6boqlH8GBP11WntWFDLoFgdBZvJLHv2kqCaG8qjQDCskMdPbvWhs4RLg14mj-QVXw1f9WwMi6qwY1E4S_a-ZxT7gbV46OGs0TLalkUmAlv8lYKT7n_chdO8frOAcHBHzA-B9gSMR-dToIoxX09eqPJKE03zibF03c0S&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMyIe3hxTYuWoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP8BT9CGwS8WsHRTUgb6UA33JUUJrA76hwYf0g7sHKcvs_RmRf-0QQtVGHnPgPq9YIQhtS7tuuVs0V9ioe7jLDjVxlRn01qry4_qvRmnWyxrwfaUYAEyqB_mdjfV3JON-y0B07-yApVrgYmitrtg6WkqtgIgFUqvZ7SDZNexc6YQhHS3jmASdiKxB3WMsmBElQ4dQSJ_R4ANE7RgklDzdg_tIHI9QO4aptuzpcTNKh7XQSA0plnCBryc_rdLK7X-TKk1fKD3PNaKMNM5FCZlNuutyl59mhYwHRGTdDc-6-7brGTW1VTHTQ0v8_uEZUBsXmgw62n7x71ODMHCmC9MEbyw4AQBgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bKvxKSHed7ySNgRd9FRSDRHqJZQ%26client%3Dca-pub-0177898417266954%26adurl%3D

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f868f655fe552d136d012a43236ee92440f5738f020f508d94ff7568e43c062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=P2-J6fyGqiWgeeHpgZr7_TziToPzKdtIdbJSkPNkQnAeZc-uw2dyFZR9x6Zu-jU9z6kRFa1jbn3VTdFfQ7SJE9e-ECNQfQrJTaICYfMf6tmbvGJJptsMI6iXLQevcLCvhN_k1ZPe_rj69eBY5G4k1RWLs9wOCLEhc2ZJ34B9evTqObZ48uTJio8M7locPxyKz6DmutVxBof9jMB9wbAnIhPlEAY_NBKjb94W5PAHfd6jThiwmedl5s8PV6kMWOEzrQU2RA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 97187205
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 86D1 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 18:02:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86D1 119 KB
36 KB 61ms
31ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 18:07:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 86D1 15 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 17:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 17:33:50 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 86D1 22 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame E608 222 KB
62 KB 67ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E608 16 KB
6 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E608 96 KB
29 KB 88ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E608 5 KB
2 KB 93ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E608 42 KB
13 KB 94ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 08 Apr 2022 11:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Apr 2023 11:36:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E608 4 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 18:07:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Apr 2022 18:07:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Apr 2022 18:07:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E608 4 KB
691 B 48ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 17:02:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Apr 2022 18:07:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Apr 2022 18:07:27 GMT

GET
H2 200 6399340375953754877
s0.2mdn.net/simgad/ Frame E608 83 KB
83 KB 41ms
14ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6399340375953754877

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c313697279d286cadf8c885a827f4c2e44ee4e99a5da6184a69871affe24499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 10:59:34 GMT
x-content-type-options: nosniff
age: 457673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84530
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:09:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 10:59:34 GMT

GET
H2 200 1002016824953198123
s0.2mdn.net/simgad/ Frame E608 7 KB
7 KB 40ms
13ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1002016824953198123

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 07:00:13 GMT
x-content-type-options: nosniff
age: 385634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6944
x-xss-protection: 0
last-modified: Mon, 23 Mar 2020 15:00:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Apr 2023 07:00:13 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame E608 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6yWlY1s9XUZJS2Rimn4jEgxWhZWeF4pt0ubStp0pqyqXfHNMePtWLeORd462jZgHg742r3yM9kad04HrTWQ3VAPJ5nigv7iQjj1Z9Dh2vZupLLkiyeH9XY5HrcbzDQt8Q0ws0OYDrWV5hhjZ42_sHH1Idkw&dbm_d=AKAmf-BNV19Ip1ERXfnxoM8M82-vOOwhP_U9A-H6J0zJpqd0ppml_w5c7MlX_KfMHN_XLN12I2hapX3TcGgWgbrLjKeBJ31Z_lRE_yl33TvSuINLIvOTxdz29zapW-_LBU_3tyW9KOIaK3K1uyZGiv1MKiJXENt-Z-2NXbhIJhbCU6klEezjpVdRpJE4FuBBRBwFIOEz1D2S6vRiX8pvOH5hoH_dEDu20cxOGV_zywDuyia1qH4Qpqr4vup0Ndc_3AwwCk3ZFaKIABT1LdegK2TbLjPe7nteeUM2UWHktnmeAIzCDV3byxl17oUgUxmRSh3k7x_v8hlsB4N8ztz3-ki0WMnVKFdnxgdu0YxyAzVmmC3OFH3YVs4UhIG6AM6Ti740tpFZshiHJ8BdzNGiyEYGE1sVJZSjxPyg1GygL-g34lq5Owt1Ie0TluP4sL4y40pfq9nUfniFv4sFNfJEpJ4cXVvohA104whC5n0AqcuSiewnkqYVK3vdu8DNFVxZLa-IuYYaC9y1iiV19yCmn2lqyHfpYVczyEfEgEAtdqNVRRwWwO_JhJ3FrO8bVMuxtKe4R1ERPX5MHwx6aBEiKTxzqP_Gg-MvoMVIXGFFxwlaobLRzMnNIdqjNF5XzCV97jGY_217atNCngzdXemRYEc8aR6M5j0OKpDoV0P8bz_OJwpi8xwt0aXoUzHUb2TmnPp00svKVnfrDDioeI16yNITX-rMtghffoNTUDR2LLFQIjRU13hUWSRVr0gB6G4uERDLnzh78NTZlyPUEZDrB9Mn8A1gJVnwLxRs-AHvLTWOeqrAJmTEAXm2Sy8tMmfzUfk2-khLqyZuZi4wgWkaVa38bFPDL4Bhmk0J7DvMSugzpXzBKqlk8EVeciIsyz_anSdxFjoyHWeOCT0lWUF7NDWnApM0_UG4t7R5uuxU5UHXDTDZC7MpTw1_v0_J5s3Yp8h3YnznriIWEfXV_7ODo682emYvkJCRyLoynSiVmIo8nZ_3qlb0av0iXFVV9c6P4CHxn5YHgeFOJnCGWEBz2_YEBv6hEAOQXTLyr53627jh9ViXaZbwFGOT-ztUNqYFYVd01RsVvRt9V23rUwo6k5jmAvUkRTF_h2489SWDhyZukAhzSehC0Q4CFjMb6EgmN23JzSJHrybwWa0s0wuHmIEJmpiFsogOjRJk4XvE8qhq5t0h9vkxc0sj3_-PVZ5bIoE6ePZqwT3Ilo8BDLhAlsIM6MpMO90qJp1ziKIxJK4dYGqe6uyol2At7sxTqrGoHYpiSSVo9IDZ9Lw7TlOk2396rhbNQMwfoslLlLW9qrErIkS1Nm88mTFZ_BB8yo5Cp_R9DW659O8i21jvdAgRcZ7d_qPn7GzdP52mUCd08PhShEDlJwcytCaNlVAf0yNEivNX7910q-NVM0o6U1tD6brPhWASMTGI-RzoLGTOb_sb_PNM55CV3fhH8W47xwpcxDJEnZ4cq78lnjoTJVktIPtvhDR4ljHEupX4DCEE7dyG_Wu5YPqeVUm5GWdvIFRRGjOmVw4DYUTC4IDCNpLmmpgkUqWb1Crqd3vFn8EwU-7pPydm8IawAsGp3oCizbgWx9qzP_OUkp3ktfKIqXRpJOWxgfTVA9mxAvZOuLS3CWbMnvX67U1IA-WGTB8YCKBcgtch-VMnhjLg-azC1H9zY6XfQA59Vfu-uDMzawlBJHKVDbJ-IaTjp_vtmdRixx9WXEFBVg_jOxcv4_AN7ZCyEiGxgGY-NlPLdhFsjp6ub3s3B_vzYYp-lHVeX4lcrsWbqIHACRAbbHisGK0E65ZFKAMpU9AWAnMMlsoS4my530fnBVWYp1B-0UHjWO2veZv3DkksbPQw76rNPwJ1eJNS7If1B0oI4E_4RmDnf_8daL63qrLPh6vVDD1uYZ8KtCvzyZIuE1xf8dt4gOJMe6mu_OCFQiIvTb6sU3rgbzY7g1EntOujUG80vpeMRT-d1Darujw39guUUfqcZsE3m2upsHdH-xM9WXB94xv-MK1z7F2RzmtHq5fOn7fcKNxU75AgG5mrnk0obJCQ9TA4Z3sEZ0LiOd39w7YREV12r5ZKkk8nJ9cqrPK93OYKkQ-EA-U8rmAazrAj-D3BhBcyTRpytuq7RTIwKqf0QdszctGSRyfb5o1saLY2EliNuKNq5yfTz13D5fRPrIyvZBh8B_2N8A8z9yGRt2VXxsCYFOmybM4eyY5qi4KDWtWwGdWOtINOuzOmVpg2GCT1NQ1b9Hc7SFHT9fWWsEupEpLtu4cIQPtQAFTToA_1SXBOv4nBB1yGCDjTv26Jc8JdNmlfFAV1XZitqfcpHOO08FoEjBAFIpZdwGqp8Orpze-9-kltDCXQSFxoZaTrO8fnfQPI7b1cOuJE7EsG6bZHg7A7WC5TxMIV_egcvLrY7IE5F59xOOthzov0y-ZK6YHwHwVibq5xftGe16yTkSwGkrpV9c9dLnG4hZGU6wiqLW_UcxmnO1vJhYC2rO0KOOexXSpQoOJJmNrewxvTb3ry8q-iaWIFfupttjW57qxN-izBidNgWQ5J-a37ydQDEWQp_crkUJfXYiUxtq0WrJBP_yl9CBeqPrwy-jB9Af2n1TizSYOazVtHNCB0iOyEs_UU5K1hi_uAgLkd2eeAH0Ct-e_Cp8S2UehNZ-9MLCiA-ADGP5vXQpBIEF0RKJiejAshzLUlKm9CYZbQT2_eHP1JTPFXNFzQPphAP5iCyzb22CZrmcLvkGEkxF2mRhfAsJu0msn9VJbeVIA1u9yxzuYoc-38TGTk5vH0Cc4Kg2b1BZIplDOcR4QCCOOQTXqnXNrXu5Ls75xwl58k1OxH5xH6H1CDaoqYbjrmTNqaVuv4vuP3iCK0NGQrrdwX6e4hYeCix_ORZgku7u4aPPyP9spt5Ys3n9FIfu_P-c-WXuS6w8XpSOHnChVQu9RjYbQJXNwmXc-P7t6-IhhFTgIr51WodOCjoZK4KV3_vKFHf2nOZ8H7URdlhszkUIv3pVLVXdku7mYO3qmWEnQq7S9BbUPQ6nhll78nHuZ4bn27v2HJXYKDFFmJ9EoIqxtwmYMAxrDg&cid=CAQSPwCNIrLM5rZm4C9L2ThC63u0Pr9J7kAvAvx8YKtRKyyemr_Z_PiB6zrvk3FoVVQ0PvpJU1FpLTCwZb9w53YLMhgB

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame E608
Redirect Chain

https://as.ad4m.at/ad/tai?a=158504&b=3&c=3&d=1&e=775&f=&g=dbmnat_Pros_Allnet&gdpr=&gdpr_consent=&gdpr_pd=
https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022041020072766961572769X117667V1225131106MSviewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros...

49 B
1 KB

169ms
20ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022041020072766961572769X117667V1225131106MSviewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:27 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022041020072766961572769X117667V1225131106MSviewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet
date: Sun, 10 Apr 2022 18:07:27 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E608 0
0 46ms
43ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGNHO3xxTYpOuAZXQ3gOI4ZzgBsip9_ZnxMzw-aEN8C4QASDr888cYJXaiIKYB8gBBqkCmEiUPDw_sj6oAwGqBNgBT9BZHPD_0nQuejCPGWsRYpcJ4jhHdO_fm4bEx5r5JBKHi1RxnGeUGTqeszaGGcT5m-nVN6QVL_8eCNMxMAIc9fkGVxRxNNtblQUa-4_EZdXZLveNNgFw-cunbaiUcLk2qHiDl33eCAkTI2lW0GK--64upiiyJTAMHxtGmRywHsErdkqAKUqmPHLSt9zCU0amsnBWu9FZfyYtbP3h_BYgfs19PbW6pZ8luZ3bbMgftBLd2xJoGzKBaq6_ilfoKIpAqFO3Bp1YtR62grsfPvGpPwz_54ojh2R9wATRvszopQPgBAOIBerLrdQrkgUGCAMQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAf5v5hiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ4_gLGJr7ppcB0ggJCIjhgBAQARgdgAoDyAsBsBORweQKyBOi2pUJ0BMA2BMDiBQL2BQB0BUBgBcBshceChwIABIUcHViLTAxNzc4OTg0MTcyNjY5NTQYst0c&sigh=RPGk45mZAQg&uach_m=[UACH]&cid=CAQSPwCNIrLM5rZm4C9L2ThC63u0Pr9J7kAvAvx8YKtRKyyemr_Z_PiB6zrvk3FoVVQ0PvpJU1FpLTCwZb9w53YLMhgB&template_id=509&vt=10
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame E608 0
0 18ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRIAEfpoNcDZt5HgrKPjgO868fbqFo8v-4LDeuVBFOpMGX9Gh7jbkYKeyt_SzpZSh4YIb0IuS4A3U8u2hR-CZN_gi44Q
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E608 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 02:06:02 GMT
x-content-type-options: nosniff
server: cafe
age: 57685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 12948112503563494795
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Mon, 11 Apr 2022 02:06:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E608 344 B
368 B 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 4102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Apr 2022 16:59:05 GMT

GET
H3 200 container.html Show response
b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC6D 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:26 GMT
expires: Mon, 10 Apr 2023 18:07:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AA17 2 KB
1 KB 69ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GQKd_mIAAG0RD6U4maNh4082iXbCw&u=%7CU3hRj9QATRfmw2DXnGdM%2BUGuTgutNi04X5KF9F%2FE3ug%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzf3765y_SwX21p3b2QoaQT9c7rlkzAXVy_1qCz-JXwUDerX97hIwH3z7j-sLQ6saFdYGmu_yTYIHvwUmj1CL8X_HOu3Y5A5TjXa8uQw21leLl-IgGcTKgvp2MesUOOgW8y5MLhd5XPxQR2UUmGHC7_XCnl_AC62JT-l00PABwWMnA6MyXKVAUEnkyhKL3qFMcid0knsp46M_BJWm2UJAgQMEqYG4hiBHAcCjfotdyM0QRuPDUFAWUvWAFhROHZy6RVP7aynKqgQXSBLgcNMBYoFT8VZgewwLM3TYHoRY9Qkv-UXAqrReYTZoPQmJih7yJV02oDUPCggxDdscmP4GcE7p4wMGDYDNf82QdkuqPUD1yNU3RJisPiBDq1fe8Bb5BA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNBhN3hxTYuSoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP4BT9Cm075ma4yIaUcEgMyhaAjI7ZX0Hd2gu-yDh2ekrNdPD09i0MJLbYDXQ7hiY0zGbIjaIQ9YtX-g9Wa0WXhC3KhGMwukt5Jae0m1x6HDqlP7jGVsOHca2cwwwEXAxOPNTiRigMHSvKmC-TWjp2ZD_Kh6XJTk07Frj8r289E_XP0Xs6AOz5EWrpQxEZWJVMO8Iob9iu-KtXWKn6iB0ivhqNjjGDllsppO-79xEaTL2VkoOct3fC1NiQSp-WmiUG_WETFU9Ma-WSVKxKpQfw1efkzBrt0mozmsQZhwL-_AcZqACKnN5JTScn9DCb-2ZN5eVw4D7xHNAd-C2Itio8HgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3JvVRoF3q7T0UmydKPTNZ6ORzwUw%26client%3Dca-pub-0177898417266954%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame AA17 2 KB
1 KB 143ms
96ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AA17 308 B
636 B 95ms
93ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame AA17 507 B
835 B 23ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame AA17 43 B
348 B 63ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Oc74N223uP5swDh-p6FU35bxopPYpueJKFUthtXwzH5KsAANT5tGZ5rIWveUVbkDNW7sSB4RY1hZn7FmEZZ7_YMSPZuCipItVggaZRNF54lZ7b2O5Z1_QArq_3VsAPf0rftVIaOCJ_epoJhUCkIFBry5bppKMenJa4WeC9sefrfMtjvP5TkI5wNBy580zm82B4qs_Ir0syrb-4cDJ9fBEsuOsaWI-sY-q1HFK74oxvtNAYKZZUp2LKDC_skQb29ZJbDpDFKYJxBzxuplI9AZakQNbGLgJDGKGqHXcVoY9fhCd6G5bZ-H_IobQELImfta31GgmP2IGFuD6wWaooPtxjUFY0GqiU99CRbwc2T8RQ3-Kns1CjlMGH2eb_WD1uGXVjSejyowIAhKGEZY41sF9j_rWV6Ew3kuZrHJhfHMLmOQqg0yr8YPTMahT6Mr4pkZgtFaoQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2885406
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3549715bb9944266b21b12a1e7099fc5_image_ad_970x250.jpeg
static.criteo.net/design/dt/90764/220105/ Frame AA17 143 KB
144 KB 24ms
21ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/3549715bb9944266b21b12a1e7099fc5_image_ad_970x250.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

51746c69166c0b6c44f2a8972300355b814e2eed534f46c298f039811b4e79e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-23cfc"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 146684
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
DATA 200
OK truncated
/ Frame CDEB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4108d70cc83a90264f30fae9e48c641a25a975d53f89e49582dac8f5fd721a44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E608 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cae37d6505ee302ed02a4087fc5240ba8b8ef7b81b2c521fd949c5fa8ca32b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E608 15 KB
15 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=id

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.babla.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 428858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E608 16 KB
16 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=id

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.babla.co.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 390849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 05:33:18 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame FC6D 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 18:05:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FC6D 8 KB
714 B 45ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 16:53:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 10 Apr 2022 18:07:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Apr 2022 18:07:27 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame FC6D 14 KB
3 KB 59ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.css

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 12:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 12:45:03 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame FC6D 347 KB
120 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 11:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122269
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 11:56:25 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame FC6D 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 18:04:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC6D 0
0 17ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8dRD2JUohp_m_Jq-qpb_TRdG4bszXZNAXxmMjpjVORkSKSaWoMMIEdVFcWngHKusUP8jVPtqTNBAIw3MvpSTurer8XQ
Requested by: Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 86D1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dc586e860303804646bbb646aa78446b8964622bac883441dc0a8aed3eb30de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame AA17 0
128 B 48ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=SKMrIfyGqiWgeeHpQC9uUg8HX-hYx3kCaUz85v89k_NeLa303OuC0IgVRNu7LDl1jvzRTnEf4flBKavDPP-cCBWkcrDk-lrUQtxbchOrsP7ZcxlhW9XIXYsodwDW80CDgNpprmxfabWEzKNkD5JMUvRlg-27APv5g071LkBSVSR2DEKSuXrRv91DSLO4ojgxXigCjbgQiHdJh95oIird-ICUxtTsj490YtA9wDZ4yC8tT6gfkW-MV6i-agQJdrWXNOo4YA&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:27 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AA17 2 KB
1 KB 55ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AA17 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 21ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Apr 2022 18:07:27 GMT

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ 0
187 B 75ms
75ms XHR
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=fa44a47f&tId=f18c027f-eefb-48c2-b89a-f013e1828e06&c=2&ctr=DE
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f9d6c157ca783b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 123C 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GUKd_mIAAG0RBfz0hQRh2wlmOGGng&u=%7CU3hRj9QATRcp3sS8RRHgW5cBpKorj9E4GTGrxxmqazI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLqbjaxRXLWjqUlvF7jKunYYT-0NoXQF-fpWIMXrGb-HTNwsWhZCk8yj4hCFWFrIemsZjdGXQkZj5c-PKOq1vuYU9P4VyAINa9viSKuyxy2P-Oser_DK7EXNHeywyLtg1u9Hgd8773ByJ5Ewr6_8EC5sNjeEOePLHpvr6ZLM7bMZmCDxFaBiLse7c6LHlMvcyaYVp_Y0BYHuHJ6b6r56n6HYJC32mYOr3SdrGYDdHB6boqlH8GBP11WntWFDLoFgdBZvJLHv2kqCaG8qjQDCskMdPbvWhs4RLg14mj-QVXw1f9WwMi6qwY1E4S_a-ZxT7gbV46OGs0TLalkUmAlv8lYKT7n_chdO8frOAcHBHzA-B9gSMR-dToIoxX09eqPJKE03zibF03c0S&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMyIe3hxTYuWoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP8BT9CGwS8WsHRTUgb6UA33JUUJrA76hwYf0g7sHKcvs_RmRf-0QQtVGHnPgPq9YIQhtS7tuuVs0V9ioe7jLDjVxlRn01qry4_qvRmnWyxrwfaUYAEyqB_mdjfV3JON-y0B07-yApVrgYmitrtg6WkqtgIgFUqvZ7SDZNexc6YQhHS3jmASdiKxB3WMsmBElQ4dQSJ_R4ANE7RgklDzdg_tIHI9QO4aptuzpcTNKh7XQSA0plnCBryc_rdLK7X-TKk1fKD3PNaKMNM5FCZlNuutyl59mhYwHRGTdDc-6-7brGTW1VTHTQ0v8_uEZUBsXmgw62n7x71ODMHCmC9MEbyw4AQBgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bKvxKSHed7ySNgRd9FRSDRHqJZQ%26client%3Dca-pub-0177898417266954%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 123C 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 123C 308 B
636 B 68ms
67ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 123C 507 B
835 B 67ms
66ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 123C 0
689 B 452ms
382ms Image
text/plain 2600:9000:223c:c000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1649614046
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlMc3gAK1GUKd_mIAAG0RBfz0hQRh2wlmOGGng&u=%7CU3hRj9QATRcp3sS8RRHgW5cBpKorj9E4GTGrxxmqazI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLqbjaxRXLWjqUlvF7jKunYYT-0NoXQF-fpWIMXrGb-HTNwsWhZCk8yj4hCFWFrIemsZjdGXQkZj5c-PKOq1vuYU9P4VyAINa9viSKuyxy2P-Oser_DK7EXNHeywyLtg1u9Hgd8773ByJ5Ewr6_8EC5sNjeEOePLHpvr6ZLM7bMZmCDxFaBiLse7c6LHlMvcyaYVp_Y0BYHuHJ6b6r56n6HYJC32mYOr3SdrGYDdHB6boqlH8GBP11WntWFDLoFgdBZvJLHv2kqCaG8qjQDCskMdPbvWhs4RLg14mj-QVXw1f9WwMi6qwY1E4S_a-ZxT7gbV46OGs0TLalkUmAlv8lYKT7n_chdO8frOAcHBHzA-B9gSMR-dToIoxX09eqPJKE03zibF03c0S&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMyIe3hxTYuWoK4jz3wPE6IZAyZ7SsVzVnZH3cMCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0wMTc3ODk4NDE3MjY2OTU0oAHVttLqA8gBCakCmEiUPDw_sj7gAgCoAwGqBP8BT9CGwS8WsHRTUgb6UA33JUUJrA76hwYf0g7sHKcvs_RmRf-0QQtVGHnPgPq9YIQhtS7tuuVs0V9ioe7jLDjVxlRn01qry4_qvRmnWyxrwfaUYAEyqB_mdjfV3JON-y0B07-yApVrgYmitrtg6WkqtgIgFUqvZ7SDZNexc6YQhHS3jmASdiKxB3WMsmBElQ4dQSJ_R4ANE7RgklDzdg_tIHI9QO4aptuzpcTNKh7XQSA0plnCBryc_rdLK7X-TKk1fKD3PNaKMNM5FCZlNuutyl59mhYwHRGTdDc-6-7brGTW1VTHTQ0v8_uEZUBsXmgw62n7x71ODMHCmC9MEbyw4AQBgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bKvxKSHed7ySNgRd9FRSDRHqJZQ%26client%3Dca-pub-0177898417266954%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:27 GMT
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: hVNMvw1kH2e-OsUBSqpdv1Y5Fy9Hvfr4Q286yXy4wvnyEO_psI_hgg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 123C 43 B
347 B 20ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=y1xOCUfi9PLS8ZGZPOGEjURZkubqnuIWyoGBE-CPI82-bE7oX27Ja2BNSeZOs4FfVcq-4k2dmYJQarSa9O939ltPm3xDBX3lileNT06-MXxoxP4TB1EckYy5lW7IsLvgL98LIFF5mDHzJQZeK_Yj9u-5A8QUmZlrYTAyT2B1_AYJvFgjmqyYZfApnvVfB42ZaMA6IrbTpKDXwfak7s9uFuF05_gwRQXctsWjKzhWZxOJB-1fwGEmW1R4VJjekTbXDMlHJLdynsz1NpzW_8m9xtMKNohfSSmZFg0q8nlgtsvq5JlX2iqvJVPIMx0-htNdsKQY7rj3OMzvHjqSwbzYG08ta0nfmOyrGfcGyFyijFxvPRAclLoG4atdZvCqYAop1psyYDRIzou_j8SZp3ek1lsexoz4vzveoGeh3aythdSQ1snV0hCuKsGFA51buiL5X8KsuA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:26 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3507984
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E608
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

1999ms
1999ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.babla.co.id
URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Sun, 10 Apr 2022 18:07:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame FC6D 0
327 B 500ms
180ms Ping
image/gif 2607:f8b0:4023:c0b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l1tlm1dr&c=158113962481&slotId=79056981240.5&qqid=CNSZqJqLivcCFRWodwodiDAHbA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:c0b::78 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FC6D 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 424772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FC6D 15 KB
15 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 428858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC6D 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ck7Ar3xxTYpSuAZXQ3gOI4ZzgBrzwzo1p7o340eYPsLqg-eYvEAEg6_PPHGCV2oiCmAfIAQWpAphIlDw8P7I-qAMByAObBKoE5QFP0KJAhm_WHX4WphjQwkQp8flr2Zzbwc_k-tjEhN3lmNsnLOyIz75ttQ_BSBltcAV2aS3Jg8Cwbsfa_FKWTIvPZSZIulg_OgCDWtXTkM4U1lpHJKQudtJdtkz4ZjCSO-E-E4quSFa7GlWnojzZGs01LL44EyzqHl92PxSVhDMRNA-qhVC4BYImHUH-JWN0GcXqX1q8y2SVuSJyrOHEcQlreOBXazcbmay_mragTskiada07I1ukSMtxN2PEE66sKn5A6afEIOvh_JoLKfIjitQ14RYU6qAniqyA8ah7-1VIvpzjPaqwAS57J-57QPgBAOQBgGgBnaAB77uxjmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE4uDzQ7IE4a3198D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1649614047638&ai=Ck7Ar3xxTYpSuAZXQ3gOI4ZzgBrzwzo1p7o340eYPsLqg-eYvEAEg6_PPHGCV2oiCmAfIAQWpAphIlDw8P7I-qAMByAObBKoE5QFP0KJAhm_WHX4WphjQwkQp8flr2Zzbwc_k-tjEhN3lmNsnLOyIz75ttQ_BSBltcAV2aS3Jg8Cwbsfa_FKWTIvPZSZIulg_OgCDWtXTkM4U1lpHJKQudtJdtkz4ZjCSO-E-E4quSFa7GlWnojzZGs01LL44EyzqHl92PxSVhDMRNA-qhVC4BYImHUH-JWN0GcXqX1q8y2SVuSJyrOHEcQlreOBXazcbmay_mragTskiada07I1ukSMtxN2PEE66sKn5A6afEIOvh_JoLKfIjitQ14RYU6qAniqyA8ah7-1VIvpzjPaqwAS57J-57QPgBAOQBgGgBnaAB77uxjmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE4uDzQ7IE4a3198D0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame FC6D 29 KB
16 KB 213ms
55ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CBXi3RIj7t6e26RqHmGHk_Xde3PqLUVTep-624hOLTpeMUTPs5O-hO6v3E72Dh1dmZ_M6mdWDyhNvMxCiYcT87rmPaIg&cry=1&dbm_d=AKAmf-B-wRUVJ9Md9vP4o9gf859xbE9WJVy28pA9XQ6H7Wxz5C2UnkJnT-LAVDydUiJFbgcZvjYr44Ghic5OZEEKOPhFgXG0NhZwVbgKCsd-c4Fkh4VyqamHouIQeG3peEBOKzKLi4bQ94ZYO0-sZudYp4zorWVX39-pfeSgoq8oZ545OaxIHLTH_BF9OmH1CvNZoDrZZrTMtUqpRFmuvveiGtte2FV3cLZVEKs53UC1Fj_HX3PKWoVyTXXkFGWBA4Ba3tP4VP-iFi5hTpTuu5PvGD1NoOp5z33N5Z4uXL89W8tM_-5K4uPRHcL6pqCU5Lefy23sEGI9v6PPeu6VBRlkKekUnrj0XkkT6st2uSCrpOf5GZDXJX_l5eoW2QoT0U_k31udJQg1xv6gaL3oPBhiYbk6Wpkg5Pc7sm1_NwxjER9kz2dbHfV0wQor84LVg76-ZeuE1fqiHvnBP9iHCXphAsMna05OjAqAxY_wN0AGQRa9j2ClcQzVlf7GJ6Q6jvMj4ZTp_8pDsOB3kewjHp_v9XDVrJhP45xODR52FAqYPWa7fXV82u3s4PceCHhrbkMeRs4XekgV6_VsPIu7Dt_BgTDy_Ez__lUckYthg2hXPXByJ00_VBcZXcXYc6FcIeTplNKYVP_TbDV-_6HrvY4ONaSHNMnPeS7hmLDwPOjZ_t_uavfI5gyvlBDOzh6-_fO-cEf4hHFXrCH_DsXb3r5Qe3vnrr-rhNq0CdkcVfLCH4K2unaWegTgsPU2oEABkn5H--DsfR1z3F7dfz1YG-3dWvfqR0A3UYN2Cnwfvi6oGgYy6jmrGg6vs4hAIXeOa2Rm5d7CqJUCAJtsUKwdbjgJgEyxmQJfd1WGZF62Zs6ihzRgsCRC8bzUyOL9cDZyWCbam-c9n4rz6QAmJ_csXw3tccZ-F8S8qEFIC5stRW12zwH5TB9uPTWxjClb_ujuV2Gc2jAzQTog6N03wGMLS2sWmZbPiCGOEmuWavK5W1NGEE9JyNrCmDIAIeCVMSQVFzSwEkCMg-D-jhmojZM_2TC7IrvmOIGVfxrEIb6iI1zUBeMnP1PSGvzMIm9xYh-Hx4aBV6q8NyuTTs4VWx7QqM6ysZB0CMP7jX78eBrp6_jdErUHuaW7cwFEOdSCxCF8FAKINPUppn8b4BTYYWWazKoDUi-gqRni2xIJIhK1WAmEZ5vQ4DELOgLnMKGMxYyKTqFRT8q6kfKT5qXnIYwgcXNSq0wP0-145jP3gT2Tb8UFp3Z24EBP9WUKOgJcGsTri7Ve0Gao54vKi8GCUC7PTK7nmalt6v-DkNvzVEiZdsVncZOcn8imWozGGgZ3LuMaXK7lTVlhru6AcAC0MHHhms14bK9hUxMwc_H2_EYy9g_CH5gddFgx9GE_D-ICblOOZ_aL-N1YJ8p_luhaPdFC_xtBbyJDXpGaWQw7hQ40KPyoh-kAY1eCBbJLUl4ncqwhuiLeUdlEyAGwNthL-62iQr7PehQg4sju8zg7J4_9iRZBtyOR4wmVw18nLCsPwCswGtvEdAzmVdzxCTHta2EVnESMhFMpefGhlIEXsvIGJbWzv3QenoFKp4Aycz1hkhbj3n20uG5TJ87ORLW1EaTiiM1xiCMQ5IauEbB2YoWmW0zyAVQQ1FGOgCcmfwzHlPqRtKB_a0tVzN5MLjFaGInBHAga1hpHc5rGnZ52ROH2rHZsYJBl4gmOgp2_DIkAIYrYLVm_ki5wWiGgIY5OI3_oxWjrblJBenxa00qIqDBKyRei-2tutx1chdLUbo-o57jNS9p6G_EjaksNeaa3u108obLTvuXxkciXPGNbk_R5cV-upQ14cNmzfJ_ft2WZ4Q_j9Q77_cVeVn0n-eOH9c1RHOMgT27VtzzlqujUK1gnQGaD9vTvid7lCtwD_auUNiZHnN-wDkh4GYDP-05bVrk-OX6rl9mwMYXMpvp5mhZ2u-_LMSEVWlw8liN29fI05DmZ3NgkmtAkyfjXBVLx3k90yiHooeEVfQ0bHCwc62RCYYKZSSekV3GaiqEYHOsAml68gNm1Wk9H-zEXEcJSoj42QCEJQCOT0EW0aao3WrbihgSjnr2vgflwh31vHpTSPlEULyp1nF3J2kPh5ChWeTp1nJY_mckHWkZseHI9DDMki4TYAdmSIjRJ1wllnhSdQrkyKBlXHnVfaoHxLUKJL1mUb-wCwWhAjjqz52dRs9sNZAM9glDv-m0VwpP9LalaD42I2RU1O-ffvg1SG8TD3Sb6VgnBq4si4iIS4-eyNlit4UtvacKPOImCnJUEIc2_ulH0mT9qM8Hd_FCrX7TzKiFL9oqUDSQ7vFa-WfenxQyE_Hy5X8GBpMVQLJJPCapg4VECAkX9edf87H-0K8Jo0hO74kAZ2jvPHU24v57B4jyv_ii1-GTfJ2Dl84XSGPZJrpPszu5eAUM8fyGttkInKNVL0JcDhDbI0xEX3WmgN3mcMQAmqoVjm1eKTVDZ1R7SewJ8QZcZzjdKXIHg3llaPrnKzob0JwYmx9ssF4Xa-mpVJfG0bPU2TWDOftqN3rEqew47SIdsWLsy9oSDWG9V9shnM5cqNQhHyu90XnxabOGhfr56oAridXEQdw7wv42w0HhqtcfE84GWO9Ku6bvL2Lt08hQWJvP720VTMIYvUXudS8UIKHQx2I0SHySiSOLWpjuqzoEsDYi-RUMh24my5J7eLEbPBI1FLdHthO6xg4BJJvt7W2x6-CG0XUNTEIPG5Tyv2PdV8xetDWOKNpA2lN3IesNO7n8fPvoF8Y84BDXTpSKoAOW_tpFa00mWP7geeSCJqryeFQi-QiwOCdhdwSH6RZYzLW4Y2DJto5Dtw0Xz6BdO1A0gFsLe-uBOoEq4bv6Is3GfKkJ3Tn8_KUFQ58bI6460k0ee1oza3sACYf7NC7Q78mjnThNmNd_V5ikw_lYupFDdmpLPXHZ1mFZoCLxk_N2CZybQBL9N3sXtI80PZL2ZDHP9BZVCB_r9SYphGuFDC9z0wjGwcMl8UQD_Kvnz4o7a30hezdZ9LvNzH_MrJAhmBIqJzryJmD1aKnzKPosiVNFIaYLzgBc2WOwdkDpXsZG5yc79ajj3yVKKVjj6BwDyDxQfMmIWyYrUgLM0O7keCehCwNELp1ZCRkuSJHnXPYxpxPMsWtREyV53rXKSnxPxk-1LAYKpHjzVT3pXnYBmRJlIZBkdoHu_uM3d96slVnM3Gl6D0V4REsyqsHTRWYyx1xaX193OA4q6OPVCMmvr4etqwOuPkiDnnWzXFonyuyvHfkElRCSxyZH4MlPinP1rjbiF9nJ4xYKeimbteqNXn80-ni3d1DBd1n2Jeol2jckrRcXVZTIQ3A&cid=CAQSPwCNIrLM5rZm4C9L2ThC63u0Pr9J7kAvAvx8YKtRKyyemr_Z_PiB6zrvk3FoVVQ0PvpJU1FpLTCwZb9w53YLMhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

ec0c60afc28872f80e1c7913acede273da1a12dd997c84d8d2171f7592b7e669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15497
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FC6D 0
0 52ms
51ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxzsA3xxTYpSuAZXQ3gOI4ZzgBrzwzo1p7o340eYPsLqg-eYvEAEg6_PPHGCV2oiCmAfIAQWpAphIlDw8P7I-qAMBqgTiAU_QokCGb9YdfhamGNDCRCnx-WvZnNvBz-T62MSE3eWY2ycs7IjPvm21D8FIGW1wBXZpLcmDwLBux9r8UpZMi89lJki6WD86AINa1dOQzhTWWkckpC520l22TPhmMJI74T4Tiq5IVrsaVaeiPNkazTUsvjgTLOoeX3Y_FJWEMxE0D6qFULgFgiYdQf4lY3QZxepfWrzLZJW5InKs4cRxCWt44FdrNxuZ9L44qqh0XxD7TxAgjOtdY49KrSGeEQRz9kfor4MaIKWu6rKfMbggh_rBqkCmDlvBlFOp0I33dsT2-_bABLnsn7ntA-AEA4gFl4Pz5T2SBQYIAxACGAGSBQ0IIhACGAFIy9-1AVABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAe-7sY5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQpdESGKnzt8UB0ggJCIjhgBAQARgdgAoDyAsBsBOLg80OyBOGt9ffA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi0wMTc3ODk4NDE3MjY2OTU0GLLdHA&sigh=F7pfRk3gVkc&uach_m=[UACH]&cid=CAQSPwCNIrLM5rZm4C9L2ThC63u0Pr9J7kAvAvx8YKtRKyyemr_Z_PiB6zrvk3FoVVQ0PvpJU1FpLTCwZb9w53YLMhgB&vt=10
Requested by: Host: b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
URL: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame FC6D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcdfa745524b4790813ec4717c8574a093613c420a28f5d11b5b32e54333eff0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9395 13 KB
5 KB 60ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.babla.co.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5136
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:27 GMT
server-processing-duration-in-ticks: 2127
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 77ms
36ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Apr 2022 18:07:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 123C 12 KB
6 KB 39ms
38ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 16 KB
16 KB 86ms
27ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=VmpB6zKqWSQPc8u3HQtDjREj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29403315
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16600
expires: Fri, 17 Mar 2023 01:42:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 400 B
663 B 72ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=400&s=qejL_9Irgvb-0KwTC4SpoEgt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=674633
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 400
expires: Mon, 18 Apr 2022 13:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 2 KB
3 KB 86ms
28ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoRheinmetall-Group-1262DE-2101221907.gif%3Feb%3D1&v=3&w=400&s=TW6-M6NoE1cuB36irgUkZ_Qy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 2 KB
2 KB 98ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=601383
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sun, 17 Apr 2022 17:10:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 2 KB
2 KB 97ms
40ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoThe-Mobility-House-GmbH-103450DE.gif%3Feb%3D1&v=3&w=400&s=AH87TP1wnWBBdHFFGwxlGYA9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

55a02ab754d765f46e57344f575a204b5110b18917ef191de652cedeea207a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1335854
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2192
expires: Tue, 26 Apr 2022 05:11:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 2 KB
2 KB 99ms
42ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoLG-Energy-Solution-Europe-GmbH-256066DE-2101141527.gif%3Feb%3D1&v=3&w=400&s=liBQ_tHuOCA6Gb1ZV0a158CO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9862fa0fb562eaf7a5554ce74784648df6b52dc85b5d22f56dc7e4a21420a5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2211890
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1708
expires: Fri, 06 May 2022 08:32:18 GMT

GET
H2 404 img
pix.eu.criteo.net/img/ Frame 123C 43 B
243 B 28ms
26ms Image
image/gif 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:26 GMT
server: Finatra
vary: Origin
content-type: image/gif
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 43
expires: -1

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 2 KB
2 KB 40ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBGHM-Berufsgenossenschaft-Holz-und-Metall-179207DE.gif%3Feb%3D1&v=3&w=400&s=r8UtIOS7zymWG9vibBTCGNRi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

384c73425a629332e88a00d515680db81e8e030a948b582bf258b682acd42c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=703954
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2220
expires: Mon, 18 Apr 2022 21:40:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 2 KB
2 KB 43ms
42ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoN26-GmbH-146811DE-1911011235.gif%3Feb%3D1&v=3&w=400&s=v7iW5ol0dBycAluYZcH9GQPj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7df4cb1633e792be6111befe4599578305e9c781180a6969dff468d0ed52a2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2232
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 123C 10 KB
10 KB 41ms
39ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoStatista-GmbH-70120DE-2105281742.gif%3Feb%3D1&v=3&w=400&s=OXyU_K2XUhK0p1K_gEKsnWtn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

381afc3ddc6dbb5d58659e2b0ecdce1c2d54aa827257669e59164a1a7819b511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=2211695
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9982
expires: Fri, 06 May 2022 08:29:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 123C 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=P2-J6fyGqiWgeeHpgZr7_TziToPzKdtIdbJSkPNkQnAeZc-uw2dyFZR9x6Zu-jU9z6kRFa1jbn3VTdFfQ7SJE9e-ECNQfQrJTaICYfMf6tmbvGJJptsMI6iXLQevcLCvhN_k1ZPe_rj69eBY5G4k1RWLs9wOCLEhc2ZJ34B9evTqObZ48uTJio8M7locPxyKz6DmutVxBof9jMB9wbAnIhPlEAY_NBKjb94W5PAHfd6jThiwmedl5s8PV6kMWOEzrQU2RA&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 123C 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 123C 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Apr 2023 18:07:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022040501&jk=1399561068748672&bg=!AAOlA0fNAAZAkm7qYJI7ACkAdvg8Wp9oIyGXYsu8QcMiK3290fw33XzpVkERGaAiVXqbNlDuOdrwxQIAAAB1UgAAAAJoAQcKAPyjzvadKwHavKrFs-RbQboQpjuiXAtFsguscRC0yxPMzgkqNEpfU2GSEnYOJyd-NSoKJIzxQlNTlfw_tzhf4T3-UqeBP9G7MaS2jtoNTxKV0Z5FtkSR_t7Keqv77X6MpDF_HNvHowMbSnjs8Wz7qjLB1ZteOSUi5XA9a3a5AAXCu6IqA8mnfVGEajsBG4eZ9EFzvsfQMDyGT9Edtm7ZEuVPF3Mfy3k1Dv0H1kKNw5fpcbj7gm-a5hZ42bUmfOkBA_HnBhNefvWJ9G92Ar4bQOhnE21VZaFwlaFKmZp3rUod3qVbGeEPfIy1Dp1lKCVtq3ZeGXsnzE3Zfu38uamZApl9xP78mkIu-PxyM8S4saSFq5STihoczUNstHsf4wiMt1nE9Q0FeJftAP_GaVCZhie8pSI1MJhRYhmze89kScGL0BzMUBubzchovZKA-5tydgRWNpSSPcFHHyD4M-5doT7EYDCbank4WbW-MfhDlu62W2jJ65J9ck-pVvoucJs1B9F2z4aqBNfyFkCNhsR7fly4lUpvJtb-cQFZrUzt-MC68cDOlzua8w51A3QOAnQteVI7u3SMAXmOHXRf5YpMftlUbJVdpnRmZ2nGzgJBemSI4iGRGVT6Iso4tf5J6dWF5qs6bU1WYufrCSItdibC9RDDF87uuu6SgCfY94O_W6RElq-eEwlHaGDzq7iVkcwa-LhZUDyAfEOtb5PXHI13coBAMF5xOywzdnJspRO8M319q9XbK1q6DYcUfEOI-eY8gFCnj38S91bxoJNfPaBSDH11Ubgt2mgAFJnmmnrKxg6JODPQqPskNXmVNVvYlQWgBaNV59jW9CFPV1kC1Sc9OovdHQJ-FInPZEaD2iEEh9mifcfAtkQBffaw0ccR1jxcmWJjLOOV4ty8E-B2gsQ3QFoATuXXOSe7xFo0GDHDNI2UncKcuVMAXwh8frRUJNRkxpvjHuUDYlW751aDBydSkDQ6Fwi18jdvT95iBfsxbu-rZ99KwQ6ihAQ17bEeHyKTii3KQ11uQznWQPalxih2IgfoSKfH8Y1Ztcu7qdw6tKyZY2Fv3zJ11c4MkSGwAPwn7ptTApbjg0FfV8Rf31YYP8pzKJ0wJSR0hCk7bjnNUougPWq0izy6STu-VWpqXmye5P64VEHE1j53rZH-vQeamDNX1gQwtgNUB62f5xGEqDqNWCIxbFMgckPa7gH6I9-ysBPdSC4P7s250Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9395
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=babla.co.id&sn=ChromeSyncframe&so=0&topUrl=www.babla.co.id&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=_qLKNXxsUTY2S2Z1VHRhS2VRQkx3dWFKMWpnbUMzdDIrTit2OVo0M0FkRy8yNXhsK1pSUW10SGp2NWxKQXFveTU3ZFhzVXRoWlEveXlMTVNaQ0owM0pRUUc4bFVCR0RTZjdnakl3VkhRMHFyN0t5UmFpaDZ3NjFjWlM0YU...

428 B
632 B

73ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_qLKNXxsUTY2S2Z1VHRhS2VRQkx3dWFKMWpnbUMzdDIrTit2OVo0M0FkRy8yNXhsK1pSUW10SGp2NWxKQXFveTU3ZFhzVXRoWlEveXlMTVNaQ0owM0pRUUc4bFVCR0RTZjdnakl3VkhRMHFyN0t5UmFpaDZ3NjFjWlM0YU9rbVhSYjQ0dWVRYThiNW9RUldCYUJHR1IwSDd5RWNYTVh3eFUxbHdFbmxmMm9sKzlqSWVZeUtrTUltSjZPT1A4TU5sazVIYzVENWtqYm5HR0JIMmxsdUNISmVYRUU2ekRjNytRSkVGWXpVVk5wUE50SVpzTGhyczZIQTNsOUFVMzZBZExUUHdDWEVXQjVTR2c4aS8ydXo4ZHV6cm9OQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

37c6f6255fc6d98c1ad8d96b2a72db44106dd99fb96f38b849368045bd0eed19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4911
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:27 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_qLKNXxsUTY2S2Z1VHRhS2VRQkx3dWFKMWpnbUMzdDIrTit2OVo0M0FkRy8yNXhsK1pSUW10SGp2NWxKQXFveTU3ZFhzVXRoWlEveXlMTVNaQ0owM0pRUUc4bFVCR0RTZjdnakl3VkhRMHFyN0t5UmFpaDZ3NjFjWlM0YU9rbVhSYjQ0dWVRYThiNW9RUldCYUJHR1IwSDd5RWNYTVh3eFUxbHdFbmxmMm9sKzlqSWVZeUtrTUltSjZPT1A4TU5sazVIYzVENWtqYm5HR0JIMmxsdUNISmVYRUU2ekRjNytRSkVGWXpVVk5wUE50SVpzTGhyczZIQTNsOUFVMzZBZExUUHdDWEVXQjVTR2c4aS8ydXo4ZHV6cm9OQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2169
content-length: 541
expires: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame FC6D 41 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 13:10:14 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5edndl.c.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FC6D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5edndl.c.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

67ms
7ms

Fetch
video/mp4

2a00:1450:4001:18::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5edndl.c.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2CE655E239694FC5B1CC1C92FF992F6EEC44797B.1D670F077763548DEDB3AB2CF48ABC9D612E7290/key/cms1/cms_redirect/yes/mh/eS/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1649613500/mv/u/mvi/3/pl/53/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:18::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:28 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2957485
Last-Modified: Thu, 17 Mar 2022 16:04:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 10 Apr 2022 18:07:28 GMT

Redirect headers

date: Sun, 10 Apr 2022 18:07:27 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5edndl.c.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2CE655E239694FC5B1CC1C92FF992F6EEC44797B.1D670F077763548DEDB3AB2CF48ABC9D612E7290/key/cms1/cms_redirect/yes/mh/eS/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1649613500/mv/u/mvi/3/pl/53/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8B4F 23 KB
9 KB 11ms
11ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 07:45:12 GMT
expires: Sat, 08 Apr 2023 07:45:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B4F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 12:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 12:19:04 GMT

GET
H3 206 file.mp4
r3---sn-4g5edndl.c.2mdn.net/videoplayback/id/5c871fdd264e74e8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1681150047/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FC6D 405 KB
0 16ms
7ms Media
video/mp4 2a00:1450:4001:18::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:18::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 10 Apr 2022 18:07:28 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2957484/2957485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2957485
expires: Sun, 10 Apr 2022 18:07:28 GMT
last-modified: Thu, 17 Mar 2022 16:04:01 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B4F 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_ww03xxTYs7lMoyC9fgP96WWsAUAAAAAOAHgBAI&bg=!bW6lbirNAAZAkm7qYJI7ACkAdvg8WrBGMxNds4gLEmapEm1E2VfO1O8UFajbmZ_SbAX2z9_NImhGBwIAAAB4UgAAAAFoAQeZAuaCpIZhBDhvR1mX_sSOqZ35cKl5G1nsNZ2WgiGKduuFstkmY7YKkECEHAUkHtL_bT6NFMCalFWAUkH09mfR2LTydaEli_OMsVmDisvzauiP-mYjvDgJaKWlfP3TdfbM1jbNZXIHAg6qWUnhUQE8O66xJsfDdICDIWRXxW3N7fI6nsYWK0OowxIXe764AJQF7proHWX_jes6Pgg8oc68uffOdj15IPSTS49JLG2FShTt-TMa4h9wVk8lYoUw3K9KHJOFa6EzGbGRyLXkoNRB3w8IVlRpypuPCmZpVjzL2gTT2VYlByQXfgedBVPwGsfZktp8w2zLYq8InydHWICsigPpZbpFsQeK2WezHOMpwlXCl426lE4I-4cp_JNSeupCiXKWjk9VTit4oubtrr30Hy3SQ1qH197waMbbtou22c_v4DMOzmscdEwLRXPoIpGiEsXePpB3I1dKDAz8D32DYQX-Ia33cI4S1qEGkFt9Z9sdoKzqjod-cxauDQF3nwr3pae2eyeOUHVLGR3Vedz79IQIp97E0FxTPN9R___MtnagLpGkktz3_IMz9tejvV8073xCJN5-6002_DnN_wjFbE_B8r1xqnWPTiVPKqjbPe7mByorHo0KqU0lgZR6DnJ86m0ReFvHpZ8RzASLf9Fs-LrjcGuv9sFdHxjrSsnkR7L2QeyPo4hcG1L_16hAskHkPrHFQR6fkcEoeO3I5-B5WG098FMHouO7XsnOSXr0tf-j-YR6z1fpw0gEtwgvqPYnr_l6fS4evP1MMt2UAPZd0ISbHlasTLiVuVHEtrMPhFwp50zSrz1-j2E9PFX23IHHDCgd4488X0O1lkm40CrOq35znVSWBFIVac4v6MQ4nZ9yaWVz1AwWWFTS4ysEZWlgFDBEqMCR5vDCOTaYSUa6NpRGBj07wuBM-loLeO03gJ3wwALKCA8RHubY93rULDzzHyDhWBH87H_LnxgjeVovlRycEzlqNXHd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDEB 42 B
64 B 64ms
48ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlXpDsG6PtJB-adqt4nxH3v2Mz_SuV_ZWU9Wexk90jVLlYN-_H1OYC2Ei6WiXokqonVMFQ1awGIjLvBGldC-HP&sig=Cg0ArKJSzK6DPf9iVOpDEAE&id=lidar2&mcvt=1000&p=182,315,432,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4024796587&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649614047213&rpt=210&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 86D1 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9nYNZ9oZjUbJMngKDq8DhmkdSCoXCK5imXBTSk4cKw1Q-ivVCBe28bhwOs7SCQHcnMq479KkBHtDpkNbUUYBa&sig=Cg0ArKJSzDYnaOjlwg4XEAE&id=lidar2&mcvt=1001&p=457,55,1057,355&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2437791816&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649614047216&rpt=223&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AA17 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 123C 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 10 Apr 2022 18:07:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CC4E 28 B
54 B 30ms
30ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qi059-CYUsA
X-YouTube-Client-Version: 1.20220406.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtqRllrMXR4aHNiOCjeucySBg%3D%3D
X-YouTube-Ad-Signals: dt=1649614046474&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C820%2C461&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 10 Apr 2022 18:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 10 Apr 2022 18:07:28 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame FC6D 0
17 B 333ms
182ms Ping
image/gif 2607:f8b0:4023:c0b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l1tlm1ef&c=158113962481&slotId=79056981240.5&qqid=CNSZqJqLivcCFRWodwodiDAHbA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:c0b::78 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.babla.co.id%2F&domain=www.babla.co.id&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.babla.co.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 10 Apr 2022 18:07:28 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1871
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.babla.co.id%2F&domain=www.babla.co.id&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=rK4mOHxVUVFhSWcwbmxvQUthQVB0d3lJaE5CMktpTFIyZXBrRGg2Sm52L0Zmb2NONzRWZlNFa2JXcHdKT0ZneTBnTnQybXdtQTRYMWFqV0V4TjN6eGJNRzRmdnd1TXNpL0pXL2x6UUNBWTFCZURTVXRKRkNaOGthWkVMVF...

424 B
668 B

18ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rK4mOHxVUVFhSWcwbmxvQUthQVB0d3lJaE5CMktpTFIyZXBrRGg2Sm52L0Zmb2NONzRWZlNFa2JXcHdKT0ZneTBnTnQybXdtQTRYMWFqV0V4TjN6eGJNRzRmdnd1TXNpL0pXL2x6UUNBWTFCZURTVXRKRkNaOGthWkVMVFE3WDZFaDZrUEh3QXk5OWl4NG4rL1dNUHhZRXlUelBZSDNBV1VJQ21DQVBEbVhMTy9FT2JEeFRYMElOZiswM0EwK2ZadW9lc3lvWWxEQm9zeDFlbGQyV1FFUlpRQVljTlhza0RLUWZzM0NxMGFqR3FJVjl4Vy9tL3NGODN6Tm9JbERHZXVhZjBWVFZUMnI5SVlVaEhxZDIvZ2ZZQWxodz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f853b43f9ba12392c948540480f180ba96208088c93978cf98035c071872e283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babla.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3342
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
location: https://mug.criteo.com/sid?cpp=rK4mOHxVUVFhSWcwbmxvQUthQVB0d3lJaE5CMktpTFIyZXBrRGg2Sm52L0Zmb2NONzRWZlNFa2JXcHdKT0ZneTBnTnQybXdtQTRYMWFqV0V4TjN6eGJNRzRmdnd1TXNpL0pXL2x6UUNBWTFCZURTVXRKRkNaOGthWkVMVFE3WDZFaDZrUEh3QXk5OWl4NG4rL1dNUHhZRXlUelBZSDNBV1VJQ21DQVBEbVhMTy9FT2JEeFRYMElOZiswM0EwK2ZadW9lc3lvWWxEQm9zeDFlbGQyV1FFUlpRQVljTlhza0RLUWZzM0NxMGFqR3FJVjl4Vy9tL3NGODN6Tm9JbERHZXVhZjBWVFZUMnI5SVlVaEhxZDIvZ2ZZQWxodz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2410
content-length: 541
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 99ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=uarus31&fmt=json
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e74c8c683f182f4241c6c54537f13df3d520dcbedd7e64fbb16546939076fd0b

Request headers

Referer: https://www.babla.co.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.babla.co.id
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 10 May 2022 18:07:29 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 7437
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

9ms
8ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 8127752ec4bb8bc635fa2b33d6585420c2c396120a09d06902630648c2759f59

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 462
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 18:07:29 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 10 Apr 2022 18:07:29 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame ACE5 3 KB
2 KB 87ms
25ms Document
text/html 23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Apr 2022 18:07:29 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 8138 0
91 B 30ms
24ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 10 Apr 2022 18:07:29 GMT
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame BA27 3 KB
2 KB 73ms
13ms Document
text/html 23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Apr 2022 18:07:29 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 30B5 0
80 B 29ms
25ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 10 Apr 2022 18:07:29 GMT
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A027 52 KB
17 KB 42ms
10ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 45960
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 10 Apr 2022 18:07:29 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 07 Apr 2022 05:21:24 GMT
Fastly-Original-Body-Size: 17053
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 847545
X-Served-By: cache-lga21973-LGA, cache-hhn4077-HHN
X-Timer: S1649614050.682239,VS0,VE0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame C20E
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 8127752ec4bb8bc635fa2b33d6585420c2c396120a09d06902630648c2759f59

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 462
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 18:07:29 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 10 Apr 2022 18:07:29 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A844 281 B
554 B 64ms
17ms Document
text/html 184.30.209.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-209-152.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Apr 2022 18:07:29 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FDCB 15 KB
6 KB 86ms
41ms Document
text/html 23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=133237
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 10 Apr 2022 18:07:29 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 12 Apr 2022 07:08:06 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9CC3 15 KB
6 KB 88ms
45ms Document
text/html 23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=133237
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 10 Apr 2022 18:07:29 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 12 Apr 2022 07:08:06 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F054 52 KB
17 KB 47ms
8ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1649252656
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.babla.co.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 45960
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 10 Apr 2022 18:07:29 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 07 Apr 2022 05:21:24 GMT
Fastly-Original-Body-Size: 17053
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 847546
X-Served-By: cache-lga21973-LGA, cache-hhn4077-HHN
X-Timer: S1649614050.693901,VS0,VE0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C20E 70 B
264 B 33ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C20E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

170 B
232 B

45ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C20E 170 B
232 B 56ms
20ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C20E
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

170 B
232 B

27ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame C20E 0
707 B 145ms
110ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4338619261717351934100&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 04B58DB8D33D4814A1D684F1F293B15D Ref B: FRAEDGE1317 Ref C: 2022-04-10T18:07:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcULN0gpgOCj2pYIDvWQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame C20E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/4338619261717351934100?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xK5BTAJE2oQph_mIxjC1P_uTVikpq4WxfNaqkT4dVg--~A&dongle=0883

37 B
354 B

15ms
15ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-xK5BTAJE2oQph_mIxjC1P_uTVikpq4WxfNaqkT4dVg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 10 Apr 2022 18:07:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-xK5BTAJE2oQph_mIxjC1P_uTVikpq4WxfNaqkT4dVg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C20E 43 B
235 B 546ms
144ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=4338619261717351934100&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame C20E 42 B
595 B 68ms
32ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=4338619261717351934100&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A38CA5DDB86468F9FAEC07E3400475A Ref B: FRAEDGE1420 Ref C: 2022-04-10T18:07:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame C20E
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4338619261717351934100
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t

0
0

173ms
102ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JE0E8ESYYYQF1V1GKSC6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C20E
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 46ms
16ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 10 Apr 2022 18:07:29 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1160
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7437 70 B
264 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7437
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

170 B
232 B

38ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7437 170 B
502 B 49ms
19ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7437
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

170 B
232 B

20ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMzODYxOTI2MTcxNzM1MTkzNDEwMA%3D%3D
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 7437 0
568 B 187ms
159ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4338619261717351934100&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D7AFCD8F19B541A1BCC5FD659F49B0EB Ref B: FRAEDGE1317 Ref C: 2022-04-10T18:07:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcULN04ggJjopb0N+74w==

GET
H2

200

xuid
eb2.3lift.com/ Frame 7437
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/4338619261717351934100?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-GEb9ARdE2oS4MAVpJB_ZRNaYmrQetHSPmrarSdkQag--~A&dongle=0883

37 B
354 B

13ms
12ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-GEb9ARdE2oS4MAVpJB_ZRNaYmrQetHSPmrarSdkQag--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 10 Apr 2022 18:07:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-GEb9ARdE2oS4MAVpJB_ZRNaYmrQetHSPmrarSdkQag--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7437 43 B
235 B 1128ms
729ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=4338619261717351934100&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 7437 42 B
282 B 61ms
32ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=4338619261717351934100&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F305ECAF7D74128A1300CB0B0EB416D Ref B: FRAEDGE1420 Ref C: 2022-04-10T18:07:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 7437
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4338619261717351934100
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t

0
0

139ms
99ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V7V5QZYVH9GB15Z7JEPF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4338619261717351934100&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 7437
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A027 0
741 B 15ms
14ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:29 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab8317f8-7c34-4569-a59e-16b2ca020202
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A844 32 KB
10 KB 18ms
17ms Script
text/html 184.30.209.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-209-152.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8558f0065e6626134905a7421f31a12c4ae038e1a4adef70c1752489ef6cdb2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36514
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9542
Expires: Mon, 11 Apr 2022 04:16:03 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F054 0
741 B 22ms
14ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:29 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8c194ca6-433f-41d4-abcb-b2f510d753db
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 575B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

28ms
28ms

Document
text/html

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ef17408a83ad3a90dfe32872312b81f419f98432e85718f7a4de17b941933891

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1632
Content-Type: text/html
Date: Sun, 10 Apr 2022 18:07:29 GMT
Dropped-Udsids: 230|241|45|39|221|47|8|5
Expires: Sun, 10 Apr 2022 18:07:29 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 10 Apr 2022 18:07:29 GMT
Expires: Sun, 10 Apr 2022 18:07:29 GMT
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1505
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

27ms
27ms

Document
text/html

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9cb70129717a6c63562d81ea3dd40e275b7ab28c66915fc244f919838f5e5010

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1699
Content-Type: text/html
Date: Sun, 10 Apr 2022 18:07:29 GMT
Dropped-Udsids: 230|241|45|39|221|41|31|65
Expires: Sun, 10 Apr 2022 18:07:29 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 10 Apr 2022 18:07:29 GMT
Expires: Sun, 10 Apr 2022 18:07:29 GMT
Location: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FDCB 2 KB
3 KB 152ms
13ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61958393&p=158679&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 347991c7118a1d0a53c15ad5181ffc8d74209ca0987c75731c72cabc07f9be21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame A844
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1TLM0D9-6-L2U6&sigv=1&esig=2~e89b5762632cce20cd230222da08249155a22214

0
194 B

59ms
17ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1TLM0D9-6-L2U6&sigv=1&esig=2~e89b5762632cce20cd230222da08249155a22214

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1TLM0D9-6-L2U6&sigv=1&esig=2~e89b5762632cce20cd230222da08249155a22214
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame A844
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1TLM0D9-6-L2U6

0
142 B

160ms
158ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1TLM0D9-6-L2U6
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C15114D1B58C4ED88AD8D39CB123F543 Ref B: FRAEDGE1317 Ref C: 2022-04-10T18:07:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcULN3vWvGbh92fKu3VQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1TLM0D9-6-L2U6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A844
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFUTE0wRDktNi1MMlU2

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFUTE0wRDktNi1MMlU2

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFUTE0wRDktNi1MMlU2
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame A844 0
0 45ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A844
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1YjllN2RjMmE5ZDhjZjhmZDI1YzE0NDI5OWQ1MjU3MmI1ODBmOQ

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1YjllN2RjMmE5ZDhjZjhmZDI1YzE0NDI5OWQ1MjU3MmI1ODBmOQ

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ1YjllN2RjMmE5ZDhjZjhmZDI1YzE0NDI5OWQ1MjU3MmI1ODBmOQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A844
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDlnOeNvHH9gCdJywd16Bco&google_cver=1

0
239 B

579ms
11ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDlnOeNvHH9gCdJywd16Bco&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDlnOeNvHH9gCdJywd16Bco&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A844
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2H8V2Dn9Qqy1KKdRWGFR7g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2H8V2Dn9Qqy1KKdRWGFR7g

43 B
556 B

103ms
103ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2H8V2Dn9Qqy1KKdRWGFR7g

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7WYQS4F4BHAXVW8WJPJ8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2H8V2Dn9Qqy1KKdRWGFR7g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame A844 70 B
264 B 33ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 8852
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D

35 B
468 B

19ms
19ms

Document
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 10 Apr 2022 18:07:30 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 10 Apr 2022 18:07:29 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7F4A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&gdpr=0&gdpr_consent=

42 B
495 B

16ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Apr 2022 11:46:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug0023:0:390

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 10 Apr 2022 18:07:30 GMT
Expires: Sun, 10 Apr 2022 18:07:29 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4320 2f2dfe5 master ord-pixel-x55 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 52E3
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4783300139410853172

42 B
366 B

17ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4783300139410853172
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Apr 2022 10:51:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug0022:0:521

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4783300139410853172
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A21F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
341 B

40ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Apr 2022 18:07:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug015:0:333

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 18:07:29 GMT
expires: Sun, 10 Apr 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1886099
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=urCSUX2yTRC4sbY_eDY3bQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

10 KB
10 KB

19ms
18ms

Image
text/html

23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=133237
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Tue, 12 Apr 2022 07:08:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc6d6253-1ce2-4500-b4fa-5e45b636f145

0
260 B

74ms
15ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc6d6253-1ce2-4500-b4fa-5e45b636f145
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: MT3 4320 2f2dfe5 master ord-pixel-x57 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc6d6253-1ce2-4500-b4fa-5e45b636f145
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 10 Apr 2022 18:07:29 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame FDCB
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=BAB09251-7DB2-4D10-B8B1-B63F7836376D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=dbf853ab-9581-4999-9d51-8ad8d1083e04&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95fc1399978d94dc/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=739c4cacfcbc6b2171808e3d185c547e&gdpr=1
https://spl.zeotap.com/?zdid=1332&zcluid=95fc1399978d94dc
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=43dc34c3-6d97-43c0-4b88-16426b4ae29d&reqId=ebe8ccc2-868d-4bbd-474c-0fdc0c1faf96&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJnmDm9tinN_O-3AggcaTiY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=43dc34c3-6d97-43c0-4b88-16426b4ae29d&reqId=ebe8ccc2-868d-4bbd-474c-0fd...

95 B
164 B

55ms
44ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJnmDm9tinN_O-3AggcaTiY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=43dc34c3-6d97-43c0-4b88-16426b4ae29d&reqId=ebe8ccc2-868d-4bbd-474c-0fdc0c1faf96&zcluid=95fc1399978d94dc&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6f9d6c27fd27d61c-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJnmDm9tinN_O-3AggcaTiY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=43dc34c3-6d97-43c0-4b88-16426b4ae29d&reqId=ebe8ccc2-868d-4bbd-474c-0fdc0c1faf96&zcluid=95fc1399978d94dc&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkFCMDkyNTEtN0RCMi00RDEwLUI4QjEtQjYzRjc4MzYzNzZE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
188 B

107ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 10:47:52 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:436
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEORGdS-gsLfZtywOZTehmyA&google_cver=1

42 B
593 B

108ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEORGdS-gsLfZtywOZTehmyA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:373
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEORGdS-gsLfZtywOZTehmyA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame FDCB 43 B
610 B 71ms
23ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 09 Apr 2022 18:07:29 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2165095886364596985

42 B
234 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2165095886364596985
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:387
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2165095886364596985
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dbf853ab-9581-4999-9d51-8ad8d1083e04

42 B
373 B

54ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dbf853ab-9581-4999-9d51-8ad8d1083e04
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:413
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dbf853ab-9581-4999-9d51-8ad8d1083e04
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3564401216501117414&gdpr=0&gdpr_consent=

42 B
232 B

111ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3564401216501117414&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:402
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:29 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dd8610ba-4033-4a70-8dd3-2ac606b19294
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3564401216501117414&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf

42 B
315 B

74ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:554
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1505 170 B
188 B 21ms
20ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1505
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t

43 B
645 B

101ms
100ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HF341YR89AA7N1JKR7P0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZJPRWNK29WABYKY8P2Q3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1505
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlMc4UkpWOKmc9FnKmq4gAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1

43 B
1000 B

24ms
24ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:07:30 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1505 70 B
264 B 37ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 1505
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y

49 B
545 B

40ms
40ms

Image
image/gif

54.77.12.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 54.77.12.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-12-91.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.189
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y
cache-control: no-cache
x-server: 10.45.14.107
content-length: 0
expires: 0

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 1505 43 B
408 B 122ms
15ms Image
image/gif 72.251.245.179
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-7
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 1505
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7029004501938460023&uid=Q7029004501938460023&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

23ms
23ms

Image
image/gif

23.75.246.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-246-168.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 1505
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649700450&gdpr=1

43 B
315 B

191ms
18ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649700450&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:07:30 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649700450&gdpr=1
pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1505 43 B
424 B 34ms
32ms Image
image/gif 23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YlMc4UkpWOKmc9FnKmq4gAAA%261216
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:30 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=793
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:20:43 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 575B 170 B
188 B 21ms
21ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 575B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t

43 B
645 B

101ms
101ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2XK65HZNNA05YT5N0607
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VSJEH6Q7NMCWP74X3D5T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlMc4UkpWOKmc9FnKmq4gAAABMAAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 575B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlMc4UkpWOKmc9FnKmq4gAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1

43 B
1000 B

25ms
25ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:07:30 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFO2mrN3Gg3kM9aFXxfyBjw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 575B 70 B
264 B 35ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 575B
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y

49 B
264 B

37ms
37ms

Image
image/gif

54.77.12.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 54.77.12.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-12-91.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.129
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YlMc4UkpWOKmc9FnKmq4gAAA%261216&gdpr=1&gdpr_consent=&us_privacy=&ct=y
cache-control: no-cache
x-server: 10.45.26.74
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 575B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gUSIbw411NDBYe5&gdpr=1

43 B
988 B

30ms
29ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gUSIbw411NDBYe5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:07:30 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:29 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gUSIbw411NDBYe5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 575B
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=149e7c3f-0a48-42de-90d6-7d33f7a38dbc&expiration=1681150050

43 B
1 KB

23ms
22ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=149e7c3f-0a48-42de-90d6-7d33f7a38dbc&expiration=1681150050
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:07:30 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=149e7c3f-0a48-42de-90d6-7d33f7a38dbc&expiration=1681150050
date: Sun, 10 Apr 2022 18:07:30 GMT
server: Kestrel
content-length: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 575B 0
0 51ms
39ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 575B 43 B
424 B 17ms
16ms Image
image/gif 23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YlMc4UkpWOKmc9FnKmq4gAAA%261216
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.babla.co.id%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:30 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=793
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 10 Apr 2022 18:20:43 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A027 0
741 B 14ms
13ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 96e81fc1-e3d5-4cee-89f9-968781d90ac1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F054 0
741 B 48ms
47ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Apr 2022 18:07:30 GMT
X-Proxy-Origin: 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7639f6df-f719-4d3b-ba40-aa0cc500f8c6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame FDCB 0
128 B 180ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158679&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9CC3 2 KB
3 KB 14ms
14ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62994363&p=158679&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: eb1f15d72454c1f1d150ee7459528537a70ede4a7f132316638c38010eeae36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:32 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7085038404388911259

42 B
366 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7085038404388911259
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Apr 2022 18:07:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug004:0:403

Redirect headers

Connection: keep-alive
Date: Sun, 10 Apr 2022 18:07:32 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7085038404388911259
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7376
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlMc5AAHdEOqwgA-&gdpr=0&gdpr_consent=&_test=YlMc5AAHdEOqwgA-

1 B
235 B

14ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlMc5AAHdEOqwgA-&gdpr=0&gdpr_consent=&_test=YlMc5AAHdEOqwgA-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 18:07:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug010:0:410

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 10 Apr 2022 18:07:32 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlMc5AAHdEOqwgA-&gdpr=0&gdpr_consent=&_test=YlMc5AAHdEOqwgA-
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4036-HHN
x-timer: S1649614053.946846,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9978
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

16ms
16ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Apr 2022 18:07:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug020:2:600

Redirect headers

content-length: 0
date: Sun, 10 Apr 2022 18:07:32 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CACF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w9yYVrfxSgxS23L_XkPp0cEbDiQ

42 B
298 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w9yYVrfxSgxS23L_XkPp0cEbDiQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 10 Apr 2022 18:07:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug005:0:411

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Apr 2022 18:07:33 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w9yYVrfxSgxS23L_XkPp0cEbDiQ

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 9CC3
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&addseg=19,36,42

0
0

783ms
157ms

Image
application/json

104.36.113.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&addseg=19,36,42
Protocol: H2
Server: 104.36.113.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Sun, 10 Apr 2022 18:07:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 9CC3
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BAB09251-7DB2-4D10-B8B1-B63F7836376D&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BAB09251-7DB2-4D10-B8B1-B63F7836376D&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

34ms
33ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BAB09251-7DB2-4D10-B8B1-B63F7836376D&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:30 GMT
frontend-id: 9
location: /pubmatic/1/info2?sType=sync&sExtCookieId=BAB09251-7DB2-4D10-B8B1-B63F7836376D&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 9CC3 95 B
176 B 48ms
46ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BAB09251-7DB2-4D10-B8B1-B63F7836376D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6f9d6c362826d61c-MXP
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 9CC3
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D
https://a.audrte.com/p

68 B
617 B

96ms
95ms

Image
image/png

18.215.193.43

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 18.215.193.43 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 18:07:33 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 10 Apr 2022 18:07:33 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 BAB09251-7DB2-4D10-B8B1-B63F7836376D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9CC3 43 B
987 B 37ms
35ms Image
image/gif 2a05:d018:d29:3602:79ce:4a08:37f6:a715
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/BAB09251-7DB2-4D10-B8B1-B63F7836376D?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:79ce:4a08:37f6:a715 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 9CC3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sa_4YLxE2uXXbDffBGCpqyajg.sPuNo-~A&gdpr=0&gdpr_consent=

0
128 B

15ms
14ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sa_4YLxE2uXXbDffBGCpqyajg.sPuNo-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sa_4YLxE2uXXbDffBGCpqyajg.sPuNo-~A&gdpr=0&gdpr_consent=
date: Sun, 10 Apr 2022 18:07:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

sync
m.fg8dgt.com/ Frame 9CC3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=150a7d1f-ddb1-4193-bfed-3ff4060f102a

0
0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 9CC3 0
103 B 33ms
13ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BAB09251-7DB2-4D10-B8B1-B63F7836376D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Apr 2022 18:07:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9CC3
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:876a107b-3b20-4e2c-bedc-830114f79f58&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
187 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:876a107b-3b20-4e2c-bedc-830114f79f58&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:07:32 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:296
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:876a107b-3b20-4e2c-bedc-830114f79f58&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 10 Apr 2022 18:07:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9CC3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7038684863358579859&gdpr=0&gdpr_consent=&us_privacy=

1 B
324 B

15ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7038684863358579859&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 13:16:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0025:0:420
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7038684863358579859&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 10 Apr 2022 18:07:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=94

Domain: m.fg8dgt.com
URL: https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=150a7d1f-ddb1-4193-bfed-3ff4060f102a

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 04:23:10	Name: sync Value: CgoIoQEQiKOjpYEwCgoIgQIQiKOjpYEwCgoI4gEQiKOjpYEwCgoI5gEQiKOjpYEwCgoIhwIQiKOjpYEwCgkICRCIo6OlgTAKCQg6EIijo6WBMAoJCAsQiKOjpYEwCgoIjAIQiKOjpYEwCgkIXxCIo6OlgTA=
.babla.co.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: fl74of3pjvhlgt369vv5p0p6i3
.babla.co.id/	1970-01-20 04:37:34	Name: languages Value: id.enid.en.es.0..
.babla.co.id/	1970-01-20 10:59:10	Name: _ga Value: GA1.3.1152423371.1649614046
.babla.co.id/	1970-01-20 02:15:00	Name: _gid Value: GA1.3.1205511347.1649614046
.babla.co.id/	1970-01-20 02:13:34	Name: _gat Value: 1
static.bab.la/	1970-01-20 02:23:38	Name: AWSALBCORS Value: Tsf7rGt4QziZCI6s7Gb+q8y+xBfbBLn/fWAIamuB8XPSGgsG9ZdIpdG8tEifux6b2GCdrgp0VjVx+cK/8NII9TCvH5o7aUPYkTSxBGv07hby6wxu0HSHOEmAo6a8
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fyaq2x_56FY
.youtube.com/	1970-01-20 06:32:46	Name: VISITOR_INFO1_LIVE Value: jFYk1txhsb8
www.babla.co.id/	1970-01-20 10:59:10	Name: iawpvccs Value: 1
www.babla.co.id/	1970-01-20 10:59:10	Name: iawpvc Value: 1
www.babla.co.id/	1970-01-20 02:56:46	Name: _pbjs_userid_consent_data Value: 3524755945110770
.babla.co.id/	1970-01-20 02:56:46	Name: _sharedID Value: 84f3dd19-3720-4393-aabc-28a7328996c5
.adnxs.com/	1970-01-20 04:23:10	Name: uuid2 Value: 3564401216501117414
.rubiconproject.com/	1970-01-20 10:59:10	Name: khaos Value: L1TLM0D9-6-L2U6
.rubiconproject.com/	1970-01-20 10:59:10	Name: audit Value: 1\|hLZGFuTafB1IkgnBmJVpk/+oE/PhLWQEKtLvkckcz9scPxm3GZEWzEKS1/c0YaWQ9LrHSpsZ4mV/u/cbvwaJUcxuhZpbWKLtxxM1oedpNDo=
www.babla.co.id/	1970-01-20 02:23:38	Name: AWSALB Value: 7HtlWMlgn3g9uuxE6DOTA+6cNv9i/SOgB+Ztc47m/ouXTRkl72AfGzefC2xk1H4Jw3gl7y5yKr1tPjAfKzAg2zwaYjSubw2JhqMdVf4KlAO4sY9CZbvxnIFmagL5
www.babla.co.id/	1970-01-20 02:23:38	Name: AWSALBCORS Value: 7HtlWMlgn3g9uuxE6DOTA+6cNv9i/SOgB+Ztc47m/ouXTRkl72AfGzefC2xk1H4Jw3gl7y5yKr1tPjAfKzAg2zwaYjSubw2JhqMdVf4KlAO4sY9CZbvxnIFmagL5
.adnxs.com/	1970-01-20 04:23:10	Name: icu Value: ChgIm-VgEAoYAiACKAIw3rnMkgY4AkACSAIQ3rnMkgYYAQ..
.babla.co.id/	1970-01-20 11:35:10	Name: __gads Value: ID=92ced26ec317a6ed-22979fab72cd0033:T=1649614046:S=ALNI_Masol_QMwyJDU95NpSCBVTeqbSlNQ
.doubleclick.net/	1970-01-20 11:35:10	Name: IDE Value: AHWqTUk6QGw2_l25WOzqOm4IpmabiQeRsdCI0vx4D4OwBn0s5nbjL6rqKZROsRrPFHQ
.blau.de/	1970-01-20 02:23:38	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTExMDAwMDAwMDA2MTY0OTYxNDA0N3ZsZWExZGUyMDIyMDQxMDIwMDcyNzY2OTYxNTcyNzY5WDExNzY2N1YxMjI1MTMxMTA2TVN2aWV3b25laWQ4UmRGRGY4ZmVkMVBVZ0hZdEV0eHRrazJVR1M1dFFma29uZWlkX19kYm1uYXRfUHJvc19BbGxuZXQxMTc2Njc
.blau.de/	1970-01-20 02:23:38	Name: nscQ486 Value: V
.blau.de/	1970-01-20 02:23:38	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022041020072766961572769X117667V1225131106MSviewoneid8RdFDf8fed1PUgHYtEtxtkk2UGS5tQfkoneid__dbmnat_Pros_Allnet&wfid=117667
.criteo.com/	1970-01-20 11:35:10	Name: uid Value: e7ccdc62-8629-4188-b489-87abd67b665a
.www.babla.co.id/	1970-01-20 10:59:10	Name: bConsent Value: dismiss
www.babla.co.id/	1970-01-20 02:13:37	Name: _lr_retry_request Value: true
www.babla.co.id/	1970-01-20 02:56:46	Name: _lr_env_src_ats Value: false
.3lift.com/	1970-01-20 04:23:10	Name: tluid Value: 4338619261717351934100
.doubleclick.net/	1970-01-20 02:13:37	Name: DSID Value: NO_DATA
.adsrvr.org/	1970-01-20 10:59:10	Name: TDID Value: dbf853ab-9581-4999-9d51-8ad8d1083e04
www.babla.co.id/	1970-01-20 03:39:58	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22dbf853ab-9581-4999-9d51-8ad8d1083e04%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-10T18%3A07%3A29%22%7D
.ads.pubmatic.com/	1970-01-20 02:15:00	Name: KCCH Value: YES
.babla.co.id/	1970-01-20 11:35:10	Name: cto_bundle Value: qyOxI19xa1pibldZYXgxeVFSYkpEa2xteWpXVzdBbkROOXpmOTltM254WXRMMVBvUUlNMG5IJTJCelhPNEYxeUtuTU5tSnQlMkIxSjZYRVdqdUVVanlnTkVuTGdCRXJOa0dDVlBMUnpOQzlUY3ZqbWFucmNUenQlMkJYJTJCODZiJTJGTHVlcDMzMEpDRW15VklqcE5BSzRxNm14NXM0NHU2eUZ3JTNEJTNE
.bing.com/	1970-01-20 11:35:10	Name: MUID Value: 1C9309067F8161710B1518847EEA605C
.babla.co.id/	1970-01-20 11:35:10	Name: cto_bidid Value: X2hzcF9pcm1kSEJhTWlRRW41Y05UeEtES3VWVzd1VkR3SHUzYSUyRldYUjAlMkJwNzBmYUZFbkpObmhrWTclMkJPU0FBYlBXN204a043dlYlMkJtRVZsbmJLMUwlMkZVV3k0YTJXWDFSTyUyQmhZdXFHRExBJTJCYUl3V1ZBJTNE
.yahoo.com/	1970-01-20 10:59:31	Name: A3 Value: d=AQABBOEcU2ICEK4TpyNxNizyEjH9SFx0xO0FEgEBAQFuVGJdYgAAAAAA_eMAAA&S=AQAAAqP2bgv_rt9oAC-5r4rk_Rg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:45:27	Name: bcookie Value: "v=2&a7d8d783-f9f6-46d9-8ab6-06d3e401902f"
.linkedin.com/	1970-01-20 19:39:13	Name: li_gc Value: MTswOzE2NDk2MTQwNDk7MjswMjGi/7K8FdFd7puyfFZdY+axN0Q0MX2QPVviFY6st7zEmg==
.linkedin.com/	1970-01-20 02:15:00	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2395:u=1:x=1:i=1649614049:t=1649700449:v=2:sig=AQGdJuJGm4khXHGw09jBy_mkVP_M4_ei"
.pubmatic.com/	1970-01-20 04:23:10	Name: KADUSERCOOKIE Value: BAB09251-7DB2-4D10-B8B1-B63F7836376D
.pubmatic.com/	1970-01-20 04:23:10	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 02:15:00	Name: pi Value: 158679:2
.pubmatic.com/	1970-01-20 04:23:10	Name: DPSync3 Value: 1649635200%3A174%7C1650758400%3A197_219_201
.pubmatic.com/	1970-01-20 04:23:10	Name: SyncRTB3 Value: 1650758400%3A161_56_54_7_3_8_220_21_13%7C1650844800%3A35
.casalemedia.com/	1970-01-20 04:23:10	Name: CMPS Value: 3235
.casalemedia.com/	1970-01-20 10:59:10	Name: CMID Value: YlMc4UkpWOKmc9FnKmq4gAAA
.casalemedia.com/	1970-01-20 04:23:10	Name: CMPRO Value: 1216
.quantserve.com/	1970-01-20 04:23:10	Name: d Value: EIoBCwHvJfijAA
.quantserve.com/	1970-01-20 11:43:48	Name: mc Value: 62531ce1-f1828-6a1d5-e5d85
.adform.net/	1970-01-20 02:56:46	Name: C Value: 1
.simpli.fi/	1970-01-20 11:00:36	Name: suid Value: 27E210FBCAAA4EBA8A34B94E10FE17F4
.adform.net/	1970-01-20 03:39:58	Name: uid Value: 2165095886364596985
.pubmatic.com/	1970-01-20 04:23:10	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 04:23:10	Name: KRTBCOOKIE_377 Value: 6810-dbf853ab-9581-4999-9d51-8ad8d1083e04&KRTB&22918-dbf853ab-9581-4999-9d51-8ad8d1083e04&KRTB&23031-dbf853ab-9581-4999-9d51-8ad8d1083e04
.pubmatic.com/	1970-01-20 02:56:46	Name: KRTBCOOKIE_391 Value: 22924-2165095886364596985&KRTB&23263-2165095886364596985
.w55c.net/	1970-01-20 11:42:22	Name: wfivefivec Value: gUSIbw411NDBYe5
.w55c.net/	1970-01-20 02:56:46	Name: matchcasale Value: 5
.casalemedia.com/	1970-01-20 02:15:00	Name: CMST Value: YlMc4WJTHOIA
.de17a.com/	1970-01-20 10:51:58	Name: guid2 Value: 1.4783300139410853172
.pubmatic.com/	1970-01-20 04:23:10	Name: KRTBCOOKIE_80 Value: 22987-CAESEORGdS-gsLfZtywOZTehmyA&KRTB&16514-CAESEORGdS-gsLfZtywOZTehmyA&KRTB&23025-CAESEORGdS-gsLfZtywOZTehmyA
.pubmatic.com/	1970-01-20 04:23:10	Name: KRTBCOOKIE_57 Value: 22776-3564401216501117414&KRTB&23339-3564401216501117414
.pubmatic.com/	1970-01-20 04:23:10	Name: KRTBCOOKIE_153 Value: 1923-OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf&KRTB&19420-OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf&KRTB&22979-OXH3Gz4gpxkiJfMQPXvvHm5yph0iJvdMN3YuVPuf
.owneriq.net/	1970-01-20 19:44:46	Name: si Value: Q7029004501938460023
.owneriq.net/	1970-01-20 02:27:58	Name: p2 Value: cc
.pubmatic.com/	1970-01-20 02:56:46	Name: KRTBCOOKIE_336 Value: 5844-4783300139410853172
.crwdcntrl.net/	1970-01-20 08:42:21	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 08:42:21	Name: _cc_id Value: 739c4cacfcbc6b2171808e3d185c547e
.onaudience.com/	1970-01-20 10:59:10	Name: cookie Value: 95fc1399978d94dc
.onaudience.com/	1970-01-20 02:15:00	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 10:59:10	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjsqpiq4MnNOhAFGAEgASgCMgsI6JTl2vbJzToQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/	1970-01-20 02:15:00	Name: done_redirects104 Value: 1
.mathtag.com/	1970-01-20 11:39:29	Name: uuid Value: dbfb6253-1ce2-4900-a265-69eabd25c1a0
.onaudience.com/	1970-01-20 02:15:00	Name: done_redirects219 Value: 1
.pubmatic.com/	1970-01-20 04:23:10	Name: KRTBCOOKIE_27 Value: 16735-uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&KRTB&16736-uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&KRTB&23019-uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0&KRTB&23208-uid:dbfb6253-1ce2-4900-a265-69eabd25c1a0
.pubmatic.com/	1970-01-20 02:56:46	Name: PugT Value: 1649591174
.pubmatic.com/	1970-01-20 02:56:46	Name: SPugT Value: 1649614049
.amazon-adsystem.com/	1970-01-20 08:36:36	Name: ad-id Value: Ay_IsV6W90dCuTErimLSFKE
.amazon-adsystem.com/	1970-01-22 00:01:05	Name: ad-privacy Value: 0
.zeotap.com/	1970-01-20 10:59:10	Name: zc Value: 43dc34c3-6d97-43c0-4b88-16426b4ae29d
.zeotap.com/	1970-01-20 02:15:00	Name: zsc Value: %EAO%CD%9Be%22%ECJ%EE7%7DF8%7D%93%F2%EAu%AC%83%CF-%13+S%FF%D2e%88%9E%21%EBO%07%16%A5%AC%CC%B2J%AB%907%F5%D5%0A%3F%DDo%D7%095%9A%A8%E8%D5t%8D%7D%FF%136%AD%91%C9%C6%B8%AF%D3%9D%D17%89%CA%89%2Cu%9C%BF%3E%A5%DEA
beacon.lynx.cognitivlabs.com/	1970-01-20 10:59:10	Name: UID Value: 149e7c3f-0a48-42de-90d6-7d33f7a38dbc
beacon.lynx.cognitivlabs.com/	1970-01-20 10:59:10	Name: ss Value: I3c2pHwt9NwuOYsxP0Xk7CQXP0pPY%2FuLgnBReIBXZBVwOMnApTYIBOtpTDQLhPWyeiXF2eIi%2F0KUvrcxvno7EA%3D%3D
.casalemedia.com/	1970-01-20 10:59:10	Name: CMRUM3 Value: 0562531ce105a0&f162531ce105a0&e662531ce12760&2d62531ce22760CAESEFO2mrN3Gg3kM9aFXxfyBjw&0862531ce22760149e7c3f-0a48-42de-90d6-7d33f7a38dbc&dd62531ce12760&2762531ce10b40&2f62531ce105a0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.babla.co.id/bahasa-inggris-bahasa-indonesia/prow Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=94' from origin 'https://www.babla.co.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=94 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 max-age=15780000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
acdn.adnxs.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.eu.criteo.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.rlcdn.com
as.ad4m.at
aud.pubmatic.com
b1sync.zemanta.com
b53f327a0773e6a9e8c8627e750e427e.safeframe.googlesyndication.com
beacon.lynx.cognitivlabs.com
bid.g.doubleclick.net
bidder.criteo.com
boot.pbstck.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.pbstck.com
cm.adgrx.com
cm.g.doubleclick.net
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
idm-d.openx.net
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
intake.pbstck.com
jnn-pa.googleapis.com
js-sec.indexww.com
m.fg8dgt.com
match.adsby.bidtheatre.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.blau.de
pix.eu.criteo.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r3---sn-4g5edndl.c.2mdn.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s0.2mdn.net
s3-eu-west-1.amazonaws.com
script.4dex.io
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.bab.la
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
www.babla.co.id
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
api.rlcdn.com
m.fg8dgt.com
104.36.113.68
108.177.15.155
13.248.245.213
141.94.170.64
142.250.184.194
15.197.193.217
151.101.1.108
151.101.66.49
159.122.14.34
159.65.197.210
172.217.18.98
178.250.0.160
178.250.0.162
178.250.0.163
178.250.0.165
178.250.2.135
178.250.2.146
18.156.0.31
18.215.193.43
184.30.209.152
185.33.221.52
185.64.189.110
185.64.189.112
185.86.138.122
198.47.127.19
198.47.127.20
2.18.232.7
2001:678:cb4:bbbb::11
213.155.156.184
216.200.232.253
23.0.33.234
23.35.228.201
23.35.228.247
23.75.246.168
23.88.75.186
2600:9000:223c:c000:1e:a43d:b640:93a1
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:10::6816:5d
2606:4700:10::ac43:1997
2606:4700:20::681a:809
2606:4700:20::681a:8a9
2606:4700:20::ac43:4950
2606:4700:20::ac43:4a81
2606:4700::6812:372
2607:f8b0:4023:c0b::78
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:18::8
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2016
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::1c
2a02:2638::2
2a02:2638::b
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:79ce:4a08:37f6:a715
3.122.208.3
35.157.246.167
35.201.96.126
35.211.178.172
35.244.159.8
35.244.174.68
37.157.5.142
52.200.205.250
52.218.45.120
52.29.60.125
52.46.154.242
54.77.12.91
54.81.207.173
64.202.112.191
69.173.144.165
72.251.245.179
77.243.60.138
78.46.85.162
84.200.5.215
85.114.159.93
96.16.132.239
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cae37d6505ee302ed02a4087fc5240ba8b8ef7b81b2c521fd949c5fa8ca32b0
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1662c3a71b5a56c517a3eacb1d7dd2428180f0e49aea25f9de5c8cfe5db4d50e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
2267d17819c0c925964c7178c787daa18b6dea25258ea2aefc76d850718efd00
23404eb7e3ad034c4ae180b3e8b613120b47e99e9266f3dc35952c4f777c9877
29847a07229f24dc5257e2acdc7cb313e5311febb957a26bdefe6695e8786653
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae8e549eed064907cb4814f5fe7ee0404da87c227567b7dc57a2d7ace83280b
2c313697279d286cadf8c885a827f4c2e44ee4e99a5da6184a69871affe24499
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f99071bf4ecb465e444e9ee981c7bf3b5c49b00144bddaa5f8b6a806b1d3e70
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
310372b7d5bcc0b083eb61b6bc180ca8153040080b6c323310ae7ad4645ccd64
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
335885b94f8aacfe32d8ed64a18065321bc1c17570405e943eaf1ba2cb760ebd
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
338500270906aaa0d9e04683185f3786b3d661fc48cf2ffae235ea39f6fff34f
347991c7118a1d0a53c15ad5181ffc8d74209ca0987c75731c72cabc07f9be21
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37c6f6255fc6d98c1ad8d96b2a72db44106dd99fb96f38b849368045bd0eed19
381afc3ddc6dbb5d58659e2b0ecdce1c2d54aa827257669e59164a1a7819b511
384c73425a629332e88a00d515680db81e8e030a948b582bf258b682acd42c9c
3afe034ebfe61ce86fbb63b88908b9f689b0459837f48218acb394639bf5982f
3bc1f399f92bba28ccdefca0513e5736dea94230ec89985a2affc058aba24934
3d36e36027a54196995b2658d0d31ac14f0543407722ece94106c2c7a6646d91
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f868f655fe552d136d012a43236ee92440f5738f020f508d94ff7568e43c062
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4108d70cc83a90264f30fae9e48c641a25a975d53f89e49582dac8f5fd721a44
41fa467ca228570a4c0becbfce550a7661e1b7a3df6d70b007d03f54e73a3be1
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
490b77ad61fab2dd3b79fd532a09c304d7989943f3f5bea054046211704e9720
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8
51746c69166c0b6c44f2a8972300355b814e2eed534f46c298f039811b4e79e2
52fa257bb139a1106d31ae133c4c77c78adbe8f00a9ff918af92fe3b94e6ee7f
53b0da82a6ba44e4ca5e7531d5e1c17e6e96ab95408a799d93fb8dbb48a12ad0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a02ab754d765f46e57344f575a204b5110b18917ef191de652cedeea207a0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
5a8135b028622082405eb7dfa7822247070514d5d68e21aebb9ce872afcedba8
5bd7e0b18dc509c68f0f2b619915b7c3cd834b9a66fe77d54d59573946214db7
5c0afaa30634451791bd237725e2cba7a572f053b55dc4fcf2ccd4eab3049993
5dc586e860303804646bbb646aa78446b8964622bac883441dc0a8aed3eb30de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623726792321de0c1d606533650c9d62311913859aebac565b2632eb2a40eb1f
63884073c630b7bdab4841eccb77662d05bfe036e441a4e4e8753a647e44ce0a
65f8aa8e29a6672dc954c87f72557e86bf48a646abb7bf7cd542de46a632d36a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca3f6d64956475bf9563c55e5c8afb1156bf568e2b2c7a80d72a4a0235b7bf3
6fb8353188e58fbbb49adacb8129a7c683f8a1a773d32f3f06c552c1b75e8623
760afd3f25f7ddf2a155fbba51b021d995e8d3fb1255ae50d34f065fa27891b8
7b21f09f9346124764660e065de2ec85a1184ae2a506f7fd1c9f5915be5ef86c
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7df4cb1633e792be6111befe4599578305e9c781180a6969dff468d0ed52a2e2
8127752ec4bb8bc635fa2b33d6585420c2c396120a09d06902630648c2759f59
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85536f1615289518b0bcca6b63793f7c21aab9903e0142995f8ccc3fd32d0d08
8558f0065e6626134905a7421f31a12c4ae038e1a4adef70c1752489ef6cdb2c
88ac952f4677077d5c70b85d010b4dcead03c5540c0bce583d8fac27995b3af1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bac4dd25b0742c184218d62275bf628e290fef0aa57e91298b71d1287fdd5ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4b950f8fd71185e46b93313dac4915b86940bf6590c46c89f9afb0743aeb7f
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
912f7c9d543d77ac3792241bb3a47d3f3baa35896ac8fec7e2f6490e1e3edeb6
9233e060958a4be52c37a9aac0d8f769de4d5d9eecdccd87e0b6ba450ba92d2e
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
93c4a575fb143c0fe4610139c46dd39ab46b460d2c2d177e07e08dc0e9d31da7
94059e53a13ebb0d9bca105db7af3d6187d1080fd3507764efdce2e0557fe420
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96c883f1586c58d11af6b793b20290d2ec07d154a08b9f3d0636882466080bed
9862fa0fb562eaf7a5554ce74784648df6b52dc85b5d22f56dc7e4a21420a5e5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c666ae759d6b39fb201d8646ae4045f58e2f65b61128659ecfaad9a24fb996f
9cb70129717a6c63562d81ea3dd40e275b7ab28c66915fc244f919838f5e5010
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30dae716326d216db9ab33bab355e545f02f796cef3e1e41f360d68e7c450cb
b3c1069de3fb5149802265c54fa7b8b4eb914f2491762be09635dddb0ae73a86
b4671c17ec3eb8b9ea6a7a419e026cff3ed8c2e7722c913331cfd01c603420e3
b473636cb1c10eee2ec98ad0ce8493fc7dca9259d2ff6d0669495f98e1f5d238
b5c8050cb1abe7ac6eb0225ad2fa7db8569b3fdb2f67779a4bfe1d64c9df7dff
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcdfa745524b4790813ec4717c8574a093613c420a28f5d11b5b32e54333eff0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
c9ad7f6da0bf492d071ff8f1f7c864332ef41b90daa648b64d13b27179b13cca
ca2f82d11226b1c690c54b4b88cb08d8b821ec8b97a8be96bb118b455d24396a
cb5917fad36a8737b6aadd461a6c9c4052244472f68f7de691c8cfffce6651fd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5a0a190df74deff90aa44798af044bcab474553769cc2a7f7688aacff9000e7
d6d3d0e52df21431faa9ce892825477821ea7a61c557b21900319c2660941311
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f
d92fbb01affbba7b3508caa233e8dec138785da2d35b01bcbec95e02fce3e656
dafbbb391982070a41a5abadcdf64f9eb3662a8512e4bb29c2ecd928bf054625
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8e703556ed5844d21cb430a071e95ceaf2c0eb60255979bb4e872da0916fc
e74c8c683f182f4241c6c54537f13df3d520dcbedd7e64fbb16546939076fd0b
e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb1f15d72454c1f1d150ee7459528537a70ede4a7f132316638c38010eeae36a
ec0c60afc28872f80e1c7913acede273da1a12dd997c84d8d2171f7592b7e669
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecf9b4bf48c77d6534111361336c14bbd9336603f81c599ac66ca1fcb14f8136
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee7910036d06a5e48e65573b3c8ae2b8b69ef15cd57993bd72513312ec22c397
ee7dbf82a052d0cf78f2cfc7fe652ab100a8f5d0b942245059410d09b807c946
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef17408a83ad3a90dfe32872312b81f419f98432e85718f7a4de17b941933891
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7127bb4ac6035761b86da45e9c91c8418da8c882c78f6a2ce61496a88bf30bb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f853b43f9ba12392c948540480f180ba96208088c93978cf98035c071872e283
f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c
fe91292d7d03317a293bea03b44d2ecc433cb3e8d50baa923ac094422fef369d
fe98486bb8e0cb99b230caa8b8fccea37cd931d9f02e9f941bbfd1ec3293a7b5

www.babla.co.id Open in urlscan Pro 2606:4700:20::681a:809 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

307 Requests

84 %HTTPS

46 %IPv6

66 Domains

116 Subdomains

85 IPs

10 Countries

2769 kBTransfer

8058 kBSize

85 Cookies

16 Outgoing links

Redirected requests

307 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.babla.co.id Open in urlscan Pro
2606:4700:20::681a:809 Public Scan

Screenshot
Live screenshot

Full Image

307
Requests

84 %
HTTPS

46 %
IPv6

66
Domains

116
Subdomains

85
IPs

10
Countries

2769 kB
Transfer

8058 kB
Size

85
Cookies

307 HTTP transactions
5 data transactions