www.sonora.id Open in urlscan Pro
2600:9000:243d:2a00:0:ddab:1ac0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sonora.id/
Effective URL:
https://www.sonora.id/
Submission: On November 06 via api (November 6th 2023, 4:51:59 pm UTC) from US — Scanned from DE

Summary HTTP 308 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 64 IPs in 12 countries across 47 domains to perform 308 HTTP transactions. The main IP is 2600:9000:243d:2a00:0:ddab:1ac0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.sonora.id. The Cisco Umbrella rank of the primary domain is 223632.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 20th 2023. Valid for: a year.

This is the only time www.sonora.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:243... 2600:9000:243d:fa00:0:ddab:1ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:243... 2600:9000:243d:2a00:0:ddab:1ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
68	18.173.233.14 18.173.233.14	16509 (AMAZON-02) (AMAZON-02)
1	52.219.128.103 52.219.128.103	16509 (AMAZON-02) (AMAZON-02)
1	199.91.74.174 199.91.74.174	21859 (ZEN-ECN) (ZEN-ECN)
1 15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	138.113.147.185 138.113.147.185	54994 (ML-1432-5...) (ML-1432-54994)
8	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:243... 2600:9000:243d:b400:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	18.239.83.58 18.239.83.58	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	43.129.34.148 43.129.34.148	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
8	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	3.74.50.207 3.74.50.207	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6	81.17.55.161 81.17.55.161	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2 9	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	54.220.165.75 54.220.165.75	16509 (AMAZON-02) (AMAZON-02)
7	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	54.251.181.187 54.251.181.187	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
5	43.129.34.52 43.129.34.52	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	18.173.233.103 18.173.233.103	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:31fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	23.50.131.90 23.50.131.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
308	64

1 2600:9000:243d:fa00:0:ddab:1ac0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.sonora.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:2a00:0:ddab:1ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sonora.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 18.173.233.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-14.dus51.r.cloudfront.net

imgx.sonora.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.128.103 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

kgdata-cdn.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.91.74.174 (Mexico)

ASN21859 (ZEN-ECN, US)

scripts.jixie.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.113.147.185 (Canada)

ASN54994 (ML-1432-54994, CA)

adsimg.kompas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:b400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.83.58 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-58.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.129.34.148 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hb.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.50.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.220.165.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.251.181.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-181-187.ap-southeast-1.compute.amazonaws.com

tracker.oval.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 43.129.34.52 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

traid.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-103.dus51.r.cloudfront.net

asset-a.grid.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.131.90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-90.deploy.static.akamaitechnologies.com

accounts.tokopedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

at.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

kompascybermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	sonora.id 1 redirects www.sonora.id — Cisco Umbrella Rank: 223632 imgx.sonora.id — Cisco Umbrella Rank: 229647	761 KB
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	689 KB
25	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	292 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	190 KB
10	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	19 KB
10	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 24 region1.analytics.google.com — Cisco Umbrella Rank: 3040 ampcid.google.com — Cisco Umbrella Rank: 2931 www.google.com — Cisco Umbrella Rank: 2	81 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 dsum.casalemedia.com — Cisco Umbrella Rank: 1396	5 KB
9	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8705 c.mgid.com — Cisco Umbrella Rank: 6710 cdn.mgid.com — Cisco Umbrella Rank: 11457 servicer.mgid.com — Cisco Umbrella Rank: 8714 s-img.mgid.com — Cisco Umbrella Rank: 8620 cm.mgid.com — Cisco Umbrella Rank: 1536	115 KB
8	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1591	5 KB
8	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 13042	2 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	6 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	357 KB
6	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 19490	2 KB
6	jixie.io hb.jixie.io — Cisco Umbrella Rank: 37705 traid.jixie.io — Cisco Umbrella Rank: 33870	3 KB
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	314 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	104 KB
5	oval.id tracker.oval.id — Cisco Umbrella Rank: 52770	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6862 ampcid.google.de — Cisco Umbrella Rank: 86280	989 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	327 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	569 B
3	adbro.me tag.adbro.me — Cisco Umbrella Rank: 23603 apis.adbro.me — Cisco Umbrella Rank: 27731	11 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	32 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 695 kompascybermedia-d.openx.net — Cisco Umbrella Rank: 60568	553 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	870 B
3	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 903	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	2 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674 cdn.indexww.com — Cisco Umbrella Rank: 1531	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	666 B
2	kompas.com adsimg.kompas.com — Cisco Umbrella Rank: 66872	118 KB
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 12394
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	655 B
1	bahn.de at.bahn.de — Cisco Umbrella Rank: 121114	1 KB
1	tokopedia.com accounts.tokopedia.com — Cisco Umbrella Rank: 33210	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	27 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	273 B
1	grid.id asset-a.grid.id — Cisco Umbrella Rank: 34075	13 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534	63 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462	380 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 22680	176 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	15 KB
1	jixie.media scripts.jixie.media — Cisco Umbrella Rank: 34774	15 KB
1	amazonaws.com kgdata-cdn.s3.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 63952	17 KB
308	47

	Domain	Requested by
68	imgx.sonora.id	www.sonora.id imgx.sonora.id
40	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.sonora.id cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com www.gstatic.com
15	securepubads.g.doubleclick.net	1 redirects www.sonora.id securepubads.g.doubleclick.net www.googletagservices.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.sonora.id cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com www.googletagservices.com
9	www.gstatic.com	www.sonora.id cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
8	g2.gumgum.com	adsimg.kompas.com
8	bs.yandex.ru	adsimg.kompas.com
8	fonts.gstatic.com	www.sonora.id fonts.googleapis.com
8	fonts.googleapis.com	www.sonora.id imgx.sonora.id client securepubads.g.doubleclick.net cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
7	fastlane.rubiconproject.com	adsimg.kompas.com
6	www.googletagservices.com	securepubads.g.doubleclick.net cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com www.sonora.id
6	prg8.smartadserver.com	adsimg.kompas.com
6	i.ytimg.com	www.sonora.id
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	traid.jixie.io	scripts.jixie.media
5	tracker.oval.id	kgdata-cdn.s3.ap-southeast-1.amazonaws.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	region1.analytics.google.com	www.googletagmanager.com
4	www.googletagmanager.com	www.sonora.id www.googletagmanager.com tag.adbro.me
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	match.adsrvr.org	scripts.jixie.media ssum-sec.casalemedia.com
3	cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.de	www.sonora.id
3	sb.scorecardresearch.com	1 redirects www.sonora.id
3	unpkg.com	1 redirects www.sonora.id www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	accounts.google.com	imgx.sonora.id accounts.google.com
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	2 redirects
2	eus.rubiconproject.com	adsimg.kompas.com eus.rubiconproject.com
2	www.googleadservices.com	cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
2	ad.doubleclick.net	1 redirects
2	id5-sync.com	cdn.id5-sync.com
2	googleads.g.doubleclick.net	www.sonora.id cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
2	tag.adbro.me	www.sonora.id
2	www.google.com	1 redirects tpc.googlesyndication.com
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	www.sonora.id
2	htlb.casalemedia.com	adsimg.kompas.com
2	rtb.openx.net	adsimg.kompas.com
2	jsc.mgid.com	www.sonora.id jsc.mgid.com
2	adsimg.kompas.com	www.sonora.id adsimg.kompas.com
2	www.sonora.id	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	kompascybermedia-d.openx.net	adsimg.kompas.com
1	js-sec.indexww.com	adsimg.kompas.com
1	eb2.3lift.com	adsimg.kompas.com
1	at.bahn.de	cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
1	apis.adbro.me	tag.adbro.me
1	accounts.tokopedia.com	scripts.jixie.media
1	s0.2mdn.net	tpc.googlesyndication.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	asset-a.grid.id	imgx.sonora.id
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	s-img.mgid.com	www.sonora.id
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	www.sonora.id
1	ampcid.google.de	www.google-analytics.com
1	a.teads.tv	adsimg.kompas.com
1	prebid-asia.creativecdn.com	adsimg.kompas.com
1	tlx.3lift.com	adsimg.kompas.com
1	hb.jixie.io	adsimg.kompas.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	www.sonora.id
1	scripts.jixie.media	www.sonora.id
1	kgdata-cdn.s3.ap-southeast-1.amazonaws.com	www.sonora.id
308	75

This site contains links to these domains. Also see Links.

Domain
lestari.sonora.id
account.sonora.id
widgets.mgid.com
www.mgid.com
clck.mgid.com
twitter.com
www.facebook.com
www.instagram.com
bangka.sonora.id
legal.sonora.id

Subject Issuer	Validity	Valid
*.sonora.id Amazon RSA 2048 M01	`2023-06-20` - `2024-07-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-25`	a year	crt.sh
*.jixie.media Sectigo RSA Organization Validation Secure Server CA	`2023-09-15` - `2024-08-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.kompas.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-07` - `2024-07-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jixie.io Sectigo RSA Organization Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tracker.oval.id Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.grid.id Amazon RSA 2048 M01	`2023-07-13` - `2024-08-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
adbro.me GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.tokopedia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-30` - `2024-07-30`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
at.bahn.de GeoTrust TLS RSA CA G1	`2022-12-14` - `2024-01-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.sonora.id/
Frame ID: F96FF304334633F710178D25B1FF802E
Requests: 189 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1699289504208996375797
Frame ID: 842D36E7AFEA19E19B955D8A22E0F45E
Requests: 1 HTTP requests in this frame

Frame: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 026B7ABCB26B2FB49E035F8EA296EB17
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1434B7D8CBE87F08666562BFBB335BF5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E24CBB6E88195A9301D6EEFA5740146
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPBevGJuXMsF-03NuHE06HuQ_x_dxZT1yubniYQFVgS4b7Qc-aoVRYAsIwbt3Z-tT475tf2SU1F3zEAxmLqWY2_pkw0f_5c9kI-lz3T4HAt9L0GRhwqg8emDj93pe3u5dpRk6WWKI6XTGPmPhYpBlJA0CVuKyIXh_cv9rggMJe_F566zXbv6TkxV7l6bxeYbkbBpayN7xSyGoFWVNu6miMzho3_NdG131IZTmYq7zBoc4PFHX_F26AJb2cRXlGPzpLc_Ar4Wa_inZCcr17pfb30EJfGKcXBsb5G-bSB7Yx20lgyYZs6EMt1djafqhuatc&sai=AMfl-YQjDuBsItZT8n1kv0kXI3su291tKCj4cYUul7kwMtSr1aQ__lJq5f3iY-yehU8ob3OH9PfpMCFTBuRra4RN29yvkN8WsTAz8pUIVvJXJEmll-3sF8E8gwXRyTIQ-cJLjvz4BRBCRrGENrvbjws&sig=Cg0ArKJSzLLJheA3XFmAEAE&uach_m=[UACH]&adurl=
Frame ID: BBDD21D4B61455DFBC0DEC5AB3E259F3
Requests: 8 HTTP requests in this frame

Frame: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ACDA86F905A7D68CD8B5EBA87B1A9271
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022310201815000/amp4ads-v0.mjs
Frame ID: B95364A331B0BE1D4238C113E3E4D98F
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss398_OXUMpttVMJ5j8sZv3LnBvKZ7ZlwBwBK42d6pdhdO0YObOtCRfTvfAwL-Fqwj270lTZM9e4SpDfutk-NMpuvqJRYXsGfQjkCE3OCtZy5kEPt3yg3w2eOHBAW8ZEGMJJ4J5CdrXog6hjV-W9QOVUbpBqT6BBQhx3ShslEYHanvd6WEC1InF3nA-XtVUNdfZOJ-ghfGuM7Oh37wHSnv6-j__Xzrg1N6iVgxG1eL0_WSa0ILF_Hiho0IQslWEYguEdAgxx3uY3hNDQxGEwiJdlo2kUEkIp5UJWcnWc46uc7O2gshDxaGcGSn89yCYfgs&sai=AMfl-YTozCjARGF4JhJ0o0-KYzSSlLAj8p1PHYKmKIORIRaluCKhC4uUJi2BlF5p-7n1_qjZppbpawtTIT6yl_JOYEKI9-SIolKIT8Bryan9bXdCPPGSaJDFqPmbINN5kmxDRICq6jQnCrZNVWvJI0Y&sig=Cg0ArKJSzGPK3gsd3sMZEAE&uach_m=[UACH]&adurl=
Frame ID: FA892DD19EAF8B73DC2B09299A66CE9C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTnSaeWRK0i0xzWFcumR5BBwtPtMPrQ6Dgk8fmVSuTohEWw2wUJFdvXbphJfz_ahLA6m_LseEpXxQ2T2GLwliJf0B3mAxN8CqvljKAdQQmB5K8qIiuQj5RVecaVE_76suGGJjBTXf4vSD9Xe2S6u7oFHZGIC7y62vGXId9Se_5hBNcNofwfyQnZGwy964op_q4kol8uV-G7ufwS0z2_1yhARnkPFcQM-iBYct31S8hx81y5Uoj8Ut6N7DpsM_XMvUPGWHEg9kSu2_XR0nPAoAFPmKuDb1FJJMh3ne2lVQFmpuaG2JXwAuH-TdFEOk_WnU&sai=AMfl-YQsu45JI-Y3iypH1emzCKENvNrwGpoAycO1ImJdwoPGpWfg965V8WALAuHRezNUeWo2eEYNsatye5UREksZulCBNgK0-ZkfSSpfv-iNxsTPPImYfPMwtCOaXg0QHS9lwGKfgL9qJ55q39am73Q&sig=Cg0ArKJSzHLjgtMfnGtUEAE&uach_m=[UACH]&adurl=
Frame ID: 7788C94616909A60546187DE185E16BF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEgyGnCv_KWH5X5rVpqxyjj26_wFC8CkbE-IxGdHdcePd5dS7OVVSEk8MujzPG5QFBcT6Bu7JVnVhPcl6KoPSJxLW-UczErvttHLfKMvg2Hmfyigmc5siWDSdX-Cnd3tcFUA581PSshFDhLekR4x3msfT-dLVWfLx0VcoWt3ZoSurxSSFAVCGgQ3G4I0DrMg9B_GVRh1Dsfx0-bAj6k6kC7oic4GDs9X9gHpGgZVjBDq06knKxmEhtbrWeoLH4VbqiA9W71zXY49W6LCMMnOwzGfWdOFjuRGNuO-wF4W6PxlNW8X5p_h8XEr9lpDKIKi8&sai=AMfl-YThXH1x0bJPHdEjQD2-9UtjFujTCJibz7QRdi_nItbCycCD9D1mmfdC0-OCvqm9JVmjIMihXxLz3YAT2xYsc3xOKs-qppVzRPqWDui84s8EX0HM33jOLSkvaWps8Zhv8bNwH0Cr1D1IzF8LQp8&sig=Cg0ArKJSzFOleeAAR6YvEAE&uach_m=[UACH]&adurl=
Frame ID: 17E43052B22C144E710821EB7064CCBE
Requests: 8 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: 6B2EB28EAEC32937BBA55DA060E1E179
Requests: 8 HTTP requests in this frame

Frame: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0AA005394C5068ED21BDA22938181FCD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: 8C1179F6B3ED896A4E5710BAE3284706
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4D88554F14DF3DB65073CC3CD1B2178
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
Frame ID: 6EC3A1E9775E2665DA17DF458A342324
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: B77EFE58C7EBC1E4641B368C3CCB8BA3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 47B050A26A2291873CB72B8542FFE81A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B1D07F845709A737F72ACED85FE35FBD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9AAF05F7353A5D87B40B16B94B71C946
Requests: 1 HTTP requests in this frame

Frame: https://kompascybermedia-d.openx.net/w/1.0/pd
Frame ID: FF6A58A42D9920968F8EBE60B10DC36D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EFE8EAE137D0DC01EEDEBE21677F8CC7
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 88C1668EC596A7E3C23EFC3535F8A380
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sonora.id websitelinesearchwhatsapptwitterfacebookinstagram

Page URL History Show full URLs

http://www.sonora.id/ HTTP 301
https://www.sonora.id/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

308
Requests

96 %
HTTPS

51 %
IPv6

47
Domains

75
Subdomains

64
IPs

12
Countries

3622 kB
Transfer

8020 kB
Size

52
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://lestari.sonora.id/
Title: Lestari

Search URL Search Domain Scan URL

URL: https://account.sonora.id/register/c29ub3Jh==
Title: REGISTER

Search URL Search Domain Scan URL

URL: https://account.sonora.id/login/c29ub3Jh==/aHR0cHM6Ly93d3cuc29ub3JhLmlkLw==
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.sonora.id&utm_medium=referral&utm_campaign=widgets&utm_content=990698

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16840762/i/57326532/0/pp/1/1?h=2PGHruUKVXfyBeMEfqOI1ucYYhSym0eaQ6QRdu4MLwnz_hK-Wr2t65F11Gl13r6xfMbn0vmJn7_V-MTqI1pG9Q**&rid=c4224a8e-7cc4-11ee-90e2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://twitter.com/SonoraFM92

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sonorafm92/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sonorafm92

Search URL Search Domain Scan URL

URL: https://bangka.sonora.id/
Title: Bangka Sonora

Search URL Search Domain Scan URL

URL: https://legal.sonora.id/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sonora.id/ HTTP 301
https://www.sonora.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js

Request Chain 169

https://sb.scorecardresearch.com/c2/8077308/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 271

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 274

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30016034.377544236;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30016034.377544236;dc_pre=CJjJ-drqr4IDFXGW_QcdCccNeg;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Request Chain 278

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVkUmoBlJZbP0L5GSjuwPuN2K0AyEnsWGdNeso_OaEtnZHhABIMrW4x9glaqUgqAHoAGgz6S2AsgBCakCIqxay4EIsj7gAgCoAwHIA0iqBKUCT9DXawfVW2zoroVTj1u6TDFEvGiAIFmW_FMu4S_-_TUaa0BZOY4z48IE4Juj76yz_-i2_yjUWBPVSFRauKae7XQClYEmmTPwBtpY7M3wF0WDwH3QwaJOUAokqBVXEqmJ5KOG3Mul2bwAxmTq4IFtvqBXOyZINoYYQEAvsANOQVoYXqi1DSVPQTEmq9k71LxOSh3ljtxoepUUiLhi8gi8uZxGEPrYYwk19hnzdZcJHKxGXHsLapEc02f3CV5zij2Y5Xgq2IF9BDwwQ0buAi_Kji9LpeJZpE2GD4DD8_OtIWQj-gEn_YN-J8V4h4T7fzhjND0fbJf_0nQjGmat6XoJ6FSRfcqzdrQbOFv9VozTZsqrFuZLRPz519gdQ85pE5QjEO06vCvABPuRrb7WBOAEAYgFxKe-j02SBQQIBBgBkgUECAUYBKAGLoAHyLDbyQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCtjwrSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgnhAmh0dHBzOi8vd3d3LmJhaG4uZGUvYW5nZWJvdC9zcGFycHJlaXMtZmxleHByZWlzL3N1cGVyLXNwYXJwcmVpcz9kYmthbmFsXzAwMT1MMDFfUzAxX0QwMDFfS1NFMDAwMV9HMTYwNTdfMTEyM19GVl9TQUxFX1NQQVJfU3VwZXJTcGFycHJlaXMtSGVyYnN0LTIwMjNfR0ROMV9TU1AtUTQtMjAyMy0wMS0xMS0wOC0xMS0yMDIzLUhUTUw1LUJhbm5lci1MZWJlbnNlcmVpZ25pc3NlLTMwMC02MDBfTFowMSZleHRQcm92SWQ9NSZleHRQdT0xNDA1OC1nYXcmZXh0TGk9MjA3MDIwMDgyNjAmZXh0Q3I9MTYwNjU1MTY1NjkxLTY3OTIwNTA5MzQ3MyZleHRTaT13d3cuc29ub3JhLmlkJmV4dFRnPSZrZXl3b3JkPSZleHRBUD0mZXh0TVQ9gAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCNv9strqr4IDFRGJgwcduK4CytgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDEyNDY4NDY5NzcxOTczGNHDEQ&sigh=iUEGySvID2M&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNIsltXTg3iejyUe8QTXBi09k2JnD6TiGmXm_IUz0iBKzJT54KelcNxyS924nRXjEwIewunf-MdFDpFi4BOrzvjwEytB45bhgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217063866942253465403%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650717088%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227215626956523757649%22}&andc=true

Request Chain 303

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 305

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUkZo43l0MZSY1J-CPGZRgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHr9RkDXY48WSPATxfMR7Y0&google_cver=1

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsfgQbsxbH7tfOf1TrhbY0&google_cver=1

Request Chain 307

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 311

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4810447182658392797

Request Chain 312

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4227092469573558393&expiration=1700499107

308 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sonora.id/
Redirect Chain

http://www.sonora.id/
https://www.sonora.id/

147 KB
27 KB

48ms
16ms

Document
text/html

2600:9000:243d:2a00:0:ddab:1ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:2a00:0:ddab:1ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PHP/7.1.32
Resource Hash: 1db2eb6ac6841752e89645086fd001d4321f9b6cd1f5eb0d10504ed47a1726cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, OPTION
access-control-allow-origin: *
age: 54
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:50:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 3e1c75dd4bc1e056caa1604e0e55ea30.cloudfront.net (CloudFront)
x-amz-cf-id: un41anVr48ESS50Z6a-MsQKq41ywzEKMR5xBKbNzpmPvowK84mPU5g==
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
x-powered-by: PHP/7.1.32

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 06 Nov 2023 16:51:42 GMT
Location: https://www.sonora.id/
Server: CloudFront
Via: 1.1 5d1a69823c5f0381c7fe170df3cfc5ea.cloudfront.net (CloudFront)
X-Amz-Cf-Id: YCmy_6NHzZlmk2rf1Ei-RUHKObWDOTcU5HFr7_qwk3d-avAMflFlag==
X-Amz-Cf-Pop: DUS51-P4
X-Cache: Redirect from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 3 KB
925 B 45ms
19ms Font
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:44:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:42 GMT

GET
H2 200 style-sonora-v21.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 63 KB
17 KB 78ms
14ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=TltN7Jur
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 05f34410de3687656a9cf57d1d7684352a82f75c80fde8cc029212ca46f0b12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 06:35:05 GMT
date: Wed, 27 Sep 2023 06:35:05 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: mMfJRg.m4s7Zui9cuWfkoAcAR6rBSbb8
x-amz-cf-pop: DUS51-P3
age: 3492997
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 3d25a131ad89f903b32638c5a6179a82f947e450db7e3621fd7194476d4ac3c6
x-cache: Hit from cloudfront
content-length: 17084
last-modified: Wed, 27 Sep 2023 03:10:28 GMT
server: nginx
etag: "55c2343eca7064467a22a68031c8a7c8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: v2KtMXcBY6e-yjLWNLo37Y9CuJ3ICN6cJyzZXWToMojughTPT9TBcw==
x-amz-meta-s3b-last-modified: 20230927T030940Z

GET
H2 200 style-sonora-v21.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 63 KB
17 KB 79ms
16ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 05f34410de3687656a9cf57d1d7684352a82f75c80fde8cc029212ca46f0b12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 06:35:05 GMT
date: Wed, 27 Sep 2023 06:35:05 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: mMfJRg.m4s7Zui9cuWfkoAcAR6rBSbb8
x-amz-cf-pop: DUS51-P3
age: 3492997
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 3d25a131ad89f903b32638c5a6179a82f947e450db7e3621fd7194476d4ac3c6
x-cache: Hit from cloudfront
content-length: 17084
last-modified: Wed, 27 Sep 2023 03:10:28 GMT
server: nginx
etag: "55c2343eca7064467a22a68031c8a7c8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XNE2lHRyyAhR8STecLJH5zbc0q1RxQ0KRLEVVD1bBucRSCmF2ciXAg==
x-amz-meta-s3b-last-modified: 20230927T030940Z

GET
H2 200 cls-sonora.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 281 B
692 B 82ms
19ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/cls-sonora.min.css?v=RQJKGiMw
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: bd445832f140e616125496d3688dbd4f3824a26d950037166948afd03a7da00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:17:09 GMT
x-amz-version-id: Pc7EIsx1SqgZ5zuM0bXPnoeiBipK.sG2
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Fri, 03 Jun 2022 07:12:40 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10053274
etag: "245f7536cf05361ab1f7bc04583c4e19"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 281
x-amz-cf-id: SI9b6BaDaP-MyMWKIOPPpZqB3nIv6DetMXX4A4vTCDgyTaM8WOzr7g==
expires: Fri, 12 Jul 2024 08:17:09 GMT

GET
H2 200 icon-sonora-v2.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 8 KB
4 KB 83ms
20ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/icon-sonora-v2.min.css?v=VWMOJNj7
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 358bb78e64619300ba8a0ca53c52a1eb1a2aecaff233cfde516b3d6c38ea54c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:17:09 GMT
date: Thu, 13 Jul 2023 08:17:09 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: 28iUcuzijl1RBNn5OlgTIE0cvRMKkdfw
x-amz-cf-pop: DUS51-P3
age: 10053274
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 2acb72c878604c2d037a0f5b46a6883fefb444cb3faa00945a466559e6256f11
x-cache: Hit from cloudfront
content-length: 4047
last-modified: Tue, 13 Jun 2023 07:40:26 GMT
server: nginx
etag: "b1dd9a64bfc4dffac4e8a4dd4b1dad24"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bce2a0gD11pXGVgQyBA4b4kmeJaTZ5CxMvCxeamDUOUbBLt0j4vPsw==
x-amz-meta-s3b-last-modified: 20230613T073951Z

GET
H2 200 jquery-3.6.0-v2.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 87 KB
31 KB 86ms
23ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/jquery-3.6.0-v2.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:18:36 GMT
date: Thu, 13 Jul 2023 08:18:36 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: b.WDVVPZvGIupn6e4lReX4v4_sLhx8Fp
x-amz-cf-pop: DUS51-P3
age: 10053187
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 726eaa966e9584ecacab28dd2c628b3966735c01e79136f4316507a28d0c3a85
x-cache: Hit from cloudfront
content-length: 30766
last-modified: Tue, 13 Jun 2023 07:29:33 GMT
server: nginx
etag: "8ff66703ecc44aba4f3880c87b3bb9db"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xx3TZF8fAui579t2JQABwY0UR9EiTpbf1zwNmVw6ZTqAL4QNIqLaUw==
x-amz-meta-s3b-last-modified: 20230613T072841Z

GET
H2 200 additional.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 1 KB
2 KB 85ms
22ms Script
application/x-javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/additional.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 790ed97f913e3a42a6fc482cd444ccbdeff27af8f36a52f52f939e8ad08d9f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:18:35 GMT
x-amz-version-id: vOlXYwmtJ4Eo.Uhn3PrTUAoxv7uUkIjc
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 04:37:57 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10053188
etag: "3113349f9ed57ae045be1070dd2a450e"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1121
x-amz-cf-id: scDPIV48M18kPmwRpvy0t-C2WrTTFqxzESKxmf6tmoer33-_k5ho2Q==
expires: Fri, 12 Jul 2024 08:18:35 GMT

GET
H2 200 ssouser_v2.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 830 B
1 KB 88ms
26ms Script
application/x-javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/ssouser_v2.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9d83335d8e41e5a2ccbb3a1b3718fb650edbe2e162608748d14194407f2d381c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:18:35 GMT
x-amz-version-id: ghaBGNHKPPxG06vHDu5uwMroJreNLdbE
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Tue, 15 Nov 2022 08:32:56 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10053188
etag: "bef882b1ee7e313fb5e284ebb0f6e209"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 830
x-amz-cf-id: BIIDRZ6-p0agk5wIjQnrs1VdDJ-gWMC2s7ICSiBLQnyH-tNfA-uOWg==
expires: Fri, 12 Jul 2024 08:18:35 GMT

GET
H2 200 progress-bar.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 588 B
984 B 83ms
21ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/progress-bar.min.css
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b079ce75fb3ca734c45e44fb7888bb12cd8ea68aab0a7f2dded81f9ebd8e2fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:40:45 GMT
x-amz-version-id: null
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 08:10:13 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051858
etag: "b7e11ea03b664cdfe332272ebfa92b20"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 588
x-amz-cf-id: iIhEXkju_Lir2YspV31i_rCZaiolWKKLVpZuBI7TU88en3Mm6GBQag==
expires: Fri, 12 Jul 2024 08:40:45 GMT

GET
H2 200 slick.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 1 KB
1 KB 84ms
22ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/slick.min.css
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:40:45 GMT
date: Thu, 13 Jul 2023 08:40:45 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: 7PxilEXaNmtHDWsUwzOy_f54lGDUdWML
x-amz-cf-pop: DUS51-P3
age: 10051858
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 05a09c18bba8a3d922137f7fdef4dbbcfc58f510818c60d4a0be492cdb50689a
x-cache: Hit from cloudfront
content-length: 495
last-modified: Fri, 16 Jun 2023 08:09:49 GMT
server: nginx
etag: "fba702daf94c3946c4abec013b8161df"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LIuGB4G79oaMRJD7whZETVWxKVCGUT7KUc1NuBXHeDEJfaJGHdZbDg==
x-amz-meta-s3b-last-modified: 20230616T080852Z

GET
H/1.1 200
OK oval_web_analytics_latest.js Show response
kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/sonora/ 16 KB
17 KB 742ms
178ms Script
application/javascript 52.219.128.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/sonora/oval_web_analytics_latest.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.128.103 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e9d637c709a0a48b71bc167bc4fa4600465dd40a94053d2f30598c7228eaa2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 16:51:44 GMT
Last-Modified: Wed, 01 Nov 2023 03:30:46 GMT
Server: AmazonS3
x-amz-request-id: AN8G9HSCW667EBZC
ETag: "e9b75176c5be93f768b2a571af3e8787"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 16812
x-amz-id-2: x9UBi7QJcl3qF63ELLMXu6/5QF5SRuvHVgtSqvoba2gAHKcj79lwqD57ox2pih3RWNX+8DTFAMk=

GET
H2 200 jxpublisher_3_1.min.js Show response
scripts.jixie.media/ 35 KB
15 KB 1453ms
159ms Script
application/javascript 199.91.74.174
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.174 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: c2271d2fb55418eb8a76beae80659aa6e03bac30f25b5a0f8eca07e479b8f719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

nginx-hit: 1
date: Mon, 06 Nov 2023 16:51:44 GMT
x-amz-version-id: 11KkHJ4klFAvUaigmBwu2TFXq75Jo8O9
via: LA-MEX-queretaro-EDGE1-CACHE1[3],LA-MEX-queretaro-EDGE1-CACHE6[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE28[531],LA-MEX-mexicocity-GLOBAL1-CACHE30[286,TCP_MISS,528],EA-SGP-GLOBAL1-CACHE14[38],EA-SGP-GLOBAL1-CACHE29[30,TCP_MISS,36]
x-ccdn-cachettl: 2592000
content-encoding: gzip
x-amz-request-id: A4R078GNJAQHTH14
age: 314817
x-amz-server-side-encryption: AES256
x-amz-id-2: JSE9WIS5jSKse1lY43qYxDfu5CYSPxe1uGBnbj2OkLzzdNbamSWCWcwM/0R5WVSWEEXosMLmrBc=
last-modified: Fri, 03 Nov 2023 01:24:44 GMT
server: openresty
etag: W/"a9212a16dcc75a5fb46d4ca075879700"
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-expires: 2281584
x-hcs-proxy-type: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 115ms
90ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09d9b0c13acc1cf20eeb6642a9ac8b8cbe03ec8c4d23d7853b547c0fa86dbd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
server: cafe
etag: 0 / 19667 / m202310310101 / config-hash: 2691334513593666145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H2 200 prebid8.18.0-121023.js Show response
adsimg.kompas.com/html5/prebid/sonora/ 373 KB
117 KB 578ms
13ms Script
application/javascript 138.113.147.185
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 0a0b264f3418447b6ef841802e55b6d73e0a5b42661c15171e34638f4afe94a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
via: 1.1 10885a2c24fad0ff660a4e3a8e3fb800.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 10:01:06 GMT
server: nginx
x-amz-cf-pop: NRT57-C2
age: 1
etag: W/"6527c3e2-5d2fe"
x-cache-status: HIT
x-ws-request-id: 6549199f_PSdgflkfFRA2lp71_40772-64338
content-type: application/javascript; charset=UTF-8
x-via: 1.1 PSrbJP1de68:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:15 (Cdn Cache Server V2.0)
cache-control: max-age=31536000
x-amz-cf-id: XAP5v8ygm_tWXryWD2s1FveNiQPtVX6voeZo-0L-MYo-mrVbEORSiQ==
expires: Sat, 12 Oct 2024 05:01:40 GMT

GET
H2 200 new-logo_sonora.png
imgx.sonora.id/file/sonora/desktop-new/images/ 10 KB
10 KB 11ms
11ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/images/new-logo_sonora.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dfcb6fe4c954fc60b77811e62dc5ecac1de4af8bee9408d45b86b0c5115691d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:21 GMT
x-amz-version-id: p5eWgemoM9UKkTBRikVmedMjBbZOQSfn
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jul 2020 04:57:35 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051162
etag: "949ce9f9c6525db1c4eaba41d488694f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9809
x-amz-cf-id: Mo6OZo48AddJGTMydyE7EobdiUtCFwmMxCwm9QXjcLYMm40kHavlqA==
expires: Fri, 12 Jul 2024 08:52:21 GMT

GET
H2 200 sinopsis-romance-on-the-farmjpg-20231104113837.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/04/ 23 KB
24 KB 16ms
16ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/04/sinopsis-romance-on-the-farmjpg-20231104113837.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 80a3285b6007febe9b4427b610014ac8504cd0551f75afd28677f8f2abfd8518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 15:46:45 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 176698
etag: "6b2f55fa3650ab487b4388f4e85b945cd01a8481"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 23736
x-amz-cf-id: lGqX9aZ3zubIBcFSXitSV6mkQ2yUxD1nHpwkt3DZ3-VraaLKeA5z1g==
expires: Sun, 03 Nov 2024 15:46:45 GMT

GET
H2 200 befunky_2023-10-1_11-47-39jpg-20231106114748.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/ 16 KB
17 KB 16ms
16ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/befunky_2023-10-1_11-47-39jpg-20231106114748.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 41d8bc23562f3cda043d894bb5c043bd50290a2e4f53f87c0b9e4e858aa24cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:59 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37364
etag: "b9f71c1cdf117f62f8368338a4ffb8a2902b65d9"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 16848
x-amz-cf-id: wVdmPIGp2NQ-h1cULGSCjoCsb_rkoTggCyMnzt_PN0oi9q4GNm3CiQ==
expires: Tue, 05 Nov 2024 06:28:59 GMT

GET
H2 200 tumblr_1460a5f7b142e4e06dbf8e7bf-20231106103638.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/ 23 KB
23 KB 16ms
16ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/tumblr_1460a5f7b142e4e06dbf8e7bf-20231106103638.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7238af0cd91f8d8a4bb3a152085a575d1823e71b7c7bd9eac22bfff0a9141349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:56 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37367
etag: "cbb1be587a87833384f79a929aea741b11a1d3dd"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 23565
x-amz-cf-id: IQCjAn0T4zwfbw7d8W5UN4oh3-Sof2dO4xj4Qa_w60TVRulfTpy2Xw==
expires: Tue, 05 Nov 2024 06:28:56 GMT

GET
H2 200 21560073_6479339jpg-20230621043918.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/06/21/ 21 KB
21 KB 59ms
37ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/06/21/21560073_6479339jpg-20230621043918.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6b279888887a96cb76553ae053cf82e65f74ce91ea29e15d14cd6b9fb159aacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:59 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37364
etag: "3e44cffdd8fa2bc07b5a9a286f47ea39a0753f85"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 21530
x-amz-cf-id: yMRh_SFKI38y9y3r16k9PZdAf95tlncfQ8MFTQ6I_gbY-2XYoFkAZQ==
expires: Tue, 05 Nov 2024 06:28:59 GMT

GET
H2 200 sinopsis-romance-on-the-farmjpg-20231104113837.jpg
imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/11/04/ 6 KB
7 KB 59ms
39ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/11/04/sinopsis-romance-on-the-farmjpg-20231104113837.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cd52fe529da42ee00936b62eed815e85eb39905d74fbe23fadb298fece155bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 15:46:47 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 176696
etag: "af4692c5b804c879a663f39c7ed400d1fd27cdce"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 6461
x-amz-cf-id: YI9JYr7D9QuOxKhwrjQvdU1GbQ_8b_6dWtkY_SCxjFN7JaGHIGHeQw==
expires: Sun, 03 Nov 2024 15:46:47 GMT

GET
H2 200 befunky_2023-10-1_11-47-39jpg-20231106114748.jpg
imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/11/06/ 6 KB
7 KB 58ms
38ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/11/06/befunky_2023-10-1_11-47-39jpg-20231106114748.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f9fa705edb441f1715235adf1ddbfb2887e61b60f9263465645df8f75bd84cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:56 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37367
etag: "85129c67f52d4257625738d1176eb1b0e84b96c8"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 6336
x-amz-cf-id: W8aaAzuDb1w4pD4a9NMu73OyousHy6H4OdJyE4V-ZE0A9niEwR7saQ==
expires: Tue, 05 Nov 2024 06:28:56 GMT

GET
H2 200 tumblr_1460a5f7b142e4e06dbf8e7bf-20231106103638.jpg
imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/11/06/ 6 KB
6 KB 55ms
36ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/11/06/tumblr_1460a5f7b142e4e06dbf8e7bf-20231106103638.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 460d1dbc3206f0423c8555c22893a2d6e6fe6321a59dac3e3fba9f6a22f5751c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 08:52:51 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 28732
etag: "28bdb60fa1e73dd78b7925a5d08c89f7903c256f"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 6140
x-amz-cf-id: jlJgODrofl1xLwvoaPOutyjFBUBmuPpfYRrD1CYfYQW9RP0JLI1cYg==
expires: Tue, 05 Nov 2024 08:52:51 GMT

GET
H2 200 21560073_6479339jpg-20230621043918.jpg
imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/06/21/ 9 KB
9 KB 57ms
38ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/150x150/photo/2023/06/21/21560073_6479339jpg-20230621043918.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cc96a5d94b9fd891933746d77fe60cf4f3a7d45d1cab93a712ca21f331612cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 07:12:38 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 34745
etag: "513a479598dab16cc6ceb4c7f35f34d405e4071a"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 8766
x-amz-cf-id: afkl73ftQbfvybijWWobS9KFE-2_mLHF876wXieeeCjUfbD742aF8Q==
expires: Tue, 05 Nov 2024 07:12:38 GMT

GET
H2 200 1546292942.png
imgx.sonora.id/crop/0x0:0x0/200x200/file/sonora/podcast/cover-episode/ 24 KB
24 KB 55ms
36ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/200x200/file/sonora/podcast/cover-episode/1546292942.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3e2ca4bd374b9f895fb78ed0e11e8fca839a286756d18fbf2de61662b93886c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:53:39 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051084
etag: "f45725c2775d05472895f8dba21a62ec978cea8f"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 24523
x-amz-cf-id: vrGl8CxYCHUYJULC2RNObRVjP5r2e50pUg3kWELEoOziqIc9FEoRwg==
expires: Fri, 12 Jul 2024 08:53:39 GMT

GET
H2 200 2309018.png
imgx.sonora.id/crop/0x0:0x0/200x200/file/sonora/podcast/cover-episode/ 25 KB
25 KB 39ms
21ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/200x200/file/sonora/podcast/cover-episode/2309018.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cb0e8af991923ae082ece2b6ab957ffc6348cf46a74ca771c65dd433768b9c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:53:38 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051084
etag: "817f07b61a3b16c49deac63ee274b8aad77ea908"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 25614
x-amz-cf-id: 8l54_q_uOAt-LR4KRpUIQcrrlKMeoyzZ4PvaxzzwXOYn8ANfH0aBjQ==
expires: Fri, 12 Jul 2024 08:53:38 GMT

GET
H2 200 3136990969.jpg
imgx.sonora.id/crop/0x0:0x0/200x200/file/sonora/podcast/cover-episode/ 7 KB
7 KB 39ms
21ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/200x200/file/sonora/podcast/cover-episode/3136990969.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e86e207ff93534c44593c2f1deeef300fec21e2aee47dc1bd0a948468e91fbca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 02:00:16 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 9816687
etag: "dd66f7a1282cc6fbb3a324ac65086e64fb38fd62"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 6672
x-amz-cf-id: dfkrvtmFXeq7mLEVVw4wU2TL1XHwhs3D6RahlOwbTt67Oo6nLLRGyg==
expires: Mon, 15 Jul 2024 02:00:16 GMT

GET
H2 200 sonora.co.id.990698.js Show response
jsc.mgid.com/s/o/ 4 KB
2 KB 321ms
261ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/s/o/sonora.co.id.990698.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195b12f94e931d8e6977627aa603b05ff03092c2363ad65280ef1f4b7ac3944c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
x-amz-version-id: 4nC26lEndp1V5Mr7mJQMKjjZLzCLqLn7
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6M57K96Z5QF4FQYC
cf-polished: origSize=3923
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +CvhAWMeM1cZWBIVF4ez8To2xz3Wy4hCXzH8I0k2ZgeyzAp6yxXtwX36AsKH5PJv2EHp4NFhovc=
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 14:08:28 GMT
server: cloudflare
etag: W/"b024c3e36c4d1552c7fd6548c07369e4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 821ed7c2ab4f7692-LHR
expires: Mon, 06 Nov 2023 19:51:43 GMT

GET
H2 200 dapur-pexels-becca-tapertjpg-20231106041743.jpg
imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/11/06/ 12 KB
13 KB 55ms
38ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/11/06/dapur-pexels-becca-tapertjpg-20231106041743.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d69a9f3c08cd8956e296e270939045762240cdd0eb8c0e655c7169d16c71c336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:10 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 4533
etag: "d1526cf61b4293fba433ce8604b37290daf3430d"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 12461
x-amz-cf-id: j58GZt17upe9EJ5wdaRvGmDrmhx21sY9Zx39Dd_eQSo9MacgYUWzOQ==
expires: Tue, 05 Nov 2024 15:36:10 GMT

GET
H2 200 img-20231005-wa0014jpg-20231106084621.jpg
imgx.sonora.id/crop/0x99:700x499/245x240/photo/2023/11/06/ 16 KB
17 KB 54ms
37ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x99:700x499/245x240/photo/2023/11/06/img-20231005-wa0014jpg-20231106084621.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e7e009ad2e30b1af7b136aa88198b28d8886b89eb9e37c674df0238ce41fee7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:08:48 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 49375
etag: "363dbde6d6f370d3565e5845bb614b49d636e957"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 16883
x-amz-cf-id: poP_1FAjUYmK1J8df_W_8aRpEl2NXlozHobWfxAD2F0SQto_dA3b0g==
expires: Tue, 05 Nov 2024 03:08:48 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/-2172Q1zwyE/ 58 KB
58 KB 71ms
19ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/-2172Q1zwyE/sddefault.jpg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eae8f99463e611b647441acd9f108472446ef9d3001a75d8465cb246df73509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:09 GMT
x-content-type-options: nosniff
age: 4534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59266
x-xss-protection: 0
server: sffe
etag: "1648442436"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 17:36:09 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/tSrdKM1br4o/ 58 KB
58 KB 83ms
32ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tSrdKM1br4o/sddefault.jpg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a63dbfcc290b16ae588f99e103d58daf6cc0298a4c64668a182dd6bb95b83b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:09 GMT
x-content-type-options: nosniff
age: 4534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59061
x-xss-protection: 0
server: sffe
etag: "1649417430"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 17:36:09 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/ffMuj75wpNw/ 37 KB
37 KB 80ms
29ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ffMuj75wpNw/hqdefault.jpg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637372e086c7d644857dd68c9b0dc6b893c6599561b79a6845819991ef755f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:09 GMT
x-content-type-options: nosniff
age: 4534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37391
x-xss-protection: 0
server: sffe
etag: "1648530668"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 17:36:09 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/LtdLIVqDF7I/ 47 KB
47 KB 101ms
50ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/LtdLIVqDF7I/hqdefault.jpg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

048d5a2c34971b0f23f97baa722c619921759ac5e863412690415443be417caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:09 GMT
x-content-type-options: nosniff
age: 4534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47691
x-xss-protection: 0
server: sffe
etag: "1645246552"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 17:36:09 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/vJmzO80zYH4/ 66 KB
66 KB 102ms
51ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vJmzO80zYH4/sddefault.jpg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2d95ba8641781c36bdb6b9f4b99e2c06c5eadad5b3f0aacbed45a6171eec5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:09 GMT
x-content-type-options: nosniff
age: 4534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67797
x-xss-protection: 0
server: sffe
etag: "1649990566"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 17:36:09 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/ULGC-nYePNk/ 48 KB
48 KB 49ms
44ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ULGC-nYePNk/sddefault.jpg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6028fce5a28e67f3df4c55e9d8526299b7c88fdbf48e314748729a25cef3ea23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:09 GMT
x-content-type-options: nosniff
age: 4534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49101
x-xss-protection: 0
server: sffe
etag: "1649831750"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Nov 2023 17:36:09 GMT

GET
H2 200 whatsapp-image-2023-11-01-at-22-20231101103041.jpeg
imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/11/01/ 24 KB
25 KB 44ms
28ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/11/01/whatsapp-image-2023-11-01-at-22-20231101103041.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1cc0e34615383b19056fa913f0304d4eb070ee353c9b339dd74dce520e064452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:39:57 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 436306
etag: "e0b9a7fcfa5f9dd065cf7e9d9a7d2f2420cbb7ab"
x-cache-status: HIT
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 25026
x-amz-cf-id: rZTHlhmADmdQUY2htDnD-RLwHP0WEygJAptdqBW8vd6pocmWPAKyIg==
expires: Thu, 31 Oct 2024 15:39:57 GMT

GET
H2 200 screenshot-2023-10-30-225826jpg-20231030105855.jpg
imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/30/ 27 KB
27 KB 50ms
35ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/30/screenshot-2023-10-30-225826jpg-20231030105855.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d7b399332f378a5fe89eea3ac1f4f98e1ec7c66c20a5ebe9c0a2bd16032b4666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:22:19 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 606563
etag: "6adc3d7fb6306d35b16d7bf7d7b9cd116a020708"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 27336
x-amz-cf-id: yGo0Pzr-KgMjfi1rkgBcYZOKskc9QTl6jWUxr1pW0yPfDgxObelChA==
expires: Tue, 29 Oct 2024 16:22:19 GMT

GET
H2 200 copy-of-thumbnail-600x400-1jp-20231025042336.jpg
imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/25/ 35 KB
36 KB 44ms
29ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/25/copy-of-thumbnail-600x400-1jp-20231025042336.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5ffabf2ab38c805e44ed6a45c706a959675441e7ad4c4dde830e2a29fddd0cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:52:05 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 910778
etag: "c66d9c9c714c4d5d8d5b1bb11754740467848f2a"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 36153
x-amz-cf-id: ndV3LvY9nLboZsXeJuaaD5lYzgTbb4hkeR-EoNaYpz6BXfK-PQlqhQ==
expires: Sat, 26 Oct 2024 03:52:05 GMT

GET
H2 200 untitled-designjpg-20231025041300.jpg
imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/25/ 21 KB
21 KB 46ms
31ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/25/untitled-designjpg-20231025041300.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b24d5e3a3f1e062ad3be639bed38431f876be35ad58f7287705ec9e2496ec990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 03:28:12 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 998610
etag: "c49d75e03f0ad59889f502007e5186a4518fc607"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 21304
x-amz-cf-id: wx-abluGCEHmJOiBtMfspEsYWIjKfXgTrs7KeXfkn6OfPUooaZdqnQ==
expires: Fri, 25 Oct 2024 03:28:12 GMT

GET
H2 200 untitled-design-5jpg-20231025043318.jpg
imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/25/ 21 KB
22 KB 47ms
33ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/25/untitled-design-5jpg-20231025043318.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: bca9c2fd57f990729288dc6498b576327d4e75a45a9d8af2b3b07f8f2d6582d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:05:31 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 1061172
etag: "13a78ca33b55aedc3847152dc1aa8f1870ea05f1"
x-cache-status: HIT
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 21985
x-amz-cf-id: 61eQA_2cPMFPi7DFS6dh5GUmrjZ4lAW1R2F0eL9lxYV5oXOKHJu0ag==
expires: Thu, 24 Oct 2024 10:05:31 GMT

GET
H2 200 250ae026-52ae-4096-a842-8d4d3b33-20231023085727.jpeg
imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/23/ 25 KB
26 KB 48ms
34ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/327x327/photo/2023/10/23/250ae026-52ae-4096-a842-8d4d3b33-20231023085727.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3b8fc662fa369381bbe77ad9243fb62acd7ecdd264aad68c41c3127a0da3e1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 15:32:25 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 1214358
etag: "380706a5e5ec78b955f84bba9f2b102ec584f402"
x-cache-status: HIT
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 25894
x-amz-cf-id: 6WTwGEY57VSzZDVi3H14z6YzHSdGaNNCQRSIyhoUcd0sI2i5nSUZlg==
expires: Tue, 22 Oct 2024 15:32:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
77 KB 60ms
25ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NP3FL6C

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e40a578ef050b61f0e9686b388fef8160fc040da54727a3c90f4e516b014ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78202
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H2 200 istockphoto-1058540204-1024x1024-20230912113123.jpeg
imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/09/12/ 11 KB
11 KB 70ms
56ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/09/12/istockphoto-1058540204-1024x1024-20230912113123.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e047efdd60b846ea6313bc584ae40625eb0619525292579e2675acd9b90c6f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:40 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 4503
etag: "462e9356db117330032b239844d20714da673415"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 10985
x-amz-cf-id: 8QPSCmxb3e2afAdarwchrdPssfPegIswiiYHm-UyxTbqjER-72ZwYA==
expires: Tue, 05 Nov 2024 15:36:40 GMT

GET
H2 200 istockphoto-1409588781-1024x1024-20230504075324.jpeg
imgx.sonora.id/crop/0x0:1024x621/245x240/photo/2023/05/04/ 9 KB
10 KB 72ms
59ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:1024x621/245x240/photo/2023/05/04/istockphoto-1409588781-1024x1024-20230504075324.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5ed7b6cf6d2a06883584be8400bcb88262dfed36c89f1d23010d599fc6742e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:10 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 4533
etag: "02a36314821e9ebbc1417849b7a40ce77118e3b4"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 9618
x-amz-cf-id: rT0CxFPeHAxHSdL-WNxmI57bX4K2ZE6LhhgBalX6W2rkEEp8mTStcw==
expires: Tue, 05 Nov 2024 15:36:10 GMT

GET
H2 200 ilustrasi-guru-gubernur-kalbar-s-20231003101821.jpg
imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/10/03/ 7 KB
8 KB 74ms
61ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/10/03/ilustrasi-guru-gubernur-kalbar-s-20231003101821.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9dc31c58ee985c67762281ac8736adcf1e95d632195953531725e20607442baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:10 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 4533
etag: "5033027322b0d009e8b6da238d3ae5a7eb0f6e6d"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 7609
x-amz-cf-id: PKLnJmpd1T-HIYr_G84B9YHL2YcxfwQjYJIKkb2PlxjtbP4wol3rxg==
expires: Tue, 05 Nov 2024 15:36:10 GMT

GET
H2 200 9c296370-1263-420c-b405-eb745f1c-20231106070236.jpeg
imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/11/06/ 13 KB
13 KB 77ms
63ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/245x240/photo/2023/11/06/9c296370-1263-420c-b405-eb745f1c-20231106070236.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cab8c437774fa13533ce1bcf5527b508c95e263eecb79fdd5f2a5cec5b683bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:40 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 4503
etag: "51fbc562d235a6630b496a7f979a85219ef5e735"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 13196
x-amz-cf-id: aZd3PkACbUq9CMgIoNDuAmGgp_XPMXPAzOmIep1j_N2Ec8TW4GEydQ==
expires: Tue, 05 Nov 2024 15:36:40 GMT

GET
H2 200 tab-lg-sonora.png
imgx.sonora.id/file/sonora/mobile-new/images/ 13 KB
13 KB 53ms
39ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/mobile-new/images/tab-lg-sonora.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b6efbfaae36aa53ee47566894c4127095bd5e90ff1d974669b5e071ab3cfa657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:23 GMT
x-amz-version-id: iShoW4rdzkDaGvXX.pv3XDanFkHUzvU9
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Thu, 12 Dec 2019 11:27:06 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051160
etag: "aa5c3f0d5a9a6aa3c67a33c4f6c6f2f3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13353
x-amz-cf-id: Ae3H1ASjtBxlOVZdPrLF1f0YNZyPf6hAaimb_YmWClTivJQxTyvH2Q==
expires: Fri, 12 Jul 2024 08:52:23 GMT

GET
H2 200 tab-lg-motion.png
imgx.sonora.id/file/sonora/mobile-new/images/ 7 KB
8 KB 57ms
44ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/mobile-new/images/tab-lg-motion.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4e2a81fb715365b53997c031e6531c2a00efc726dbdea8f2696a436f32c3e2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:23 GMT
x-amz-version-id: I77FT8Y_AF4hNIIcQvoMVZFCqveA7LGW
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Thu, 12 Dec 2019 11:27:08 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051159
etag: "31a004cee2883c6e072390853e9326ca"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7489
x-amz-cf-id: FtzPQxuau9_dRLjKHBZNiYtIaAguqWm22fBMiaXgfhAG2OXFiTk6kg==
expires: Fri, 12 Jul 2024 08:52:23 GMT

GET
H2 200 tab-lg-ssmart.png
imgx.sonora.id/file/sonora/mobile-new/images/ 7 KB
8 KB 58ms
45ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/mobile-new/images/tab-lg-ssmart.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 55512c0405f77d449a185fde8d0446aa9db032ad6fedea57803c4364963ccd78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:23 GMT
x-amz-version-id: FdrHpsYbqgmwKiEgSzUoEOb_L2bPoPST
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Thu, 12 Dec 2019 11:27:03 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051160
etag: "6b5b6c47eba169061a99cc334ca092d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7376
x-amz-cf-id: CxfdCbn3XOefCnO4q6sH-h5GX5ubLlSTHKRMg4UE4briUwHPqbLyMA==
expires: Fri, 12 Jul 2024 08:52:23 GMT

GET
H2 200 3390436443.jpg
imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/ 2 KB
3 KB 70ms
59ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/3390436443.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: facf3d3a4ac6bcb57258383c7a817ddf250012d0b50b4a120b0f5213035d79e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:23 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051160
etag: "fe5ca02e8851d27fbef304f05a9c210f07465782"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2554
x-amz-cf-id: CB53j3bbKkWf506HLzo1L4oUsm-5juvbzoYv_Jv42IRPbb74R3nsZw==
expires: Fri, 12 Jul 2024 08:52:23 GMT

GET
H2 200 960262642.jpg
imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/ 3 KB
3 KB 56ms
46ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/960262642.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d7e0f6082fa9f501722dff1d7451cf57166644c5ea6eb17e2afd8eeca3399a9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:24 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051159
etag: "9c170016b69dfb3c5e479ae9b000517b05deeb1f"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2818
x-amz-cf-id: kl01Ys5Ng4ogfGafD0d1CJSAcnyt5sv9wg0OYwTlpHt3AknM88m3_A==
expires: Fri, 12 Jul 2024 08:52:24 GMT

GET
H2 200 506333435.jpg
imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/ 3 KB
4 KB 56ms
46ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/506333435.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3eba09e329ebb1660f12f462ea9447fd160d440bf840fe943f1e6898edb74c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:23 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051160
etag: "fd3834436e043e46b427ebbb9cb7bfc280dd9aae"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 3532
x-amz-cf-id: BxVO8D6AkqKRL7Z0qGl7QqvT-SehNfGqqTsI_ziDr8vkPAc2QTbTEQ==
expires: Fri, 12 Jul 2024 08:52:23 GMT

GET
H2 200 2214997197.jpg
imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/ 3 KB
3 KB 56ms
47ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/2214997197.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 77b8df2737a1d747296997d643be5a405c272aa1f3822a2f2d8cf195a027f9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:24 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051159
etag: "cd411901ae85cf6eab358c764f4b0f65a71a153f"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 3191
x-amz-cf-id: JAUmXRZa1FMiRGGXH9j57cbgOc26MTChFEUTv2M0lfytxu3NomxIKQ==
expires: Fri, 12 Jul 2024 08:52:24 GMT

GET
H2 200 626424236.jpg
imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/ 3 KB
3 KB 57ms
48ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/100x100/file/sonora/chart/image/626424236.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c4546487f2a7651a5f230593e4406632a49d4861d90c18e807631ab845259027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:53:38 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051085
etag: "fb0faf47dd0c135806d114072ea16010193dc66f"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2908
x-amz-cf-id: 9PQYblmia8R2JczJRqD_rGnDCO37ziWL-NhX2Fxk6v39MnRGJVJh1w==
expires: Fri, 12 Jul 2024 08:53:38 GMT

GET
H2 200 olahragajpg-20231104012224.jpg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/04/ 3 KB
3 KB 71ms
62ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/04/olahragajpg-20231104012224.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7a9936e907d1486ae29caddd205b9b5d561bd5902d0ee790a83432af960d9237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 15:46:45 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 176698
etag: "c630f49fede1497fe99d3e863a8511612ede88e5"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2791
x-amz-cf-id: ZNiYbwd2duACIpFdQCstdWMFq1m_hvmZS1NDp6QxW6wEn7ltD_oy3Q==
expires: Sun, 03 Nov 2024 15:46:45 GMT

GET
H2 200 b21d2d4e-41c0-46c8-9ecc-0ad144f7-20231103022340.jpeg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/03/ 4 KB
4 KB 73ms
64ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/03/b21d2d4e-41c0-46c8-9ecc-0ad144f7-20231103022340.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a1635a3db21d771d13a8b0566763d96deb112fba03965f361fc26c56a45c7cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:04:45 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 287218
etag: "3bb5d60adce93577655c832b544df7deee247c0b"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 3606
x-amz-cf-id: hSSWI4dz2z2J1Qo885Flv2PkRxlNNOyGpEONdYbk3qUT4zMG3iKtOw==
expires: Sat, 02 Nov 2024 09:04:45 GMT

GET
H2 200 health-benefits-of-galangal-2000-20230918093609.jpg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/09/18/ 2 KB
3 KB 56ms
48ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/09/18/health-benefits-of-galangal-2000-20230918093609.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 510e508f7ec042f813456db9ac58c3a2639750e116a41ab9d6acb76a56bb081d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:29:03 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 408160
etag: "7931d307f69e55035603f453f9ea69e583a2735a"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2482
x-amz-cf-id: RxdyCWR2Tn8uI_fKU1kNjaRByKMV_QH0Vo-e8owCk-JFNhEJUdiEmg==
expires: Thu, 31 Oct 2024 23:29:03 GMT

GET
H2 200 heartburnjpg-20231101120523.jpg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/01/ 3 KB
3 KB 57ms
49ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/01/heartburnjpg-20231101120523.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b112593bfa75dc55bb4391dd872cf9feb1f7f92355fc47f5ba043956841d1ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:11:45 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 470398
etag: "127aca481207e128116d25c49b459e5036a4f4f9"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2724
x-amz-cf-id: VhJMarciIsc-XylPvUBWxlaKOiCZYoYxbkzQV95pW9cng0IvSacBwA==
expires: Thu, 31 Oct 2024 06:11:45 GMT

GET
H2 200 istockphoto-1409588781-1024x1024-20230504075324.jpeg
imgx.sonora.id/crop/0x0:1024x621/84x84/photo/2023/05/04/ 2 KB
3 KB 74ms
66ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:1024x621/84x84/photo/2023/05/04/istockphoto-1409588781-1024x1024-20230504075324.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 96de2614c2fd3059a93fdb5e87db045c018a13677d1286f018b3c794cb9cf130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:36:40 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 4503
etag: "89d854a3ba2066da855e23b47c7da5158ce07539"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2406
x-amz-cf-id: z11jwLG9W8C4BBUsDTADXN55jGsxwr9HGKCB00dMocS_S2oRlvUNIA==
expires: Tue, 05 Nov 2024 15:36:40 GMT

GET
H2 200 pasangan-pixabay-summerstockjpg-20231106023320.jpg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/06/ 3 KB
3 KB 70ms
62ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/06/pasangan-pixabay-summerstockjpg-20231106023320.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ef7e509360c81e98745dc1e6928bcb48533d141cc28cd7abca82bded598c21e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:23:10 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 16113
etag: "cbdeaa862786bd05b428cf063a40eb2e3129a4c3"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 2718
x-amz-cf-id: s_pm9857vXSEq7s0cmkln-OxlzVO6id2eF2sf7gfOAoN5RKDMnZK4g==
expires: Tue, 05 Nov 2024 12:23:10 GMT

GET
H2 200 wayangjpg-20230728012133.jpg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/07/28/ 3 KB
3 KB 69ms
61ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/07/28/wayangjpg-20230728012133.jpg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 456f42f314fd5aca099ff5a538a6a42a50abb6393cd628532019b857007d4d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:03:56 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 20867
etag: "4eb8b8230fbe8981521efd6a907bf9b0fd652db8"
x-cache-status: HIT
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 3008
x-amz-cf-id: Z5tFapAfZUnVA2wX2LflLevDfQpG0u8JKdFn3jdxFPIrF6Llc-c8aw==
expires: Tue, 05 Nov 2024 11:03:56 GMT

GET
H2 200 _9c8d47fc-6b4d-401e-90f6-53ad53f-20231106092649.jpeg
imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/06/ 3 KB
4 KB 70ms
63ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/84x84/photo/2023/11/06/_9c8d47fc-6b4d-401e-90f6-53ad53f-20231106092649.jpeg
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 00a52ba0d9868948662985582c602d2f073e828eee085f5468cddc01d57ee13c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:03:14 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 20909
etag: "adb6d7ba71d45386ebb9a1816567e3715208c417"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 3374
x-amz-cf-id: ghOaNYhrhvtSv3wfE-4P--x8lvt0yUsLHKIVM0Jv145nmc63sonjbQ==
expires: Tue, 05 Nov 2024 11:03:14 GMT

GET
H2 200 kgm-popup-light.min.css
imgx.sonora.id/file/sonora/desktop-new/css/ 21 KB
5 KB 39ms
18ms Stylesheet
text/css 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/css/kgm-popup-light.min.css
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 522a6fbf4dc73787f19a128312f1b3935499519014f6f61bd8b38b822220a200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 24 Jul 2024 05:12:19 GMT
date: Tue, 25 Jul 2023 05:12:19 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: 1PDaqCsqkjSRqw24d57aMTw3pScZOsxW
x-amz-cf-pop: DUS51-P3
age: 9027564
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 07d27328c5d4cd174412a7571367021040da7f87b7e0cfdf25c76cf840383a6d
x-cache: Hit from cloudfront
content-length: 4437
last-modified: Tue, 18 Jul 2023 03:35:00 GMT
server: nginx
etag: "60176792c062f9e9274b19a7b2cc8376"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: toT-0SMdsHm4FCxCudZrh-bTsyP-TPMJGSdkm4C-fEg_Oik349swjA==
x-amz-meta-s3b-last-modified: 20230718T033227Z

GET
H2 200 460x240-clean.png
imgx.sonora.id/file/sonora/ 711 B
1 KB 57ms
50ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/460x240-clean.png
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 756f7d91408734d467c10f89114da3e1cf9b9b94c30d0a9ebc61aed91a74e260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:12:36 GMT
x-amz-version-id: sJDA0y1UDA7oPiJyyXBFc7ABfYKaMFGV
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jul 2020 04:05:20 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10053547
etag: "bdd7afc2d35f0d695f226871b5725753"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 711
x-amz-cf-id: s2UFaZAgPUWc90OgNeqXz9j3kehNuZYUFyTXZKQ8u4eBJrW46HIZUQ==
expires: Fri, 12 Jul 2024 08:12:36 GMT

GET
H2 200 slick-v2.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/slick/ 39 KB
10 KB 58ms
51ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/slick/slick-v2.min.js?v=BKawAURM
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5edbfc91b293434268e8a8cfdb62eca0f67d28c11e180dcfe9438b968eb2de8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 30 Sep 2024 00:43:32 GMT
date: Sun, 01 Oct 2023 00:43:32 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: OkQNmqZZnpFS9pCxzOV8mZ2O3F1AVEqq
x-amz-cf-pop: DUS51-P3
age: 3168491
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a894c14ff8a7aecc5e292ea5660539c8cc564909858d823490691c1242628e97
x-cache: Hit from cloudfront
content-length: 9566
last-modified: Tue, 13 Jun 2023 07:35:43 GMT
server: nginx
etag: "fa04a7bd56a47aba6ff0a62a5895e57e"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: udxE5ULP9eUbaxs4Namcb1YEvzh-GuB4XrOWrpn0-ElkoqmFVRPVjQ==
x-amz-meta-s3b-last-modified: 20230613T073443Z

GET
H2 200 player_3.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 2 KB
1 KB 37ms
16ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/player_3.min.js?v=EyGJVdaW
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f0c3f79fc805615e46b752c294e68900e3ca6826c46db082c9e903d94298bcc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:12:06 GMT
date: Thu, 13 Jul 2023 08:12:06 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: yulIjFIPB5STjuxbcfUoo3vhqWVVUlLn
x-amz-cf-pop: DUS51-P3
age: 10053577
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c536350840b123e4e90ff164c16550cb3f031548b66af9b8d4d113da79c54406
x-cache: Hit from cloudfront
content-length: 801
last-modified: Fri, 16 Jun 2023 08:12:35 GMT
server: nginx
etag: "747fe3847a8a8689497dc92ca241667c"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tHWYlGPe5eLQKtUc1qDdvBlHSIKk4TqfFW6yNT2a4hZX6HdWZBLBrA==
x-amz-meta-s3b-last-modified: 20230616T081154Z

GET
H2 200 svgxuse-v2.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 3 KB
2 KB 40ms
18ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/svgxuse-v2.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 94b4083572be8dbd55c635c1702c9f192463e13c01cb7b25af3f5d8e0d454980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:18:37 GMT
date: Thu, 13 Jul 2023 08:18:37 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: kdg2hJUBm91FodGkFeKdRXI0YsP5i9Kx
x-amz-cf-pop: DUS51-P3
age: 10053186
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 700ff7edff121a9f9d2104cfd9ae73d9911320c01700de7d283b0d106b1d2c2b
x-cache: Hit from cloudfront
content-length: 1232
last-modified: Fri, 16 Jun 2023 08:14:21 GMT
server: nginx
etag: "e31209e896abfabd3c6f3a7427a9b863"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rqe0uDgWkVji4g2M3omy_bVSOHTGc23bRq93Kc0_xGxXxVyTl6j8Rw==
x-amz-meta-s3b-last-modified: 20230616T081346Z

GET
H2 200 main-v6.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 2 KB
1 KB 52ms
30ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/main-v6.min.js?v=dReKxno0
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4ce9c54dcb70bf19d93fee8de348f2dec7a3e0ad97d8cebe455c5ec6a0339158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:17:10 GMT
date: Thu, 13 Jul 2023 08:17:10 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: bCdlLs1fVuzTmlCJxNmKFF.JWDA63M3v
x-amz-cf-pop: DUS51-P3
age: 10053273
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1fdd5d6438348b88e0f2d51ae6ce1a50d8e08b3dbad93fe15a8b107d6f5f75d5
x-cache: Hit from cloudfront
content-length: 594
last-modified: Fri, 16 Jun 2023 08:53:48 GMT
server: nginx
etag: "54c623509a282d637c704773ed9393e7"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EUNFfiJkza2pPsRF0F6OgZLDiG6alzPx2TK4DjZy5mTPrbeeQyInLg==
x-amz-meta-s3b-last-modified: 20230616T085315Z

GET
H2 200 bootstrap.js Show response
cdn.jsdelivr.net/bootstrap/3.3.5/js/ 67 KB
15 KB 86ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.5/js/bootstrap.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16797115
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA, cache-yyz4573-YYZ
server: cloudflare
etag: W/"10d1a-u/VeIPHrtjaFInmfKds5gwoI75M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWlQyaesv%2F0O90sG6a%2BKn9uD6P%2FRop5EEduftwadEnjwnhLhwcjxIlT1ZFJBhqFZcYsj1zgnJdd1jolBFPYd87HGppVhcAKgFwSIzDKFj3fKlZJRkkI%2BW4MT4RHxjIxtj6yUJ1lbfgF7e6bnyDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 821ed7c28eb43611-FRA

GET
H2 200 lozad-v2.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 2 KB
2 KB 38ms
17ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/lozad-v2.min.js?v=3Vwq8QTd
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b9d286e34f4966c9930d0bcd7d32e4f80e0e9b45ba493d3f71e5ff695ab7d92c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:12:09 GMT
date: Thu, 13 Jul 2023 08:12:09 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: urpAmcI5.a90SBqV04ndPPp_5qYglKgq
x-amz-cf-pop: DUS51-P3
age: 10053574
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c2eee009dbd3d733ffc2fcb89fc976c99191d27c1d7fa2ab8c3b407e6df8da0f
x-cache: Hit from cloudfront
content-length: 990
last-modified: Fri, 16 Jun 2023 08:55:56 GMT
server: nginx
etag: "fe9c6877761df2b22a84071cd23840df"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rKFLmftPFhyHoR5qdZzLSlbRZWw2GOjcoORflM9vZCfWcYFbitB_nw==
x-amz-meta-s3b-last-modified: 20230616T085515Z

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.6/ 34 KB
35 KB 50ms
8ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:29:48 GMT
x-content-type-options: nosniff
age: 274915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34844
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 12:29:48 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.6/ 35 KB
10 KB 60ms
18ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 02:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10096
x-xss-protection: 0
last-modified: Thu, 25 Oct 2018 20:51:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 02:34:26 GMT

GET
H2 200 sonora-v2.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 2 KB
2 KB 63ms
57ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/sonora-v2.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2f0ff421483b77fecc74c406b4587fa3c2f2a28319b6362f6bb003e69454f48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 12 Jul 2024 08:18:38 GMT
date: Thu, 13 Jul 2023 08:18:38 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: 61MF9ZwTf3eR7re9w9OTerQOxwiDbWNK
x-amz-cf-pop: DUS51-P3
age: 10053185
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1ea2f86bf3d8c44eb65de8c2fa5b636be683a1a71d69a45857c6db37961aa1ce
x-cache: Hit from cloudfront
content-length: 1075
last-modified: Fri, 16 Jun 2023 08:57:35 GMT
server: nginx
etag: "58e58e6710dbf7f4938d470e8f8914d8"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8N4HWkWTCI7YZNTAF1GXaTUh9JTwiVFAwy3susGBpOmAeDBkaGIBxA==
x-amz-meta-s3b-last-modified: 20230616T085701Z

GET
H2 200 general.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 948 B
1 KB 40ms
19ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/general.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b663da6a9b1ab55ee08a0b6c094da7b43d045493c9263b7bb15d1c53d57300e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:12:36 GMT
x-amz-version-id: null
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Wed, 07 Aug 2019 10:24:32 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10053547
etag: "6ba607374b927ef78af4c234998482b9"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 948
x-amz-cf-id: T7cmjX23AogF2mWJjAtsev23xoTBh4IeI__L2W8m1GiKNQmX9nOjOg==
expires: Fri, 12 Jul 2024 08:12:36 GMT

GET
H2 200 sso_g_signin_v10.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 14 KB
5 KB 64ms
57ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/sso_g_signin_v10.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 079631c1fe46563971edbb7b9955f112b5f9a699f0131fb9ca37a5201b44dee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Sep 2024 03:27:23 GMT
date: Mon, 04 Sep 2023 03:27:23 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: ENm.AmVO8Pczxu8wxGkEASwftF2O0YBr
x-amz-cf-pop: DUS51-P3
age: 5491460
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c0e0367e2d41481dd40b9b64648f3eefd2893bdc4e427b4140a699bb7d0f3b12
x-cache: Hit from cloudfront
content-length: 4583
last-modified: Mon, 04 Sep 2023 03:07:51 GMT
server: nginx
etag: "6d177d2a984a683d8114da0d7ff106e7"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ICn-idrEfgf_aBrySMn5aHbLZcUGyWzI4zHc562dK183hzgLMigK-Q==
x-amz-meta-s3b-last-modified: 20230904T025844Z

GET
H2 200 sso_personalisasi_nk.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 10 KB
4 KB 65ms
58ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/sso_personalisasi_nk.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: cf7fa00b9e1d696bce006b3a599f03086f44987c6b19b4dda8063c69a403df25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 06 Sep 2024 07:36:36 GMT
date: Thu, 07 Sep 2023 07:36:36 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: mjavpXPEpyBTqKP1R_Qa61hjjuZugb.j
x-amz-cf-pop: DUS51-P3
age: 5217307
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: e9d3fb10a30b50046288eafdab62ba38b8d9e848abfb128c622c80e148a9531a
x-cache: Hit from cloudfront
content-length: 3480
last-modified: Thu, 07 Sep 2023 06:49:52 GMT
server: nginx
etag: "77012640b9def17559319ec8d7f65c77"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wGyGW1g3L-UCwtIa_F7HYIXLChACeaSsZhx84LPaqG0nQy5Kdk_SQA==
x-amz-meta-s3b-last-modified: 20230907T064845Z

GET
H2 200 extender_v4.min.js Show response
imgx.sonora.id/file/sonora/desktop-new/js/ 5 KB
3 KB 64ms
58ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/js/extender_v4.min.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5e212f9be2fcc03a0553b54beb6816b8b900357923b1c62a5f2cddf805671d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Sep 2024 03:27:23 GMT
date: Mon, 04 Sep 2023 03:27:23 GMT
content-encoding: gzip
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
x-amz-version-id: zw7uERzQEQ.YJ4jrL8LTF0NCHiW_EELi
x-amz-cf-pop: DUS51-P3
age: 5491460
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1f4349cec736ce8fb5dd6f35e116cbfba159dee26c87a04b25b672c79b51548a
x-cache: Hit from cloudfront
content-length: 2109
last-modified: Mon, 04 Sep 2023 03:07:36 GMT
server: nginx
etag: "82bd917dd6f1458d92f26596465b4cb6"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6ouSX6lffOyX-f2PzFhJvqV53Vs7_y37hOibnAFXS6r_lDcpYNLXhA==
x-amz-meta-s3b-last-modified: 20230904T025936Z

GET
H2 200 pxiEyp8kv8JHgFVrJJfedw.ttf
fonts.gstatic.com/s/poppins/v20/ 16 KB
10 KB 60ms
19ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfedw.ttf

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 23:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10577
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:50:51 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c1e225741a0555d113b441a6de8114fc1a2d9d18e125a751ed6ebf25f025f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 16 KB
11 KB 57ms
16ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10630
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Nov 2024 15:15:51 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 15 KB
10 KB 58ms
17ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10455
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Nov 2024 15:15:52 GMT

GET
H2 200 footer-desk.png
imgx.sonora.id/file/sonora/desktop-new/images/ 26 KB
27 KB 33ms
29ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/images/footer-desk.png
Requested by: Host: imgx.sonora.id
URL: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c46c67561e592db6a8319a1304842bfe7c332980ab022d769c158a09c2802287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:22:00 GMT
x-amz-version-id: null
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Wed, 07 Aug 2019 10:23:53 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10052983
etag: "4433f067df6e01a35f981e53207adb5b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26874
x-amz-cf-id: cfSVodWfhHTNVHLg8dqYpJNPWDN9IHFE3ShqFIcWLUXLpPIpeIYfDQ==
expires: Fri, 12 Jul 2024 08:22:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
767 B 51ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: imgx.sonora.id
URL: https://imgx.sonora.id/file/sonora/desktop-new/css/kgm-popup-light.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgx.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:14:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 425 KB
133 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12682
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136288
x-xss-protection: 0
server: cafe
etag: 17302374607849014435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 05 Nov 2024 13:20:21 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 100ms
39ms Script
text/javascript 2600:9000:243d:b400:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:b400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 06 Nov 2023 05:14:56 GMT
Via: 1.1 6dfd389c138f0c3d4626295090bb3362.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P4
Age: 42461
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 01zheMX_WWq88Tw38GMF6DeNySRL4fGIJbKq8Fh0pzRRXt6exYjZ9w==

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 96ms
36ms Script
application/javascript 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: imgx.sonora.id
URL: https://imgx.sonora.id/file/sonora/desktop-new/js/sso_g_signin_v10.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f11d0190d676c1a0772b71b30549e6b2566646cd65dd572f43a9cccb90f99a4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ylNzysc0GNBNw4-4aTuOxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-ylNzysc0GNBNw4-4aTuOxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XH5C7P2HT9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NP3FL6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de0a9bf9c2b2bfb5addc32902d7d7f4d54c18b074a44ca78df939a59d5a0c419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FD3BG3FW9T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NP3FL6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e955cd5d289a0aef6e4c9b76cc3584a992f77e4ced9bd971f269b7c70f7f435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 343ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NP3FL6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 15:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 06 Nov 2023 17:51:32 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.5.0/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js

7 KB
3 KB

41ms
40ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 566343
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HE1WMQCQTBFQ21VG7P9497H5-fra
server: cloudflare
etag: W/"1c0d-zW8RvTlYH7YAF4tIT+4z8RfNaCg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 821ed7c5df3c047a-FRA

Redirect headers

date: Mon, 06 Nov 2023 16:51:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HEJRDNC9TTYFWN612A09D1Z9-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 344
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.5.0/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 821ed7c5bf00047a-FRA

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.1/dist/ 4 KB
2 KB 338ms
19ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NP3FL6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 24656227
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT83ND0JF3P4Q0SK29TV83G8
server: cloudflare
etag: W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 821ed7c5bf03047a-FRA

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 354ms
31ms Image
text/plain 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1699289503305&ns_c=UTF-8&c8=Sonora.id&c7=https%3A%2F%2Fwww.sonora.id%2F&c9=
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: nGzmIcjkIj0GaCSYaRPrgSj3s8HfS34LRtvD3JJKDTYy8x33tXx1wg==
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ 756 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48f09d6e66321503e98a491c2d2e6cf2e052fe903b37c6ce66c1f92c3c6cca97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 w-radio.jpg
imgx.sonora.id/file/sonora/desktop-new/images/ 30 KB
31 KB 18ms
16ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/images/w-radio.jpg
Requested by: Host: imgx.sonora.id
URL: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ddecf48c7543346caf5a898adf0c24e98432e376bdabc919234aeaa6899bcfc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:22:00 GMT
x-amz-version-id: null
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 07:44:34 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10052983
etag: "39258f679836bb844dd334a69ab709a7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31133
x-amz-cf-id: PlEwhW1LKqAjwNCrG8k3eqoxbIkL_rZjTKCPUr8p0LNRFixTB7jjpg==
expires: Fri, 12 Jul 2024 08:22:00 GMT

GET
H2 200 play.png
imgx.sonora.id/file/sonora/desktop-new/images/ 1 KB
2 KB 17ms
16ms Image
image/png 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/file/sonora/desktop-new/images/play.png
Requested by: Host: imgx.sonora.id
URL: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 67cd18a7fda508e2078d2cdaf3ebc292d4bfa8add9e8f312804d384151655d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=HqtaDASK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:52:26 GMT
x-amz-version-id: null
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 07:45:32 GMT
server: nginx
x-amz-cf-pop: DUS51-P3
age: 10051157
etag: "7cbca2d7b3434148ab49c6bbbd35a3f1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1507
x-amz-cf-id: Wt42Y-UPCJ0A6WvU5U-dmS7Dv3y6ALa86P8OKcOoIp11WvI2se84sg==
expires: Fri, 12 Jul 2024 08:52:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 221ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XH5C7P2HT9&gtm=45je3b11v884848702z8812598146&_p=1699289502983&_gaz=1&gcd=11l1l1l1l1&cid=1436982439.1699289503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699289503&sct=1&seg=0&dl=https%3A%2F%2Fwww.sonora.id%2F&dt=Sonora.id&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Artikel%20ID=&ep.Penulis=Sonora.id&ep.Editor=&ep.Jumlah%20Kata%20Artikel=&ep.Kategori%20Artikel=Home&ep.PublishedDate=&ep.Site%20Name=Sonora&ep.SitelD=42&ep.Source%20Artikel=&ep.Subkategori%20Artikel=&ep.Tag%20Artikel=Berita%20Terkini%2C%20Berita%20lalulintas%2C%20Fengshui%20Harian%2C%20Tips%20Bisnis%2C%20Berita%20Shobiz%2C%20Berita%20kesehatan%2C%20motivasi%2C%20Berita%20otomotif%2C%20Info%20Terkini&ep.Tipe%20Artikel=Standard&ep.Title%20Artikel=Sonora.id&ep.Liputan%20Khusus=&tfd=598
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XH5C7P2HT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 230ms
30ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XH5C7P2HT9&cid=1436982439.1699289503&gtm=45je3b11v884848702z8812598146&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XH5C7P2HT9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 255ms
56ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XH5C7P2HT9&cid=1436982439.1699289503&gtm=45je3b11v884848702z8812598146&aip=1&z=961802600

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 41ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FD3BG3FW9T&gtm=45je3b11v874954070z8812598146&_p=1699289502983&_gaz=1&gcd=11l1l1l1l1&cid=1436982439.1699289503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699289503&sct=1&seg=0&dl=https%3A%2F%2Fwww.sonora.id%2F&dt=Sonora.id&en=page_view&_fv=1&_ss=1&tfd=623
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FD3BG3FW9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 41ms
40ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FD3BG3FW9T&cid=1436982439.1699289503&gtm=45je3b11v874954070z8812598146&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FD3BG3FW9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FD3BG3FW9T&cid=1436982439.1699289503&gtm=45je3b11v874954070z8812598146&aip=1&z=124806340

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sonora.co.id.990698.es6.js Show response
jsc.mgid.com/s/o/ 311 KB
93 KB 226ms
226ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/s/o/sonora.co.id.990698.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/o/sonora.co.id.990698.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7d92b3065937b7a9a10128d93b11b9696f9abdb50ee6d82c75622fc5194e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
x-amz-version-id: rwvEycDoCubkqDyNm0qYDFPh2nDpBjo7
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NF4T3Z4PXKFW4EBB
cf-polished: origSize=318901
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: buC/H4g+XNI7Vq4poH6eFqacXNDWOuvalK0FIdab0sQn/yV6p9lheoQnnpC7YhxpK6MIrZ719mE=
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 14:08:28 GMT
server: cloudflare
etag: W/"6cf540ba3b8c361ddf992709c6329427"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 821ed7c4bde57692-LHR
expires: Mon, 06 Nov 2023 19:51:43 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 40ms
40ms Stylesheet
text/css 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-JjWDxLnk5CXyOWR8A_mw4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-JjWDxLnk5CXyOWR8A_mw4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 24ms
23ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=580494648&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonora.id%2F&dp=%2F%2F%2F%2F&ul=en-us&de=UTF-8&dt=Sonora.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=1317668380&gjid=1670120695&cid=1436982439.1699289503&tid=UA-93462315-13&_gid=1305184677.1699289504&_slc=1&gtm=45He3b11n81NP3FL6Cv812598146&cd1=Home&cd2=&cd3=Indonesia&cd4=Sonora.id&cd5=&cd6=&cd7=Standard&cd8=&cd9=&cd10=&cd11=Berita%20Terkini%2C%20Berita%20lalulintas%2C%20Fengshui%20Harian%2C%20Tips%20Bisnis%2C%20Berita%20Shobiz%2C%20Berita%20kesehatan%2C%20motivasi%2C%20Berita%20otomotif%2C%20Info%20Terkini&cd12=&cd13=Sonora&cd16=&cd17=&cd18=42&gcd=11l1l1l1l1&cd30=1436982439.1699289503&z=620926880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93462315-13&cid=1436982439.1699289503&jid=1317668380&gjid=1670120695&_gid=1305184677.1699289504&_u=YCDAgEABAAAAAGAEK~&z=1768120456

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Nov 2023 16:51:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
438 B 79ms
18ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 floorprebidclient-121023.json Show response
adsimg.kompas.com/html5/prebid/sonora/ 154 B
582 B 39ms
20ms Fetch
application/json 138.113.147.185
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://adsimg.kompas.com/html5/prebid/sonora/floorprebidclient-121023.json
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: nginx /
Resource Hash: 20271545b2cc5ae84e71b290a18330b8d362d8e6b6f033f7f3e7eafa406c6fd6

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
via: 1.1 1552ec44a4dff59a6288644bee85e4a8.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 10:01:06 GMT
server: nginx
x-amz-cf-pop: NRT51-C2
age: 1
etag: "6527c3e2-9a"
x-ws-request-id: 6549199f_PSdgflkfFRA2lp71_38398-47550
content-type: application/json
access-control-allow-origin: *
x-via: 1.1 PSrbJP1tu67:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:18 (Cdn Cache Server V2.0)
accept-ranges: bytes
content-length: 154
x-amz-cf-id: nmi11jXYSanRCF_WUaZvyUL-46xKvvnTPhVHOhSYYNGG8mhk4JmLow==

POST
H2 200 hbpost Show response
hb.jixie.io/v2/ 62 B
769 B 894ms
495ms Fetch
application/json 43.129.34.148
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.jixie.io/v2/hbpost

Requested by

Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.148 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

c8d4bbc38eca000e5c5a89c8cfce2624f92b7431529900ac9402f8c593f82f2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; include Subdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; include Subdomains; preload
content-encoding: gzip
etag: W/"3e-U2g8o3yBExD/cwzGAhfh2lPb9+o"
x-frame-options: Deny
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1
expires: -1

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
168 B 313ms
180ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
last-modified: Mon, 06 Nov 2023 16:51:44 GMT
x-yandex-req-id: 1699289503963623-1333705082474924917000239-production-app-host-sas-pcode-550
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:44 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
236 B 274ms
141ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
last-modified: Mon, 06 Nov 2023 16:51:44 GMT
x-yandex-req-id: 1699289503964067-104052432756245850200287-production-app-host-sas-pcode-127
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:44 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
166 B 273ms
140ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
last-modified: Mon, 06 Nov 2023 16:51:43 GMT
x-yandex-req-id: 1699289503965575-1093245366729837077800324-production-app-host-vla-pcode-146
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
168 B 279ms
147ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
last-modified: Mon, 06 Nov 2023 16:51:44 GMT
x-yandex-req-id: 1699289503964825-1239822602895322085600301-production-app-host-vla-pcode-518
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:44 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
168 B 278ms
146ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
last-modified: Mon, 06 Nov 2023 16:51:44 GMT
x-yandex-req-id: 1699289503965464-605322285006275568500373-production-app-host-vla-pcode-333
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:44 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
168 B 264ms
133ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
last-modified: Mon, 06 Nov 2023 16:51:43 GMT
x-yandex-req-id: 1699289503963343-134384563926866962800297-production-app-host-vla-pcode-331
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
441 B 253ms
122ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
last-modified: Mon, 06 Nov 2023 16:51:43 GMT
x-yandex-req-id: 1699289503962156-1837011868708704761100286-production-app-host-vla-pcode-357
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 204 2392263 Show response
bs.yandex.ru/prebid/ 0
168 B 268ms
138ms Fetch
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2392263?imp-id=1&target-ref=www.sonora.id&ssp-id=10500&ssp-cur=USD
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
last-modified: Mon, 06 Nov 2023 16:51:43 GMT
x-yandex-req-id: 1699289503962569-708538432358430375800170-production-app-host-vla-pcode-298
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.sonora.id
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 148ms
113ms Fetch
application/json 3.74.50.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.18.0&referrer=https%3A%2F%2Fwww.sonora.id%2F&tmax=2000

Requested by

Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.74.50.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
129 B 46ms
19ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 981c6b07af25c255168cb3d6437a3270a73c2f4d201fbf6fea2685ae7d4c5005

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
248 B 45ms
18ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 98f954e7800642205e2617e1052c1f0eff5d93ade8eff534b8ad7a3616ce0809

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
335 B 115ms
21ms Fetch
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
555 B 206ms
112ms Fetch
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
335 B 113ms
20ms Fetch
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
335 B 116ms
23ms Fetch
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
335 B 116ms
23ms Fetch
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 0
335 B 116ms
23ms Fetch
application/json 81.17.55.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
176 B 507ms
171ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:44 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
312 B 114ms
78ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=450359
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea29cedb42034202cd6a87c82c0e31bc569257106f052859698d86c1364e580f

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa0AlNg%2BzOBgWm2FA83epLSQBbmWXNqu%2FeCDA%2Bh97rHPoKcHlOPsn1uSaBtyiiPK5PhymnkoUmdYZNvkSMC8Bmp8VHRdY%2F59eRQ%2FkcoMnzsAsdC%2BUGCVnNmnTSamdC3gyf16R50q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 821ed7c6db681e52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
544 B 104ms
68ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=450359
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea29cedb42034202cd6a87c82c0e31bc569257106f052859698d86c1364e580f

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpOp270fw4t5aHZEdrXRuJYcRNY8ExWM4wJJqMgXxqAEFwOgNAuuCrFgsWIZwcQCcAf7gTNKoFIeo4u80kjecLHJLhnJJhPeyBfsI6aoAcyKM6cF6FxW2Xzj8Gu3wRnhLXYDnB%2FK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 821ed7c6db651e52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
619 B 132ms
46ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503775&to=-60&aun=div-gpt-ad-head-banner&tdid=&gpid=1000095-A9QYrnyFw8&t=fdcalujo&pi=3&maxw=970&maxh=250&si=986732&bf=970x90%2C728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4ef19840e6c9c893550e11abe3de658e2fa437270d2b22a53f4704d1faa58c52

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
620 B 153ms
67ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503776&to=-60&aun=div-gpt-ad-head-banner&tdid=&gpid=1000095-A9QYrnyFw8&t=fdcalujo&pi=3&maxw=970&maxh=250&si=986733&bf=970x90%2C728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f1616587502f3157136bf04fdfc60e3c8035662bc55cf4d632b3c9f1e0e30583

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
617 B 153ms
66ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503776&to=-60&aun=div-gpt-ad-head-banner&tdid=&gpid=1000095-A9QYrnyFw8&t=fdcalujo&pi=3&maxw=970&maxh=250&si=986733&bf=970x90%2C728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7f42bc84d36d1e8cae0281bed43f777e557c262d267e98d57597936721b511c0

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
620 B 130ms
44ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503776&to=-60&aun=div-gpt-ad-giant&tdid=&gpid=1000095-IqArTJ0Bui&t=fdcalujo&pi=3&maxw=300&maxh=600&si=986735&bf=300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3456dc81c0129f9b4ebe8a04667110992cbb1c8c1ff6784723528f64b20fa82a

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
619 B 150ms
64ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503776&to=-60&aun=div-gpt-ad-MR3&tdid=&gpid=1000095-a0ZKNiGNGF&t=fdcalujo&pi=3&maxw=300&maxh=250&si=986736&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 863402490bc3676ecb6de7dd3abfb74af81985c05691efb1f9a201498b49f78e

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
618 B 131ms
45ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503776&to=-60&aun=div-gpt-ad-bottom-frame&tdid=&gpid=1000095-b4MxPBLvZm&t=fdcalujo&pi=3&maxw=1100&maxh=50&si=986739&bf=468x60%2C1100x50&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf915bcbf546788b14cbe416eebf1829aa8aa9b593c26ef8ac7cfb9673d9d27e

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
620 B 132ms
46ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503776&to=-60&aun=div-Inside-MediumRectangle&tdid=&gpid=1000095-pgcYU6x8Zx&t=fdcalujo&pi=3&maxw=300&maxh=250&si=986737&bf=300x250%2C300x100&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c337a53788470ecffbd05b567caa326760b4b6322c7162c40deaef6f1749f759

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 353 B
619 B 151ms
66ms Fetch
application/json 54.220.165.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1699289503777&to=-60&aun=div-gpt-ad-skyscrapper&tdid=&gpid=1000095-U1hEhsiPpM&t=fdcalujo&pi=3&maxw=160&maxh=600&si=986738&bf=160x600%2C120x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonora.id%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.18.0%22%7D&ogu=https%3A%2F%2Fwww.sonora.id%2F&ns=10240
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 135394fa3014749dd6b74997d90d13a4568d5bb2d7c9ed2fa474877ad5100427

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sonora.id
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 350 B
691 B 265ms
154ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434112&zone_id=2484494&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-A9QYrnyFw8&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=77207f5650ec64&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b592773e-be5c-4bd5-8a3e-e7e95ffb00fe&rp_maxbids=1&p_gpid=1000095-A9QYrnyFw8&slots=1&rand=0.2026476445396701
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 669c5590d5df7c4402e1d28fad7a586de4f7c0d2dd45a2823b7c50f215dc6b5b

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 350
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
668 B 230ms
120ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434112&zone_id=2484496&size_id=10&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-IqArTJ0Bui&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=7818851536d9413&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ccd01f0a-445b-4531-82df-476ccf4cb6a2&rp_maxbids=1&p_gpid=1000095-IqArTJ0Bui&slots=1&rand=0.01065474339439243
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fccd14c4247e5f4427fbefa7d856ddc9b99fd895a18c48ef3f643ee67c83c24d

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 328
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
842 B 209ms
99ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434112&zone_id=2484498&size_id=15&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-a0ZKNiGNGF&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=790d1ee86bc96ee&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6c225165-5caa-4b88-97ea-3fc567f89431&rp_maxbids=1&p_gpid=1000095-a0ZKNiGNGF&slots=1&rand=0.6538930638914886
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 657322526fc230132d37f8c19daa8253c28fd07f3e9bd2c79f27d6c535c71295

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 328
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
668 B 229ms
119ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434112&zone_id=2484500&size_id=15&alt_size_ids=19&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-pgcYU6x8Zx&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=80d96ad999e25c1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=24f69b8b-c439-4638-9a61-e56ced47e5da&rp_maxbids=1&p_gpid=1000095-pgcYU6x8Zx&slots=1&rand=0.5592994889918779
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 80076c8128ba70e888a80aae8ee7d822e6e12c179ace9a5ada9b48bf85112680

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 328
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
691 B 231ms
121ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=478104&zone_id=2838734&size_id=8&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-q1k7vd79Hb&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=81c7156626c27bb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4c41e002-ae6c-428c-845d-ae287cc7d224&rp_maxbids=1&p_gpid=1000095-q1k7vd79Hb&slots=1&rand=0.8598666137184705
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: af6aeb41cbb2f95fe10b13f79a4a988bee56874536aebda90c90fd0e3275e9fc

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 327
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
667 B 236ms
126ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=478108&zone_id=2838752&size_id=8&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-J0Lx5yPbeB&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=82ea41e3e87ca6b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=78c2b1e1-d051-422b-837b-dce04fcfef7e&rp_maxbids=1&p_gpid=1000095-J0Lx5yPbeB&slots=1&rand=0.4145840672653127
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 897a836a152c9cde8774ffbd7c3be36e5162b4e3440fd0013eeb6cf62b4a872b

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 327
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 346 B
686 B 235ms
126ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=478110&zone_id=2838756&size_id=9&alt_size_ids=8&rf=https%3A%2F%2Fwww.sonora.id%2F&kw=BeritaTerkini%2CBeritalalulintas%2CFengshuiHarian%2CTipsBisnis%2CBeritaShobiz%2CBeritakesehatan%2Cmotivasi%2CBeritaotomotif%2CInfoTerkini&tg_i.domain=sonora.id&tg_i.page=https%3A%2F%2Fwww.sonora.id%2F&tg_i.pbadslot=1000095-U1hEhsiPpM&tk_flint=pbjs_lite_v8.18.0&x_source.tid=38af8934-88a7-4519-a836-8548434aec17&l_pb_bid_id=8330ee563b758ac&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=89436e73-e276-43e9-9f3e-fa29c3ff503c&rp_maxbids=1&p_gpid=1000095-U1hEhsiPpM&slots=1&rand=0.25576006969503884
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3856f4fe3c2840b0da44e57794aff5ba9e27b5fd326b1119c89895ea231a9005

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 346
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
380 B 106ms
59ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
367 B 95ms
25ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK 1ab0a2a3-4d53-466d-b84a-54e20ba63072
https://www.sonora.id/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sonora.id/1ab0a2a3-4d53-466d-b84a-54e20ba63072
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK e4fbd979-7359-46ad-b2bf-3283958f05ee
https://www.sonora.id/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sonora.id/e4fbd979-7359-46ad-b2bf-3283958f05ee
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
115 B 59ms
40ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.sonora.id%2F&cbuster=1699289503820233437843&pvid=18ba58c184b9c8bda6e&implVersion=11&cxurl=https%3A%2F%2Fwww.sonora.id%2F&site=559595&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 821ed7c7085e7692-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 19ms
18ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=580494648&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonora.id%2F&ul=en-us&de=UTF-8&dt=Sonora.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCAGAEK~&jid=1846343079&gjid=1909761077&cid=1436982439.1699289503&tid=UA-93462315-18&_gid=1305184677.1699289504&_r=1&_slc=1&gtm=45He3b11n81NP3FL6Cv812598146&cd1=Home&cd2=&cd3=Berita%20Terkini%2C%20Berita%20lalulintas%2C%20Fengshui%20Harian%2C%20Tips%20Bisnis%2C%20Berita%20Shobiz%2C%20Berita%20kesehatan%2C%20motivasi%2C%20Berita%20otomotif%2C%20Info%20Terkini&cd4=Sonora.id&cd5=&cd6=&cd7=&cd8=Standard&cd9=&cd10=&cd12=Sonora.id&cd14=&cd15=&cd16=&cd17=&cd23=&gcd=11l1l1l1l1&cd19=0&cd24=Berita%20Terkini%2C%20Berita%20lalulintas%2C%20Fengshui%20Harian%2C%20Tips%20Bisnis%2C%20Berita%20Shobiz%2C%20Berita%20kesehatan%2C%20motivasi%2C%20Berita%20otomotif%2C%20Info%20Terkini&cd29=42&z=1459390265

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 22 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:11:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
665 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:57:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:43 GMT

GET
H3 200 css2
fonts.googleapis.com/ 4 KB
538 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:19:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:43 GMT

POST
H2 200 newidgen Show response
tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/ 224 B
681 B 750ms
249ms Fetch
application/json 54.251.181.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/newidgen

Requested by

Host: kgdata-cdn.s3.ap-southeast-1.amazonaws.com
URL: https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/sonora/oval_web_analytics_latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.251.181.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-181-187.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

cc2cc7100f193c7b9d192602ef1e101d953da77d2fbe324143ae5354468df8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 224
vary: Origin
content-type: application/json; charset=UTF-8

OPTIONS
H2 204 newidgen
tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/ Frame 0
0 862ms
248ms Preflight 54.251.181.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/newidgen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.251.181.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-181-187.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sonora.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, GET, POST
access-control-allow-origin: https://www.sonora.id
allow: OPTIONS, GET, POST
date: Mon, 06 Nov 2023 16:51:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
BLOB 206
Partial Content d3f3389e-f318-419e-b724-6960915f0c1f
https://www.sonora.id/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sonora.id/d3f3389e-f318-419e-b724-6960915f0c1f
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 292586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 07:35:17 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:02:00 GMT
x-content-type-options: nosniff
age: 604183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 17:02:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 405791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 00:08:32 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 58ms
42ms Image
image/svg+xml 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: V6T0XPEVQBQZVWF0
age: 3164
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WPV4YywY9IwenylfwDsGSwUoHoTNfJjEYjREE2btQsU0bJ/vR2YY879MCv2hzrmar6xKdmjH3ZE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821ed7c83a257692-LHR
expires: Tue, 07 Nov 2023 16:51:44 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
910 B 52ms
36ms Image
image/svg+xml 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7K0VMVKJPFTR7CFR
age: 3825
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rColIHerJj5PXGvbvrVNMeEUTVq34RvLF2O226pQO5v0dn3HsOibOj8lKF1IJpUldw3huBWXS/A=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821ed7c83a2b7692-LHR
expires: Tue, 07 Nov 2023 16:51:44 GMT

GET
H2 200 1 Show response
servicer.mgid.com/990698/ 2 KB
1 KB 122ms
104ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/990698/1?mp4=1&ap=1&w=700&h=152&sz=693x124&szp=1&szl=1&cols=1&sessionId=654919a0-11fc3&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.sonora.id%2F&cbuster=1699289504063658448412&pvid=18ba58c184b9c8bda6e&implVersion=11&cxurl=https%3A%2F%2Fwww.sonora.id%2F&scum=%3F0&scuw=%3F0&uniqId=06c97&niet=4g&nisd=false&pv=5&lct=1698883200&jsv=es6&pageView=1&dpr=1&ref=&tfre=1101

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/o/sonora.co.id.990698.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0da38f43fa73e7bf4f78b9d387519971bfb8146ef867db97bc643d58b13dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 821ed7c89b167692-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvNzc2MjI2L2NmYzM4N...
s-img.mgid.com/g/16840762/328x328/-/ 15 KB
16 KB 300ms
235ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16840762/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvNzc2MjI2L2NmYzM4N2FlNTc3OTZkYWFhNzJkNzFkNzM0YjkyMTk4LmpwZWc.webp?v=1699289504-jym3yMYIBcEcwyqpJhisPCMNwod0sJI7Qngnz8mASb4

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d239c1b42a2d3a3ffd0535c3945313fc8ec596eceab17eda303e0d82860f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.sonora.id/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 10:20:03 GMT
x-mg-request-uuid: f27bbb4a-7ae2-4764-b53d-7a5bc1f93d4f
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 821ed7c9a905653a-LHR
content-length: 15646
alt-svc: h3=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 0
38 B 62ms
43ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?cbuster=1699289504203778718948

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/o/sonora.co.id.990698.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 821ed7c96c937692-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 842D 0
104 B 37ms
36ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i-noref.js?cbuster=1699289504208996375797

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/o/sonora.co.id.990698.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 821ed7c96c8f7692-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 142 KB
31 KB 45ms
23ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/o/sonora.co.id.990698.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Nov 2023 12:11:14 GMT
server: cloudflare
x-amz-request-id: 8AJTDSEENN6T1XPE
age: 1262
etag: W/"6ce75de2ac970b38b3610ecd0ccc9b5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 821ed7c989875d48-FRA
x-amz-id-2: YD872Kwfm2fwDcG6a+qWNhT+v0YmiT0MYnFGmhVZMnGzS1VNlUSux3Yu8gtpInPZBxlOZN4AThU=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 97ms
68ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/o/sonora.co.id.990698.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=49684
accept-ranges: bytes
content-length: 63913
expires: Tue, 07 Nov 2023 06:39:48 GMT

GET
H2 200 loaduser Show response
traid.jixie.io/api/ 2 B
393 B 545ms
178ms XHR
application/json 43.129.34.52
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/api/loaduser?accountid=So95y1GEi

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; include Subdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; include Subdomains; preload
content-encoding: gzip
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, Accept-Encoding
x-frame-options: Deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonora.id
access-control-allow-credentials: true
x-xss-protection: 1

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 48ms
48ms XHR
application/json 2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=264913023582-lpd1a8ig4b67oo7s1uocdmjq8hva6akk.apps.googleusercontent.com&as=fu2Je9NeTjobMJ8Oed3p7A

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f251a4aad9a47baf0f3165cc8e27bfc26d95636379e8954acda6110de749825

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-umuJ7b3KdtohLQFU9ct16w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-umuJ7b3KdtohLQFU9ct16w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonora.id
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 symbol-defs.svg Show response
asset-a.grid.id/file/sonora/desktop-new/js/ 12 KB
13 KB 94ms
29ms XHR
application/octet-stream 18.173.233.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset-a.grid.id/file/sonora/desktop-new/js/symbol-defs.svg
Requested by: Host: imgx.sonora.id
URL: https://imgx.sonora.id/file/sonora/desktop-new/js/svgxuse-v2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-103.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6334fbd395d918031eb0b8d8bef86c076323586a9549f9d5429a407f311acc86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 20:34:40 GMT
x-amz-version-id: null
via: 1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 4911424
x-cache: Hit from cloudfront
content-length: 12669
last-modified: Wed, 07 Aug 2019 10:23:53 GMT
server: nginx
etag: "18dd745013101086db6567e7e3bb60c0"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin
accept-ranges: bytes
x-amz-cf-id: SlWaABxc08I_t-wiUEIHDgW4mUmNdmtUeLWPopkQ6cB1DApGsjTqGA==
expires: Mon, 09 Sep 2024 20:34:40 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/8077308/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
383 B

15ms
15ms

Script
application/javascript

18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 04:42:19 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 44936
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: ovWT1UU6xUCTs2wb08F_okqgMBSr06zHCWaX5Lqx1vlWB8zxI7Cn0Q==

Redirect headers

date: Mon, 06 Nov 2023 16:51:44 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: GxUb_qZmCBb8wMF959Dsqli6fAEj11CO3o33-Ej0wT4S38R4EZFCTQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 630 KB
111 KB 586ms
586ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1041250621208861&correlator=3197610907376244&eid=31079469%2C31078015%2C31078978&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=31800665%2CSONORA.ID%2Cvignette&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C728x90%2C300x600%2C300x250%7C1x1%2C100x550%7C120x600%2C100x550%7C120x600%2C468x60%7C728x90%7C970x90%7C1100x50%2C1x1%2C1x1&ifi=1&didk=379788797~4168229433~1901532940~1688794122~3878886875~4005168010~3868395670~2719422346&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699289504668&lmt=1699289504&adxs=315%2C1020%2C1020%2C120%2C1360%2C250%2C0%2C-9&adys=282%2C589%2C1264%2C221%2C221%2C1200%2C5326%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0%7C0%7C2%7C3%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonora.id%2F&vis=1&psz=1070x252%7C300x620%7C300x330%7C120x-1%7C120x-1%7C0x-1%7C1600x1200%7C0x-1&msz=970x252%7C300x0%7C300x0%7C120x-1%7C120x-1%7C1100x-1%7C1600x0%7C0x-1&fws=4%2C4%2C4%2C516%2C516%2C516%2C4%2C2&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&ga_vid=1436982439.1699289503&ga_sid=1699289505&ga_hid=580494648&ga_fc=true&a3p=EhcKCnVpZGFwaS5jb20SABixrbCsujFIAA..&dlt=1699289502962&idt=251&prev_scp=pos%3DTop_1%26kg_pos%3DTop_1%7CPos%3DGiant%26kg_pos%3Dgiant%7CPos%3DMR3%26kg_pos%3Dright_1%7Cpos%3DSkin_Left%26kg_pos%3Dskin_left%7Cpos%3DSkin_Right%26kg_pos%3Dskin_right%7Cpos%3DHorizontal_Ad%26kg_pos%3Dhorizontal_ad%7CPos%3DPopup%26kg_pos%3DPopup%26prayer_time%3D%7CPos%3Dvignette%26kg_pos%3Dvignette&cust_params=contextual_targeting%3Dberita%2520terkini%252Cberita%2520lalulintas%252Cfengshui%2520harian%252Ctips%2520bisnis%252Cberita%2520shobiz%252Cberita%2520kesehatan%252Cmotivasi%252Cberita%2520otomotif%252Cinfo%2520terkini%26kg_inv_type%3Ddesktop%26kg_group_sites%3Dsonora_id&adks=1121086860%2C1747492629%2C2967274826%2C2420998165%2C2110841910%2C3072030347%2C2279436282%2C313383374&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1a5317f17e27b81c83c6f70a67e2788aa2df9a96bd14d4a65e5504112b07a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113926
x-xss-protection: 0
google-lineitem-id: 6409879418,-1,-1,6409879418,6409879418,6409879418,5794287006,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138452902949,-1,-1,138452810919,138452811978,138452810949,138389323282,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonora.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 87ms
56ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b781bc4f98ff2cd86562500515f897bad3af128f289abaa6a7193c42cfc779f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12211
x-xss-protection: 0

GET
H2 200 container.html Show response
cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 026B 6 KB
3 KB 60ms
18ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:51:44 GMT
expires: Tue, 05 Nov 2024 16:51:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 39 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20291
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 11733316767131186006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 05 Nov 2024 11:13:33 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:51:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1434 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 09:40:27 GMT
expires: Tue, 05 Nov 2024 09:40:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4E24 829 B
1 KB 46ms
22ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46f5f582eca99c94cfc1547fb4a7be63a4d4f76aef7b7625df4e384ad7b8f259

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ljDLvyfsVjlM4x8W4ZPTqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ljDLvyfsVjlM4x8W4ZPTqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:51:44 GMT
expires: Mon, 06 Nov 2023 16:51:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1434 38 KB
15 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 14:58:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E24 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=1041250621208861&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1434 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OWX9jw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 newid Show response
traid.jixie.io/api/ 52 B
454 B 562ms
178ms XHR
application/json 43.129.34.52
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/api/newid?accountid=So95y1GEi

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

39603b3d2c66e35d1094d100e4135dd9d844c1047c46788a2ad6eab1f7c7fab3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; include Subdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; include Subdomains; preload
content-encoding: gzip
etag: c5000090-7cc4-11ee-943a-afa6fbf50559
vary: Origin, Accept-Encoding
x-frame-options: Deny
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
access-control-allow-credentials: false
x-xss-protection: 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBDD 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPBevGJuXMsF-03NuHE06HuQ_x_dxZT1yubniYQFVgS4b7Qc-aoVRYAsIwbt3Z-tT475tf2SU1F3zEAxmLqWY2_pkw0f_5c9kI-lz3T4HAt9L0GRhwqg8emDj93pe3u5dpRk6WWKI6XTGPmPhYpBlJA0CVuKyIXh_cv9rggMJe_F566zXbv6TkxV7l6bxeYbkbBpayN7xSyGoFWVNu6miMzho3_NdG131IZTmYq7zBoc4PFHX_F26AJb2cRXlGPzpLc_Ar4Wa_inZCcr17pfb30EJfGKcXBsb5G-bSB7Yx20lgyYZs6EMt1djafqhuatc&sai=AMfl-YQjDuBsItZT8n1kv0kXI3su291tKCj4cYUul7kwMtSr1aQ__lJq5f3iY-yehU8ob3OH9PfpMCFTBuRra4RN29yvkN8WsTAz8pUIVvJXJEmll-3sF8E8gwXRyTIQ-cJLjvz4BRBCRrGENrvbjws&sig=Cg0ArKJSzLLJheA3XFmAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame BBDD 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame BBDD 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBDD 189 KB
60 KB 124ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 5445760041972205718
tpc.googlesyndication.com/simgad/ Frame BBDD 125 KB
125 KB 11ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5445760041972205718

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a8c88207f9e61a4dcb960ea1e5139c581516d12fa52347230346f7a827727be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:42:53 GMT
x-content-type-options: nosniff
age: 205732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128326
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 06:44:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 07:42:53 GMT

GET
DATA 200
OK truncated
/ Frame BBDD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3e4d16498e0ca9ac66adab8d9042327d1e7de8a27a12ac419a9b55b31fd605e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACDA 6 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:51:44 GMT
expires: Tue, 05 Nov 2024 16:51:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022310201815000/ Frame B953 196 KB
56 KB 86ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022310201815000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3cd8fb4bf8737d083b573ad20b8330ec26b752a2f8958c727590c9cdd490609

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Nov 2023 00:13:15 GMT
age: 491910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56121
x-xss-protection: 0
server: sffe
etag: "a941105d61877df9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 31 Oct 2024 00:13:15 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022310201815000/v0/ Frame B953 15 KB
5 KB 131ms
99ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022310201815000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 18:28:41 GMT
age: 512584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "56e8153251b9d132"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Oct 2024 18:28:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022310201815000/v0/ Frame B953 95 KB
29 KB 125ms
93ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022310201815000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 18:16:30 GMT
age: 513315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29064
x-xss-protection: 0
server: sffe
etag: "2b86ba6a96452dbe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Oct 2024 18:16:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022310201815000/v0/ Frame B953 5 KB
2 KB 131ms
100ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022310201815000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 18:28:41 GMT
age: 512584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1923
x-xss-protection: 0
server: sffe
etag: "560b2476df5f84c1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Oct 2024 18:28:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022310201815000/v0/ Frame B953 40 KB
13 KB 114ms
82ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022310201815000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 18:23:54 GMT
age: 512871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12957
x-xss-protection: 0
server: sffe
etag: "143af65c0fcbfced"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Oct 2024 18:23:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B953 6 KB
706 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:36:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA89 0
0 86ms
85ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss398_OXUMpttVMJ5j8sZv3LnBvKZ7ZlwBwBK42d6pdhdO0YObOtCRfTvfAwL-Fqwj270lTZM9e4SpDfutk-NMpuvqJRYXsGfQjkCE3OCtZy5kEPt3yg3w2eOHBAW8ZEGMJJ4J5CdrXog6hjV-W9QOVUbpBqT6BBQhx3ShslEYHanvd6WEC1InF3nA-XtVUNdfZOJ-ghfGuM7Oh37wHSnv6-j__Xzrg1N6iVgxG1eL0_WSa0ILF_Hiho0IQslWEYguEdAgxx3uY3hNDQxGEwiJdlo2kUEkIp5UJWcnWc46uc7O2gshDxaGcGSn89yCYfgs&sai=AMfl-YTozCjARGF4JhJ0o0-KYzSSlLAj8p1PHYKmKIORIRaluCKhC4uUJi2BlF5p-7n1_qjZppbpawtTIT6yl_JOYEKI9-SIolKIT8Bryan9bXdCPPGSaJDFqPmbINN5kmxDRICq6jQnCrZNVWvJI0Y&sig=Cg0ArKJSzGPK3gsd3sMZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame FA89 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FA89 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA89 189 KB
59 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 8547907299526169292
tpc.googlesyndication.com/simgad/ Frame FA89 57 KB
57 KB 9ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8547907299526169292

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765fa014efe6f05589a4e00d03786d79ddf81b034955d0f641db2ca760e036ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:13:26 GMT
x-content-type-options: nosniff
age: 189499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57976
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 06:45:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 12:13:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7788 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTnSaeWRK0i0xzWFcumR5BBwtPtMPrQ6Dgk8fmVSuTohEWw2wUJFdvXbphJfz_ahLA6m_LseEpXxQ2T2GLwliJf0B3mAxN8CqvljKAdQQmB5K8qIiuQj5RVecaVE_76suGGJjBTXf4vSD9Xe2S6u7oFHZGIC7y62vGXId9Se_5hBNcNofwfyQnZGwy964op_q4kol8uV-G7ufwS0z2_1yhARnkPFcQM-iBYct31S8hx81y5Uoj8Ut6N7DpsM_XMvUPGWHEg9kSu2_XR0nPAoAFPmKuDb1FJJMh3ne2lVQFmpuaG2JXwAuH-TdFEOk_WnU&sai=AMfl-YQsu45JI-Y3iypH1emzCKENvNrwGpoAycO1ImJdwoPGpWfg965V8WALAuHRezNUeWo2eEYNsatye5UREksZulCBNgK0-ZkfSSpfv-iNxsTPPImYfPMwtCOaXg0QHS9lwGKfgL9qJ55q39am73Q&sig=Cg0ArKJSzHLjgtMfnGtUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 7788 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7788 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7788 189 KB
59 KB 118ms
116ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 8852945341676449811
tpc.googlesyndication.com/simgad/ Frame 7788 57 KB
57 KB 11ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8852945341676449811

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765fa014efe6f05589a4e00d03786d79ddf81b034955d0f641db2ca760e036ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:13:26 GMT
x-content-type-options: nosniff
age: 189499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57976
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 06:45:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 12:13:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17E4 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEgyGnCv_KWH5X5rVpqxyjj26_wFC8CkbE-IxGdHdcePd5dS7OVVSEk8MujzPG5QFBcT6Bu7JVnVhPcl6KoPSJxLW-UczErvttHLfKMvg2Hmfyigmc5siWDSdX-Cnd3tcFUA581PSshFDhLekR4x3msfT-dLVWfLx0VcoWt3ZoSurxSSFAVCGgQ3G4I0DrMg9B_GVRh1Dsfx0-bAj6k6kC7oic4GDs9X9gHpGgZVjBDq06knKxmEhtbrWeoLH4VbqiA9W71zXY49W6LCMMnOwzGfWdOFjuRGNuO-wF4W6PxlNW8X5p_h8XEr9lpDKIKi8&sai=AMfl-YThXH1x0bJPHdEjQD2-9UtjFujTCJibz7QRdi_nItbCycCD9D1mmfdC0-OCvqm9JVmjIMihXxLz3YAT2xYsc3xOKs-qppVzRPqWDui84s8EX0HM33jOLSkvaWps8Zhv8bNwH0Cr1D1IzF8LQp8&sig=Cg0ArKJSzFOleeAAR6YvEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 17E4 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 17E4 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17E4 189 KB
59 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 5831256962456633388
tpc.googlesyndication.com/simgad/ Frame 17E4 78 KB
78 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5831256962456633388

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

097f267480fb95a0be7011ef2b26efbe2b2f662708a538c70becf772d182aaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:42:53 GMT
x-content-type-options: nosniff
age: 205732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79740
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 06:50:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 07:42:53 GMT

GET
H2 200 ptag.js Show response
tag.adbro.me/tags/ Frame 6B2E 33 KB
10 KB 144ms
28ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/tags/ptag.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df16953d31da536276eb6ee4d7fb9ce35adcc69d842b9afd2785894c2fe3f0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 24 Oct 2023 14:38:18 GMT
content-md5: rDaVaoflXjyapKcr2INkLA==
age: 1580
server: cloudflare
cf-polished: origSize=62699
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 821ed7d13cd13610-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 5tazq2wr.js Show response
tag.adbro.me/configs/ Frame 6B2E 2 KB
765 B 145ms
29ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/5tazq2wr.js
Requested by: Host: www.sonora.id
URL: https://www.sonora.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f3cae8985724c4c35cb78a0abc3a3311124f070600db1d361f31b590500a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Sep 2023 06:21:35 GMT
server: cloudflare
age: 820
cf-polished: origSize=2301
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 821ed7d13cd23610-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 6B2E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d80e7adb95690837115b2d0b847caa38ceb1a10f601488e45b017fe83820d97b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0AA0 6 KB
3 KB 52ms
52ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:51:44 GMT
expires: Tue, 05 Nov 2024 16:51:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B953 3 KB
3 KB 56ms
55ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 04:10:57 GMT
x-content-type-options: nosniff
server: cafe
age: 45648
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Tue, 07 Nov 2023 04:10:57 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B953 344 B
368 B 55ms
55ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 14553
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 07 Nov 2023 12:49:12 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/4913915121489950940/ Frame B953 51 KB
51 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4913915121489950940/2076313506083323656

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caea879b73abf5b2888fbafac8f102f97756cffc7e6621abfcc3a778c005931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:40:05 GMT
x-content-type-options: nosniff
age: 526300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51957
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 10:32:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 14:40:05 GMT

GET
DATA 200
OK truncated
/ Frame B953 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4949d2eb60890735e529f72939bfc695f58b3de39221b52b9070f913b295b1a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B953 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ccd330707342cc86829da3c2294481d02d29bce7da9428bdbd4f77ffa9ddd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FA89 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949c58865846cf546ce4493e289ae759fda2f3adc140fe5d532b6ea4525aa2f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7788 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f18878cfe58549585192ad6d4e796d1d1225755f4ec217dc2cd87ea9ec72b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 17E4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e20ea9043d89f8bc2899c0ae8ab78a439ae8d84998a152128d1e835c5a217d48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
273 B 94ms
12ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

b5e8e88324db27839e79e31bc89fb035b70222cd3cf141b8bdc8a5d36896f2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B953 15 KB
16 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 599582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 18:18:43 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B953 15 KB
15 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sonora.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 14:58:03 GMT
x-content-type-options: nosniff
age: 179622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 14:58:03 GMT

GET
H3 200 8a6c58a25e971cfbc194f00dd2aa8ad4.js Show response
www.gstatic.com/mysidia/ Frame ACDA 9 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 14:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 14:31:25 GMT

GET
H3 200 2aad32affd975f654520284c5f3371dc.js Show response
www.gstatic.com/mysidia/ Frame ACDA 41 KB
16 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2aad32affd975f654520284c5f3371dc.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7092331fc692253229091474d0c1b1d3549b0db4a624fa8a3e72135101701102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16371
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 19:42:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 09:25:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame ACDA 2 KB
825 B 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H3 200 436ceb4ab4043756559b2f6a211c1afd.js Show response
www.gstatic.com/mysidia/ Frame ACDA 23 KB
9 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/436ceb4ab4043756559b2f6a211c1afd.js?tag=exit_2019

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5a300e1bffda500ddb65f39dadae505b90cc72bda4e6ca088d686bbc18a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9691
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 19:42:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 23:16:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame ACDA 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame ACDA 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame ACDA 20 KB
8 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACDA 189 KB
59 KB 73ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame ACDA 36 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 0AA0 4 KB
671 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:57:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C11 7 KB
1 KB 28ms
26ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:47:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8C11 2 KB
825 B 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 8C11 23 KB
9 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 03:09:24 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4D8 143 B
383 B 47ms
9ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8C11 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 12:36:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8C11 20 KB
8 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:20:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C11 189 KB
59 KB 89ms
80ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 8C11 36 KB
15 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 06:26:06 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 0AA0 21 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8796
x-xss-protection: 0
server: cafe
etag: 1225823381704108053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 19:56:31 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AA0 205 B
229 B 24ms
19ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 92123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Nov 2024 15:16:22 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AA0 604 B
628 B 24ms
20ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 275598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBDD 0
0 63ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOhFLsq2OxCH38SxyiiNddK012N4xsG4-2tVqb-HRFYDDm6DRbFMcRfsyXOHauL4POxvev7S3iCZBwQSjh5gtvEtWFyO4RJV5hFRfK6PkYAQmP-zOmudY6qihhnWCLccLFbhEHBb2WkLFiKxmD5Vj9IAHAOonkYwN96iajmwjebPDTQnmBhNeWaRGsuLvy6qABlff6SkrZJjOnvu92CHVxg8Q-Ce68mBWYl8IkwXSrRbmPUW1sv_qW8yM3N-RmkYmF3jvOCAb4XDRHozj-tNo1osDjBg5Zg1iMGyANGIOkaTm1I8FnJusaBE7bWpH6WPFS9A&sai=AMfl-YSvTgscSdkd96gqF59c28vzev0CfobpGMUgpl_s7ZIKcCeaMaNwoOMr8DWy52ZoUBaSUuHV_l8beG8PRE-_JgQGm5SIPoj0fntxhBn-PMyW30v-tePtZfIBrFDloqcCF0Vba_9XGsK37gdGZnE&sig=Cg0ArKJSzPzO1OmUkbpwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA89 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVRaGANJsUUfPQ9tV2oQuNJjDw575OAKYoUvBi8vOZgxVlfl0dVG3Ivv1mYBx4dIY5s9UW32pexqpkZk3wP0gXltWHAHOMEMZJ1WwikuXfsHnZuCIWVHMYRFzpKkuPHwuZG6ZdeWgIBXOpU7h8SzLsWfzTaWqd-rlyn1Q_mxSgADAh3Q4P6pivcIE6Vr1ro8XWJYDybWzqxu30CYzzFZztLP-Oq7jTO7PuXhLz6Y2AjoUWAGGVvWHv2scX2q2Cdu4GUy2RLU778f55GfMYbosNnHoZ1QUHU0lyuC0XxkLV-v0IbFgjIMDxZL7oQUKURwWjvg&sai=AMfl-YQ_BlGMcBqSy_E288nm7iPUY71EqH4oUTM4By-jXMm1JDjv-ZR65YPliIyN_cgC2RRQdcrJKQiZcA9g03zJt5ZsnBimgdB3pTOmTalUw72YgOeJsx5v7lyXFj_jWro7bMThYyoqoACtTIGDkko&sig=Cg0ArKJSzMoHG95wuStWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/ Frame 6EC3 8 KB
3 KB 12ms
10ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2aad32affd975f654520284c5f3371dc.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64b2c3b7abee66c4ac1a8214db14125492989dfa09a90d785237f95d77001a63

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 471247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3205
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 05:57:38 GMT
expires: Thu, 31 Oct 2024 05:57:38 GMT
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7788 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjzz2d981NFbdZo_opLBxudCkxztpIlQkGtuqLAYKGreO-l-Sqfs9YNL3nPoacTb29RxQiSEfITvqYwSb46voG6aLh2u-SiralGuyn0dj3weEKebXohlQJwr3p_hIyQ5XILb8Y6wUg86j5cshnOEAunw0fA4I55fHtdHz0xirYSt-4TFKMxnFb7xHOVvGYhRvN0YILhpWkBWiI-zXH-xCwo9iwN1AmClk2D5YE2TJAnKqu49XoSynPgJSZfvnLEIuVUTW0hYkTJDt6ZChVCU9kRoeTt12RNmEMU3UYgbFmrMWPzJgslzQtxPuVt5Vb_s_7pg&sai=AMfl-YSnl1QbvSY8pRMVZ6GbIUGbzPYGXkoqKom66AWlFFdx7kl1pRuexvQZ8501UGsyPlz1Hg4m7S6JFtQ8XDa8j12iTZBWVV60BUHd5LVqqTqtnWy4kog854S--7zbHuDs8tGs87w5fhp2uh68wH0&sig=Cg0ArKJSzFjPkWBSctfaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17E4 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXJtrt35chfAhn-Q0ujNCJz6MTmEAye1hRaQasSN_TEphEFwQBs0Q4ROeVWbLYfZQL0ZdsYBV_qpcGOfIC7DNRi8Rr1aDSPioDMx-3BArky55QQgBxv2KeCw8kcgyadIlfbIbJXiIC6MU6p7iCSz4FnXXF0BdWpLWtf0Coe6dTFxdGe17jd1zzCni51geb6G6TraNSXDfXWNll0dqNu7MRIoZK2gE1SNRqUM4MN1xAi1LMfBJjCIL1GGYT0aYYzc8sNReVsNbQwuruVt3zH49YzuTqijV378v6Zt6Qw51CHYEoXB8TENZ6RGuFlSHZXBckWA&sai=AMfl-YQrUCmfzDVtRlDZ_HQuOJQz79MKvA9ENS_t_rbPjcl1K7FjFEnE5YLVy1wwgC5xPHPEqohQFWO2s-aPpOLEVECvgpR_Vdtzn9QgVQ4pbp9tAnc-Vs__5VQBQ-SslVuF10_7DdDHDLkP5N2L0cQ&sig=Cg0ArKJSzOY__htc99jtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
DATA 200
OK truncated
/ Frame ACDA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f265cada4106c5502f0ca98671a23690d87c37d7c08915cdb5db0a870625a55c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B953 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 04:10:57 GMT
x-content-type-options: nosniff
server: cafe
age: 45648
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Tue, 07 Nov 2023 04:10:57 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B953 344 B
368 B 8ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 14553
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 07 Nov 2023 12:49:12 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6EC3 6 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 08:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Nov 2023 08:19:57 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6EC3 34 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Nov 2023 13:31:21 GMT

GET
H3 200 key-x2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 89 KB
89 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/key-x2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2cfb2884940239d4ca4430eeaf685a24b944c955f9385aec8d88e9818966962

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90624
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H3 200 searchbar-x2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/searchbar-x2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b564389f3a3d3678dfa0feaaa909e0990e5620d13572e7432f301f8de6fc5b05

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2517
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H3 200 push-1-x2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 889 B
924 B 8ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/push-1-x2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd81a9bcc9f62309b2ebab5b61796e32c8b3520d9d623ff8ac2b48d0b14840

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 889
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H3 200 push-2-x2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 1 KB
1 KB 11ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/push-2-x2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33674b4b447e2ea19f0d70ad9392b9223432ad77460b09efa3e8423933d1c915

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H3 200 cta-x2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 5 KB
5 KB 13ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/cta-x2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b6530a962e9f451d6da5745cc8fdd6e781d009c75a2e269ff6aec38c6a36ceb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4731
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H3 200 legal-x2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/legal-x2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf1e386e924d2efc06becda04be0174ee75e5c215eba2215324b91830dc8c208

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2230
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H3 200 logo-x2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/ Frame 6EC3 1 KB
1 KB 11ms
11ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/images/logo-x2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db8ede7fb4cd3c74e710536e496fb72a02a2309c732374dc059669d2c2dce1e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Nov 2023 05:57:39 GMT
x-content-type-options: nosniff
age: 471246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:39 GMT

GET
H2 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6EC3 69 KB
27 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Nov 2023 16:51:45 GMT

GET
H3 200 creative-5.2.0.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/scripts/ Frame 6EC3 2 KB
1 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/scripts/creative-5.2.0.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc0a0136110c52f912bde802f18e2646b808b7b4ae53705dcf848a879245cc1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15891622881513008396/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 05:57:38 GMT
age: 471247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1220
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 15:22:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Oct 2024 05:57:38 GMT

OPTIONS
H2 200 rid
match.adsrvr.org/track/ Frame 0
0 106ms
33ms Preflight 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sonora.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin: https://www.sonora.id
content-length: 26
date: Mon, 06 Nov 2023 16:51:45 GMT
server: Kestrel
vary: Origin

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
421 B 100ms
35ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: ed2e8aa3a6b4844c94cdda60c704daeacf5649cf1ac0f43fd2520a12b09d6fff

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Wed, 06 Dec 2023 16:51:45 GMT

POST
H2 200 upkiejson Show response
accounts.tokopedia.com/ 127 B
2 KB 529ms
435ms XHR
application/json 23.50.131.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.tokopedia.com/upkiejson
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a94ec9812941289a8e9d6078fc64babf21d5f4b779d6f6a61a9946dbb87a73df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:46 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tkp-srv-id: accountsapp-10-41-73-210
x-tkpd-origin-match: origin-accounts.tokopedia.com
content-length: 127

POST
H2 200 v2 Show response
id5-sync.com/gm/ 251 B
530 B 38ms
10ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e4eef507aecaefef7657410df82e442ad2b28afcc84c9c132513fe5458dc3f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 / Show response
apis.adbro.me/api/v2/advertising/slot/cf7eb618-a740-4c35-b2fa-1b812c5a560d/advertisement/ Frame 6B2E 13 B
503 B 215ms
198ms XHR
application/json 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.adbro.me/api/v2/advertising/slot/cf7eb618-a740-4c35-b2fa-1b812c5a560d/advertisement/?pageUrl=https%3A%2F%2Fwww.sonora.id%2F&pageTitle=Profil%2C%20Biodata%2C%20dan%20Umur%20Pemain%20Drama%20China%20Romance%20on%20the%20Farm&imageUrl=https%3A%2F%2Fimgx.sonora.id%2Fcrop%2F0x0%3A0x0%2F395x274%2Fphoto%2F2023%2F11%2F04%2Fsinopsis-romance-on-the-farmjpg-20231104113837.jpg&imageSize=700x485&r=wqosn
Requested by: Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-adbro-uid: 44c04dbc-b837-49de-9873-0445c2a08b44
date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model
server: cloudflare
x-adbro-page: 4473523074658921484
x-adbro-ip: KgEEoABaAAAAAAAAAAAAEA==
content-type: application/json
access-control-allow-origin: https://www.sonora.id
access-control-expose-headers: X-ADBRO-uid,X-ADBRO-ip,X-ADBRO-page,X-ADBRO-assessor,X-ADBRO-preview
access-control-allow-credentials: true
cf-ray: 821ed7d2ff4c3610-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sinopsis-romance-on-the-farmjpg-20231104113837.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/04/ 23 KB
24 KB 16ms
11ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/04/sinopsis-romance-on-the-farmjpg-20231104113837.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 80a3285b6007febe9b4427b610014ac8504cd0551f75afd28677f8f2abfd8518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 15:46:45 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 176700
etag: "6b2f55fa3650ab487b4388f4e85b945cd01a8481"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 23736
x-amz-cf-id: Ff1JfP4BbsQ_Hu_ND5NpcMPEDQZtpVIn8TbFlGOGexVMxqZL0Ew51w==
expires: Sun, 03 Nov 2024 15:46:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=1041250621208861&bg=!ycqlyoXNAAb4oU7C2KE7ADQBe5WfOKgYWqU-4ZdtsEXdIUeIdnrrZVg-g4to1BY4uCULqkhW45VmwoTfkXrcwdjaqTCFAgAAAE5SAAAACWgBB5kC3wr--TJBtbadmB66nfSWUJG-bXtkDyRus4HKwz-icGjftRg2WdiSqa-Ph6skkJlyZ33aTaTOg3hqIQF_vZGtVGHfd2LBqtT71uhtSMs9pAVbJHLtMBg-LMO9fMO5KuVI5kmRrxsfir-fjXnVYmYe32e9XnMsPu2f8Vf3968-3xVHoNob3PjmAQ8z4VOkw3mTh1R_IIc7peGwgHfU12xqFE8M0-_o_JtZddriLxOnvMJfQ8D5eg-3ZOFULzFBRyQOS-vYAUk0G-EgpF4AhKuZkgThq0SZl7ipXLp9AgRl1hayiF63VkGC3XIW7Tb2LZJyuYAn1cUvK2Pv3O2JE2Kac1JNHzrbV6k168cpcOwTYSx0IuW7go2m53nRNhlpsVJ6vXY7E0XPkbY8J7s5PXS65XWOF1xh_MpzPSl2mZ1AjHYZbzTSgR8xAKXOhJRB2SHwkf0VlOY8canv07h1y1msWajtiLwip3HlwIS7zWpYKzZYwGn6RG0C0IVrAel0M9Bl394K_9szZr_2E0ibzIBS0iLsNpf5XoPu4u1bc-V_0sHCq1LAMNZm2VBj0n8U61zeDSWOlgCpMg74EyM1U8XnP5hiMCzfCGNBeCb01celXZMwA_jaMSnipBXJQoFTw2GcfuqT80dGj-XIeA0G4uKno9o9iEtWYvv1Cn2eQbViL3S90vvHL8ivdbJQqAsD-WypINqruVYWRbsqZ9epo4Ti_v9kn3sQHYxuAkIR82at4dq-iBqo0Z5a9HOiG4p_54z7BRDZtgXhR_TmE-BDgvA5GhZR83OOG43fOzhjYiBpAe9eYGaMbMnNmMKlh5aKVyoeT6XnCGVMNdwjVE2j6jO5BTszJTdDC8IwGpNhtsKwX03ja1wNQ86aMUhqPUn3HoQquiT1-5thZf6-wQreYssGGd0nM_cOOoNK6X3VVyfKn5doWHHpNeXSPCXlvp66XQG6doEuxyrX1-bvTW-WCYVM-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

22ms
21ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:51:45 GMT
expires: Mon, 06 Nov 2023 16:51:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:51:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 event-tracker Show response
tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/ 922 B
1 KB 265ms
265ms Fetch
application/json 54.251.181.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/event-tracker

Requested by

Host: kgdata-cdn.s3.ap-southeast-1.amazonaws.com
URL: https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/sonora/oval_web_analytics_latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.251.181.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-181-187.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

98b4a154fd03a725de31cfaa74c31f30ac91c8511e11f3d4eafdf19cc48e1083

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 922
vary: Origin
content-type: application/json; charset=UTF-8

OPTIONS
H2 204 event-tracker
tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/ Frame 0
0 250ms
249ms Preflight 54.251.181.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/event-tracker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.251.181.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-181-187.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sonora.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.sonora.id
allow: OPTIONS, POST
date: Mon, 06 Nov 2023 16:51:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

200

B30016034.377544236;dc_pre=CJjJ-drqr4IDFXGW_QcdCccNeg;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame B953
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30016034.377544236;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30016034.377544236;dc_pre=CJjJ-drqr4IDFXGW_QcdCccNeg;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rd...

42 B
246 B

32ms
30ms

Image
image/gif

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30016034.377544236;dc_pre=CJjJ-drqr4IDFXGW_QcdCccNeg;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Protocol

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30016034.377544236;dc_pre=CJjJ-drqr4IDFXGW_QcdCccNeg;dc_trk_aid=568683298;dc_trk_cid=193145451;ord=1178730345;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B953 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ8TXoBlJZbT0L5GSjuwPuN2K0AzmpZeqc5va7IX4EdnZHhABIMrW4x9glaqUgqAHoAHwxtW1KMgBCeACAKgDAcgDCqoEoQJP0JmPUYe9dlKMCsr388M1WnNn7ja8TzQHj2c7ln23t6ZtpquFmlo710cQ6HwGq29DdGZJ7fyn3_fGQwFRutcZczDirgCG4tZtK3GEhkeQyzU7EH9BwFcWRpxgf1Jtnp06MDJBeDG3VTvcytsW5cra0_y9StbPKL3OH169_Tl0-AovKsHA4V0GHEcp-TYkgQlB5qrf-74ELfcYi8V69UlazT0E5r4J7BHQUEL6LFzzK3yWNOrusZ-qziWUcVQRfIHltPEtrDLXPqQVwbaNwNcZ59rc84v9Mjw8Z37VUvwwL2jVx7QRCjxkHZD9TolHjbJNPhW0U2P60-v72ZaX35n_hKcUfSBuB_RZf88gMQrQfdlPd5t20T9Q1r5BkOBEaqEpwATd8_-aqATgBAGIBeGggK9LkgUECAQYAZIFBAgFGASgBi6AB_WdkbMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-KIP0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJrQJodHRwczovL3d3dy55b3V0dWJlLmNvbS9hdHRyaWJ1dGlvbl9saW5rP3V0bV9jYW1wYWlnbj0xNjAzNTkwJnl0X3Byb2R1Y3Q9eXRzJnl0X2dvYWw9YWNxJnV0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09aW1ncyZ1dG1fY29udGVudD1sdWN5bGFjaHQmeXRfY2FtcGFpZ25faWQ9b2N0b2JlcjIzZGVhMTgyNGRlc2t0b3AmYz0xNjAzNTkwLXl0cy1hY3EtcG0tZ2RuLWltZ3Mtb2N0b2JlcjIzZGUtbHVjeWxhY2h0LWExODI0LWRlc2t0b3AmdT1odHRwcyUzQSUyRiUyRnd3dy55b3V0dWJlLmNvbSUyRnNob3J0cyUyRldkSzRTR3Y3d2VjgAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCNz9strqr4IDFRGJgwcduK4CyrgT5APYEwqIFAHQFQGAFwGyFx4KHAgAEhRwdWItOTAxMjQ2ODQ2OTc3MTk3MxjRwxE&sigh=G33Yrgv9-hY&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNIsltXTg3iejyUe8QTXBi09k2JnD6TiGmXm_IUz0iBKzJT54KelcNxyS924nRXjEwIewunf-MdFDpFi4BOrzvjwEytB45bhgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame B77E 50 KB
19 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Host: www.sonora.id
URL: https://www.sonora.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 422575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:28:50 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 44ms
43ms Preflight
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVkUmoBlJZbP0L5GSjuwPuN2K0AyEnsWGdNeso_OaEtnZHhABIMrW4x9glaqUgqAHoAGgz6S2AsgBCakCIqxay4EIsj7gAgCoAwHIA0iqBKUCT9DXawfVW2zoroVTj1u6TDFEvGiAIFmW_FMu4S_-_TUaa0BZOY4z48IE4Juj76yz_-i2_yjUWBPVSFRauKae7XQClYEmmTPwBtpY7M3wF0WDwH3QwaJOUAokqBVXEqmJ5KOG3Mul2bwAxmTq4IFtvqBXOyZINoYYQEAvsANOQVoYXqi1DSVPQTEmq9k71LxOSh3ljtxoepUUiLhi8gi8uZxGEPrYYwk19hnzdZcJHKxGXHsLapEc02f3CV5zij2Y5Xgq2IF9BDwwQ0buAi_Kji9LpeJZpE2GD4DD8_OtIWQj-gEn_YN-J8V4h4T7fzhjND0fbJf_0nQjGmat6XoJ6FSRfcqzdrQbOFv9VozTZsqrFuZLRPz519gdQ85pE5QjEO06vCvABPuRrb7WBOAEAYgFxKe-j02SBQQIBBgBkgUECAUYBKAGLoAHyLDbyQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCtjwrSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgnhAmh0dHBzOi8vd3d3LmJhaG4uZGUvYW5nZWJvdC9zcGFycHJlaXMtZmxleHByZWlzL3N1cGVyLXNwYXJwcmVpcz9kYmthbmFsXzAwMT1MMDFfUzAxX0QwMDFfS1NFMDAwMV9HMTYwNTdfMTEyM19GVl9TQUxFX1NQQVJfU3VwZXJTcGFycHJlaXMtSGVyYnN0LTIwMjNfR0ROMV9TU1AtUTQtMjAyMy0wMS0xMS0wOC0xMS0yMDIzLUhUTUw1LUJhbm5lci1MZWJlbnNlcmVpZ25pc3NlLTMwMC02MDBfTFowMSZleHRQcm92SWQ9NSZleHRQdT0xNDA1OC1nYXcmZXh0TGk9MjA3MDIwMDgyNjAmZXh0Q3I9MTYwNjU1MTY1NjkxLTY3OTIwNTA5MzQ3MyZleHRTaT13d3cuc29ub3JhLmlkJmV4dFRnPSZrZXl3b3JkPSZleHRBUD0mZXh0TVQ9gAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCNv9strqr4IDFRGJgwcduK4CytgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDEyNDY4NDY5NzcxOTczGNHDEQ&sigh=iUEGySvID2M&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNIsltXTg3iejyUe8QTXBi09k2JnD6TiGmXm_IUz0iBKzJT54KelcNxyS924nRXjEwIewunf-MdFDpFi4BOrzvjwEytB45bhgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:51:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame ACDA
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVkUmoBlJZbP0L5GSjuwPuN2K0AyEnsWGdNeso_OaEtnZHhABIMrW4x9glaqUgqAHoAGgz6S2AsgBCakCIqxay4EIsj7gAgCoAwHIA0iqBKUCT9DXawfVW2zoroVTj1u6TDFEvGiAIFmW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217063866942253465403%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%2225...

0
0

64ms
45ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217063866942253465403%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650717088%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227215626956523757649%22}&andc=true

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17063866942253465403","debug_reporting":true,"destination":"https://bahn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650717088"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"7215626956523757649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Nov 2023 16:51:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 16:51:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17063866942253465403","debug_reporting":true,"destination":"https://bahn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650717088"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"7215626956523757649"}&andc=true
access-control-allow-origin: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
at.bahn.de/ Frame ACDA 43 B
1 KB 90ms
21ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=20702008260&cb=1846762611&cbvp=2

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 06 Nov 2023 16:51:45 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 06 Nov 2023 04:51:45 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EC3 50 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 422575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6B2E 211 KB
76 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J8TZJ65FPH

Requested by

Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9b13fa21a1419e6c3b7cb99e74cab04e14213f44a02297f3f5745f68eca9bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 16:51:45 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 81ms
44ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:51:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response
pagead2.googlesyndication.com/bg/ Frame 47B0 50 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js

Requested by

Host: cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
URL: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 422576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19628
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:28:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 6B2E 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J8TZJ65FPH&gtm=45je3b11v9101663957&_p=1699289505954&_gaz=1&gcd=11l1l1l1l1&cid=1436982439.1699289503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2F4473523074658921484&sid=1699289506&sct=1&seg=0&dr=https%3A%2F%2Fwww.sonora.id%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1&ep.ip=KgEEoABaAAAAAAAAAAAAEA%3D%3D&tfd=677
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8TZJ65FPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ Frame 6B2E 0
17 B 24ms
23ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8TZJ65FPH&cid=1436982439.1699289503&gtm=45je3b11v9101663957&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8TZJ65FPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 6B2E 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J8TZJ65FPH&cid=1436982439.1699289503&gtm=45je3b11v9101663957&aip=1&z=1804736384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync Show response
traid.jixie.io/api/ 52 B
562 B 315ms
315ms XHR
application/json 43.129.34.52
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/api/usersync?info=interests-short,intends-short,cohort,encio&idlist=c5000090-7cc4-11ee-943a-afa6fbf50559:jx&sid=1699289000-c5000090-7cc4-11ee-943a-afa6fbf50559~1699289505&accountid=So95y1GEi

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

a722f805651528878bc9431a6940cf5c80ee23b433f28d39026222d55172b5b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; include Subdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:46 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; include Subdomains; preload
content-encoding: gzip
etag: W/"34-Y86mwDm45w1srCb4EyNrvDrYWRo"
vary: Origin, Accept-Encoding
x-frame-options: Deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonora.id
access-control-allow-credentials: true
x-xss-protection: 1

GET
H2 404 2498af26-5262-4b6a-a9d2-694dd833f310 Show response
tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/user-segments/ 122 B
328 B 254ms
254ms Fetch
application/json 54.251.181.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/user-segments/2498af26-5262-4b6a-a9d2-694dd833f310

Requested by

Host: kgdata-cdn.s3.ap-southeast-1.amazonaws.com
URL: https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/sonora/oval_web_analytics_latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.251.181.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-181-187.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

8031d6b7eba9c47ac1879c70c09f5f6cb5886016b29dac3460aa8fa8621db810

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 122
vary: Origin
content-type: application/json; charset=UTF-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBDD 42 B
174 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiblqXXitcsR8KAUeZ69TlYptDxIDIccSr45chRtGRlDvM-XPWyJniS-xZw-R6hOSJNVnieO7EHkDQZy9kqmHD7bgTfJtQBVaLanMBl28p0j-IxKgOkgQRU6IUFfRPSC4d5TOIM7pSWA&sig=Cg0ArKJSzKEopFb8IIszEAE&id=lidar2&mcvt=1002&p=282,315,532,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1121086860&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699289505282&rpt=215&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 prod
traid.jixie.io/sync/ Frame 0
0 174ms
174ms Preflight 43.129.34.52
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://traid.jixie.io/sync/prod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sonora.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.sonora.id
date: Mon, 06 Nov 2023 16:51:46 GMT
vary: Origin, Access-Control-Request-Headers

POST
H2 200 prod Show response
traid.jixie.io/sync/ 155 B
516 B 258ms
258ms XHR
application/json 43.129.34.52
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/sync/prod

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

3a4a237a8fb6635d83e7d406d69e4f100f222ae8c2c0b74f679139e6499c56be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; include Subdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

Referer: https://www.sonora.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Nov 2023 16:51:46 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; include Subdomains; preload
content-encoding: gzip
etag: c437ce90-7cc4-11ee-9234-779462dd5bf1
vary: Origin, Accept-Encoding
x-frame-options: Deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonora.id
cache-control: private
access-control-allow-credentials: true
x-xss-protection: 1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FA89 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-PfGo2vgkHYH5EdOx-aVswqBFJYqp-w3BzAJQqzx5oGZtgRxt0rZ0pLNgvDC3Me3qCct4Zi_QgiksOvFz903mC4xX0MfP5WOIy9y6Mc0nk9417mf-q05EnxCboMWFC8nDEGMfxrDTdg&sig=Cg0ArKJSzLgDoSLRUpoSEAE&id=lidar2&mcvt=1004&p=221,120,821,240&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2420998165&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699289505329&rpt=222&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACDA 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8ANtXFH4Dr847VEgy7Q_y67ZZwkiPvexhnZ2TVKxYju30-maq56fWXDZW2oXKtgWvNtJr8HQ29MWFBK_usHoSl3yJ1vZmb-RO3kjVk6ylGMcVmtoKw40btt2YzoxuXTanLFnPjNzJsjeC&sai=AMfl-YR1bzpRgY-SlLgUijZD1xZ9k_oPXDq-pZy2MNvRX8OwrYkrQ0Q5jw42YeHxjZKGBVE6xU-YjftoKKFX-Dz2_3soaeDJbyUm-k37WxAzGP7tGo6iOffIkoTPcSjv-8Grlw0el_CnddSKMvKg&sig=Cg0ArKJSzE7oyw2B_l_PEAE&cid=CAQSSwDICaaNIsltXTg3iejyUe8QTXBi09k2JnD6TiGmXm_IUz0iBKzJT54KelcNxyS924nRXjEwIewunf-MdFDpFi4BOrzvjwEytB45bhgB&id=lidar2&mcvt=1004&p=589,1020,1189,1320&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1747492629&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699289505314&rpt=387&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17E4 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMGUiOaUrGr9MrTS7urQMZMU__k9pfrjB4ZpIBODo-IwoxUvEARIt8F2geaRt9JjKnjiCkOL3cpq2x-o2nu4gAd9s3OPIQkSxPsO_7-Gkn1N7QOdSzoz1h0uJ0-j8KyIpk0hO0bQdPMw&sig=Cg0ArKJSzMTkdZzyOkSFEAE&id=lidar2&mcvt=1006&p=1110,315,1200,1285&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3072030347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699289505342&rpt=331&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7788 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB0jmmcuykjiXXJ7L4vGdKp-hFpnPTWZSjxNFhFAx0r7V1MCKr_nlixSaAHuT5DBttudOm9Dj33pnDNjZBV0Q6pUkHT10Y1vq0yPAhOiwloEwtD3WI-qy6by_ErrR85salr4X589s4-w&sig=Cg0ArKJSzN717Q4GyEfWEAE&id=lidar2&mcvt=1008&p=221,1360,821,1480&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2110841910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699289505335&rpt=322&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 befunky_2023-10-1_11-47-39jpg-20231106114748.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/ 16 KB
17 KB 12ms
11ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/befunky_2023-10-1_11-47-39jpg-20231106114748.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 41d8bc23562f3cda043d894bb5c043bd50290a2e4f53f87c0b9e4e858aa24cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:59 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37368
etag: "b9f71c1cdf117f62f8368338a4ffb8a2902b65d9"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 16848
x-amz-cf-id: tqsJHFrCfBwho2HuUG-_PrUXxEB99pTgxkqmuhP7B5I6K8-OEB_Ayg==
expires: Tue, 05 Nov 2024 06:28:59 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame B1D0 37 B
140 B 51ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 06 Nov 2023 16:51:47 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9AAF 3 KB
2 KB 51ms
19ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 821ed7df19d0bbd1-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:51:47 GMT
expires: Mon, 06 Nov 2023 20:51:47 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
kompascybermedia-d.openx.net/w/1.0/ Frame FF6A 0
176 B 74ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://kompascybermedia-d.openx.net/w/1.0/pd
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 06 Nov 2023 16:51:47 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame EFE8 281 B
555 B 45ms
9ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adsimg.kompas.com
URL: https://adsimg.kompas.com/html5/prebid/sonora/prebid8.18.0-121023.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.sonora.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Nov 2023 16:51:47 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 9.gif
id5-sync.com/s/441/ 43 B
920 B 9ms
8ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 06 Nov 2023 16:51:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EFE8 46 KB
13 KB 13ms
10ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 16:51:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Nov 2023 13:55:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75820
Connection: keep-alive
Content-Length: 13280
Expires: Tue, 07 Nov 2023 13:55:27 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 88C1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
839 B

34ms
33ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff245e79b2ad34f78d82398ba24e0119d26371ebc7cd2f9b19d7339b2880519

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 821ed7df89211e52-FRA
content-encoding: br
content-type: text/html
date: Mon, 06 Nov 2023 16:51:47 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9Fu2DPijQxJ%2BDpxQ2TrFDHpRLcxhVxs2aPRPt0%2FdzV8QkfI4WtYVoaNYDaeAt6fxsYUuHzfgWomXG9nHfqhm4XOJ9Djyra0l9wirIv9c1Gyz7vqsvW9RqWWwRjv2D0NbXu08s0m%2Bq%2Fbcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 821ed7df58e91e52-FRA
content-length: 0
date: Mon, 06 Nov 2023 16:51:47 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kxx426VciKFJmg4kouGZlQNoQXSxjJ6gp68a9xj1ZWce8aAhuLZC0Jt83WW14YRTpJzfPbcKbviBCf%2B%2BQ1h7YbJp1fzXw8l8BJEOS8UrWoAS9tUgroF8xKs2HeFbuEVSl2ioc%2FIZg0NK3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame EFE8 7 B
380 B 50ms
11ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 88C1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUkZo43l0MZSY1J-CPGZRgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHr9RkDXY48WSPATxfMR7Y0&google_cver=1

43 B
732 B

32ms
32ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHr9RkDXY48WSPATxfMR7Y0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p7XHtlGXQczbhn9MQ%2BZvgURiHAB8UCVmz0CiSwN0U6adCM9wLgd3Csvx%2Bn8WtJzadNkiGj63egBBkDA7U9HSVDrjFgiOI7yHIw8WdHhi7Hft5TsNK9AxjasZgCh5d1h6KpOcDNUynXVBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 821ed7e02a1b1d94-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHr9RkDXY48WSPATxfMR7Y0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 88C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsfgQbsxbH7tfOf1TrhbY0&google_cver=1

43 B
768 B

36ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsfgQbsxbH7tfOf1TrhbY0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eimN8W75yUPgsJtGw4pGava2LHNd9EODkk0xXxM5HUxYbTnQwfoh4fkJyj1Ar2LMdQChdq%2B5y282HB7FawBmx7npAdRbaHMS8IETF%2F89OB4Giz9ni38AS51EPZ1%2FQRoE9o61lkS3kywpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 821ed7e01a0a1d94-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsfgQbsxbH7tfOf1TrhbY0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 88C1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

130ms
130ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 16:51:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6NDRC4V77BE7ZMZY96NQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 16:51:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GV53Y5G17B5ENSA0T578
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 88C1 70 B
148 B 37ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 88C1 43 B
655 B 90ms
16ms Image
image/gif 2607:ae80:4::25
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 16:51:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1699289507841047-584

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 88C1 0
0 50ms
23ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2

200

crum
dsum.casalemedia.com/ Frame 88C1
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4810447182658392797

43 B
333 B

44ms
33ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4810447182658392797
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cyUd3IlQp5gyJmrCbDC4gC5Y9Zam7FgAQ342S0OaNOyo%2FGWmGXJRqcWIH%2FC%2FhIv8PJWmxpTHFqK9or69HSxynFVr6hVc0D%2FA7pmTgVIz0x801aH%2FTODw4Z6j%2BZyMwJCF4UGLtON"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 821ed7e05a531e52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
an-x-request-uuid: 769d102f-8361-4436-b6ae-e5a995ff8b17
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4810447182658392797
x-proxy-origin: 80.255.10.196; 80.255.10.196; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 88C1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4227092469573558393&expiration=1700499107

43 B
740 B

30ms
30ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4227092469573558393&expiration=1700499107
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCGcqLETEMjlIXbXeEXRWfih6z5uqwoA%2BgxY84a3h%2BOg4EE8w8HNcQAk3wACs7vnUU%2F0kzEWjni3svFsRUnsv%2F8OAve%2BSc%2BpcSJeEIw9RMzvx6ThGo2hcTBMwGDtNTU%2FjES6ZJny885uKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 821ed7e07a9b1d94-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4227092469573558393&expiration=1700499107
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 88C1 43 B
229 B 20ms
15ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZUkZo43l0MZSY1J-CPGZRgAA%265143
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonora.id%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:51:47 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 50238
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821ed7dfdac1bbd1-FRA
content-length: 43
expires: Tue, 07 Nov 2023 16:51:47 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FD3BG3FW9T&gtm=45je3b11v874954070z8812598146&_p=1699289502983&gcd=11l1l1l1l1&cid=1436982439.1699289503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699289503&sct=1&seg=0&dl=https%3A%2F%2Fwww.sonora.id%2F&dt=Sonora.id&en=pageview&_et=3&tfd=5631
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FD3BG3FW9T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:51:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sonora.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tumblr_1460a5f7b142e4e06dbf8e7bf-20231106103638.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/ 23 KB
23 KB 13ms
13ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/11/06/tumblr_1460a5f7b142e4e06dbf8e7bf-20231106103638.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7238af0cd91f8d8a4bb3a152085a575d1823e71b7c7bd9eac22bfff0a9141349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:56 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37375
etag: "cbb1be587a87833384f79a929aea741b11a1d3dd"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 23565
x-amz-cf-id: 6pbVvAAQlsh_9mGogHFB2GykyVVnaz6yBxGJsHVtwL2vNMJnOLYaTQ==
expires: Tue, 05 Nov 2024 06:28:56 GMT

GET
H2 200 21560073_6479339jpg-20230621043918.jpg
imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/06/21/ 21 KB
21 KB 12ms
11ms Image
image/jpeg 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgx.sonora.id/crop/0x0:0x0/395x274/photo/2023/06/21/21560073_6479339jpg-20230621043918.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6b279888887a96cb76553ae053cf82e65f74ce91ea29e15d14cd6b9fb159aacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sonora.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:28:59 GMT
via: 1.1 d390587b2b73705e1ef5dfc214323e28.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P3
age: 37376
etag: "3e44cffdd8fa2bc07b5a9a286f47ea39a0753f85"
x-cache-status: MISS
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 21530
x-amz-cf-id: RIuUbVIQmZoEq0VHWYGelbjSoLA0rJsqkPgWCgwxQdUsQD4DHhM5-Q==
expires: Tue, 05 Nov 2024 06:28:59 GMT

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sonora.id/	1970-01-20 20:20:41	Name: g_state Value: {}
.mgid.com/	1970-01-20 16:01:31	Name: __cf_bm Value: 3R3IziHLbRwku8r53Oe3Ky83d3Vhj9FK7VG5OWW_FW4-1699289503-0-AcJ6RcnONPA+cqkvAZFP9YNN4p/PgvTgxgyLU2UfDtmcAE8vWnHtqtmntYIjLbu86ffvvJLRlBF4bq2wFLtGpaw=
.sonora.id/	1970-01-21 01:37:29	Name: _ga_XH5C7P2HT9 Value: GS1.1.1699289503.1.0.1699289503.60.0.0
.sonora.id/	1970-01-21 01:37:29	Name: _ga_FD3BG3FW9T Value: GS1.1.1699289503.1.0.1699289503.60.0.0
.sonora.id/	1970-01-20 16:02:55	Name: _gid Value: GA1.2.1305184677.1699289504
.sonora.id/	1970-01-20 16:01:29	Name: _dc_gtm_UA-93462315-13 Value: 1
.sonora.id/	1970-01-20 16:01:33	Name: AMP_TOKEN Value: %24NOT_FOUND
.gumgum.com/	1970-01-21 00:47:05	Name: cs Value: true
.rubiconproject.com/	1970-01-21 00:47:05	Name: khaos Value: LON53GRG-N-1WWT
.rubiconproject.com/	1970-01-21 00:47:05	Name: audit Value: 1\|naVuGyos1qpMAXul6+bU+OQFbWGgM44fR/rFJVNr6iK0qxpngu+zMg+yhA/RAFhZaRkj/aC8Kje/2+p/nwtidIAXuoDlYL8AS9PEb3oBhncijy0RC4Zd8RuybVyVU0yt
.yandex.ru/	1970-01-21 01:37:29	Name: yandexuid Value: 2080023421699289503
www.sonora.id/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C990698%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221699289504194%22%7D%7D
www.sonora.id/	1970-01-20 16:44:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.jixie.io/	1970-01-21 00:47:05	Name: jxuuid Value: c437ce90-7cc4-11ee-9234-779462dd5bf1
.jixie.io/	1970-01-20 16:01:31	Name: jxuuids Value: 1699289000-c437ce90-7cc4-11ee-9234-779462dd5bf1~1699289504
.sonora.id/	1970-01-21 01:23:05	Name: __gads Value: ID=688a35ec959d2add:T=1699289504:RT=1699289504:S=ALNI_MbmxKxeyp9fuh2W712cNoUYPra4PQ
.sonora.id/	1970-01-21 01:23:05	Name: __gpi Value: UID=00000cb71ea586b3:T=1699289504:RT=1699289504:S=ALNI_MbAozGVEnrlRmYB9CstOT44M23WiA
.doubleclick.net/	1970-01-21 01:23:05	Name: IDE Value: AHWqTUm_JzXCLjFdYj_3a3IkKV4w9yS29f_dp7O9jX7kuT3DE3TmXDhAHZNJ71dz0hU
.tracker.oval.id/	1970-01-21 00:48:31	Name: ovaluuid Value: 2498af26-5262-4b6a-a9d2-694dd833f310
.tracker.oval.id/	1970-01-20 16:01:31	Name: ovaluuids Value: 1699289505-2498af26-5262-4b6a-a9d2-694dd833f310
www.sonora.id/	1970-01-20 16:01:30	Name: _jxxs Value: 1699289000-c5000090-7cc4-11ee-943a-afa6fbf50559~1699289505
.sonora.id/	1970-01-20 16:01:30	Name: _jxxs Value: 1699289000-c5000090-7cc4-11ee-943a-afa6fbf50559~1699289505
www.sonora.id/	1970-01-20 16:01:30	Name: _jxs Value: 1699289000-c5000090-7cc4-11ee-943a-afa6fbf50559~1699289505
.sonora.id/	1970-01-20 16:01:30	Name: _jxs Value: 1699289000-c5000090-7cc4-11ee-943a-afa6fbf50559~1699289505
.www.sonora.id/	1970-01-21 00:47:05	Name: _oval Value: 2498af26-5262-4b6a-a9d2-694dd833f310
.www.sonora.id/	1970-01-20 16:01:31	Name: _ovals Value: 1699289505-2498af26-5262-4b6a-a9d2-694dd833f310
.doubleclick.net/	1970-01-20 16:01:33	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:20:41	Name: APC Value: AfxxVi5afI6QUJIPsZxe7LrEsb98DJhuXrF2CkSt23dLTScWUIEcnA
.adbro.me/	1970-01-21 00:48:31	Name: uid Value: 44c04dbc-b837-49de-9873-0445c2a08b44
at.bahn.de/	1970-01-20 18:11:05	Name: exactag_new_gk Value: 7042517f69674d53b8ea28fa9ebbd56a%7C05.01.2024%2016%3A51%3A45
at.bahn.de/	1970-01-20 20:20:41	Name: exactag_new_uk Value: d3af2369beb945988d96bb2c76b61f31%7c
at.bahn.de/	1969-12-31 23:59:59	Name: session_session Value: f400ea5ea87641babe7d006c
.sonora.id/	1970-01-21 01:37:29	Name: _ga_J8TZJ65FPH Value: GS1.1.1699289506.1.0.1699289506.60.0.0
.sonora.id/	1970-01-21 01:37:29	Name: _ga Value: GA1.1.1436982439.1699289503
.googleadservices.com/	1970-01-20 18:11:05	Name: ar_debug Value: 1
.tokopedia.com/	1970-01-21 01:37:29	Name: DID_JS Value: lPhta8teiZMTrHd0I2/QzUqNvgDEox+YXxCqxyzk4OI=
www.sonora.id/	1970-01-20 16:02:55	Name: _jxtoko Value: eyJESURfSlMiOiJsUGh0YTh0ZWlaTVRySGQwSTIvUXpVcU52Z0RFb3grWVh4Q3F4eXprNE9JPSJ9
.sonora.id/	1970-01-20 16:02:55	Name: _jxtoko Value: eyJESURfSlMiOiJsUGh0YTh0ZWlaTVRySGQwSTIvUXpVcU52Z0RFb3grWVh4Q3F4eXprNE9JPSJ9
www.sonora.id/	1970-01-21 00:48:31	Name: _jxx Value: c437ce90-7cc4-11ee-9234-779462dd5bf1
.sonora.id/	1970-01-21 00:48:31	Name: _jxx Value: c437ce90-7cc4-11ee-9234-779462dd5bf1
www.sonora.id/	1970-01-21 00:48:31	Name: _jx Value: c437ce90-7cc4-11ee-9234-779462dd5bf1
.sonora.id/	1970-01-21 00:48:31	Name: _jx Value: c437ce90-7cc4-11ee-9234-779462dd5bf1
.casalemedia.com/	1970-01-21 00:47:05	Name: CMID Value: ZUkZo43l0MZSY1J-CPGZRgAA
.casalemedia.com/	1970-01-20 18:11:05	Name: CMPS Value: 5143
.casalemedia.com/	1970-01-20 18:11:05	Name: CMPRO Value: 5143
.adnxs.com/	1970-01-20 18:11:05	Name: uuid2 Value: 4810447182658392797
.ads.stickyadstv.com/	1970-01-20 16:44:41	Name: UID Value: 3cc14c6b366cd8a8f270bfe9f1d1e080
.ads.stickyadstv.com/	1970-01-20 16:44:41	Name: uid-bp-34673 Value: ZUkZo43l0MZSY1J_CPGZRgAAFBcAAAIB
.adform.net/	1970-01-20 16:44:41	Name: C Value: 1
.adform.net/	1970-01-20 17:27:53	Name: uid Value: 4227092469573558393
.amazon-adsystem.com/	1970-01-20 21:44:12	Name: ad-id Value: A-sSAYFDJEPBipVnTM6bGQg
.amazon-adsystem.com/	1970-01-21 01:37:29	Name: ad-privacy Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tracker.oval.id/55b3b831-5a28-4210-aebc-87a01b10cd33/v1/user-segments/2498af26-5262-4b6a-a9d2-694dd833f310 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.sonora.id/ Message: The resource https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.sonora.id/ Message: The resource https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=TltN7Jur was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.sonora.id/ Message: The resource https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.sonora.id/ Message: The resource https://imgx.sonora.id/file/sonora/desktop-new/css/style-sonora-v21.min.css?v=TltN7Jur was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
accounts.google.com
accounts.tokopedia.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.stickyadstv.com
adsimg.kompas.com
ampcid.google.com
ampcid.google.de
apis.adbro.me
asset-a.grid.id
at.bahn.de
bs.yandex.ru
c.mgid.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.prod.uidapi.com
cf0f20df75d5c21aa8da182d2bb9c2a0.safeframe.googlesyndication.com
cm.g.doubleclick.net
cm.mgid.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
hb.jixie.io
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
imgx.sonora.id
js-sec.indexww.com
jsc.mgid.com
kgdata-cdn.s3.ap-southeast-1.amazonaws.com
kompascybermedia-d.openx.net
lb.eu-1-id5-sync.com
match.adsrvr.org
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prg8.smartadserver.com
region1.analytics.google.com
rtb.openx.net
s-img.mgid.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.jixie.media
securepubads.g.doubleclick.net
servicer.mgid.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tag.adbro.me
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker.oval.id
traid.jixie.io
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sonora.id
103.132.192.30
104.18.36.155
138.113.147.185
142.250.184.198
142.250.185.162
142.250.185.226
162.19.138.119
162.19.138.82
172.64.149.180
18.173.233.103
18.173.233.14
18.239.83.58
185.89.210.46
199.91.74.174
2001:4860:4802:32::36
213.202.235.8
23.213.164.238
23.50.131.90
2600:9000:243d:2a00:0:ddab:1ac0:93a1
2600:9000:243d:b400:a:e047:753:a221
2600:9000:243d:fa00:0:ddab:1ac0:93a1
2602:803:c003:200::41
2606:4700:10::6816:31fd
2606:4700:10::ac43:266a
2606:4700:1::6813:814c
2606:4700:1::6813:854c
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2606:4700::6810:7aaf
2607:ae80:4::25
2a00:1450:4001:800::2001
2a00:1450:4001:801::2006
2a00:1450:4001:802::2004
2a00:1450:4001:806::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200d
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2016
2a00:1450:400c:c07::9b
2a02:6b8::90
3.74.50.207
34.98.64.218
35.227.252.103
35.71.131.137
37.157.4.28
43.129.34.148
43.129.34.52
52.219.128.103
52.46.143.56
54.220.165.75
54.251.181.187
69.173.144.139
76.223.111.18
81.17.55.161
95.101.149.233
95.101.149.35
00a52ba0d9868948662985582c602d2f073e828eee085f5468cddc01d57ee13c
048d5a2c34971b0f23f97baa722c619921759ac5e863412690415443be417caa
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05f34410de3687656a9cf57d1d7684352a82f75c80fde8cc029212ca46f0b12d
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
079631c1fe46563971edbb7b9955f112b5f9a699f0131fb9ca37a5201b44dee6
097f267480fb95a0be7011ef2b26efbe2b2f662708a538c70becf772d182aaf8
09d9b0c13acc1cf20eeb6642a9ac8b8cbe03ec8c4d23d7853b547c0fa86dbd8a
0a0b264f3418447b6ef841802e55b6d73e0a5b42661c15171e34638f4afe94a6
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0f251a4aad9a47baf0f3165cc8e27bfc26d95636379e8954acda6110de749825
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
135394fa3014749dd6b74997d90d13a4568d5bb2d7c9ed2fa474877ad5100427
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195b12f94e931d8e6977627aa603b05ff03092c2363ad65280ef1f4b7ac3944c
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cc0e34615383b19056fa913f0304d4eb070ee353c9b339dd74dce520e064452
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db2eb6ac6841752e89645086fd001d4321f9b6cd1f5eb0d10504ed47a1726cb
1e955cd5d289a0aef6e4c9b76cc3584a992f77e4ced9bd971f269b7c70f7f435
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
20271545b2cc5ae84e71b290a18330b8d362d8e6b6f033f7f3e7eafa406c6fd6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e9d637c709a0a48b71bc167bc4fa4600465dd40a94053d2f30598c7228eaa2e
2f0ff421483b77fecc74c406b4587fa3c2f2a28319b6362f6bb003e69454f48a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f
33674b4b447e2ea19f0d70ad9392b9223432ad77460b09efa3e8423933d1c915
3456dc81c0129f9b4ebe8a04667110992cbb1c8c1ff6784723528f64b20fa82a
358bb78e64619300ba8a0ca53c52a1eb1a2aecaff233cfde516b3d6c38ea54c5
3856f4fe3c2840b0da44e57794aff5ba9e27b5fd326b1119c89895ea231a9005
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
39603b3d2c66e35d1094d100e4135dd9d844c1047c46788a2ad6eab1f7c7fab3
39ccd330707342cc86829da3c2294481d02d29bce7da9428bdbd4f77ffa9ddd6
3a4a237a8fb6635d83e7d406d69e4f100f222ae8c2c0b74f679139e6499c56be
3b6530a962e9f451d6da5745cc8fdd6e781d009c75a2e269ff6aec38c6a36ceb
3b8fc662fa369381bbe77ad9243fb62acd7ecdd264aad68c41c3127a0da3e1e8
3db8ede7fb4cd3c74e710536e496fb72a02a2309c732374dc059669d2c2dce1e
3e2ca4bd374b9f895fb78ed0e11e8fca839a286756d18fbf2de61662b93886c1
3eae8f99463e611b647441acd9f108472446ef9d3001a75d8465cb246df73509
3eba09e329ebb1660f12f462ea9447fd160d440bf840fe943f1e6898edb74c0a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d8bc23562f3cda043d894bb5c043bd50290a2e4f53f87c0b9e4e858aa24cdb
42bd81a9bcc9f62309b2ebab5b61796e32c8b3520d9d623ff8ac2b48d0b14840
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456f42f314fd5aca099ff5a538a6a42a50abb6393cd628532019b857007d4d25
460d1dbc3206f0423c8555c22893a2d6e6fe6321a59dac3e3fba9f6a22f5751c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f5f582eca99c94cfc1547fb4a7be63a4d4f76aef7b7625df4e384ad7b8f259
48f09d6e66321503e98a491c2d2e6cf2e052fe903b37c6ce66c1f92c3c6cca97
4949d2eb60890735e529f72939bfc695f58b3de39221b52b9070f913b295b1a1
4caea879b73abf5b2888fbafac8f102f97756cffc7e6621abfcc3a778c005931
4ce9c54dcb70bf19d93fee8de348f2dec7a3e0ad97d8cebe455c5ec6a0339158
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e2a81fb715365b53997c031e6531c2a00efc726dbdea8f2696a436f32c3e2dc
4e40a578ef050b61f0e9686b388fef8160fc040da54727a3c90f4e516b014ff8
4ef19840e6c9c893550e11abe3de658e2fa437270d2b22a53f4704d1faa58c52
510e508f7ec042f813456db9ac58c3a2639750e116a41ab9d6acb76a56bb081d
522a6fbf4dc73787f19a128312f1b3935499519014f6f61bd8b38b822220a200
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35
55512c0405f77d449a185fde8d0446aa9db032ad6fedea57803c4364963ccd78
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5c1e225741a0555d113b441a6de8114fc1a2d9d18e125a751ed6ebf25f025f5e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e212f9be2fcc03a0553b54beb6816b8b900357923b1c62a5f2cddf805671d93
5ed7b6cf6d2a06883584be8400bcb88262dfed36c89f1d23010d599fc6742e5a
5edbfc91b293434268e8a8cfdb62eca0f67d28c11e180dcfe9438b968eb2de8f
5ffabf2ab38c805e44ed6a45c706a959675441e7ad4c4dde830e2a29fddd0cc0
6028fce5a28e67f3df4c55e9d8526299b7c88fdbf48e314748729a25cef3ea23
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6334fbd395d918031eb0b8d8bef86c076323586a9549f9d5429a407f311acc86
637372e086c7d644857dd68c9b0dc6b893c6599561b79a6845819991ef755f0f
64b2c3b7abee66c4ac1a8214db14125492989dfa09a90d785237f95d77001a63
657322526fc230132d37f8c19daa8253c28fd07f3e9bd2c79f27d6c535c71295
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
669c5590d5df7c4402e1d28fad7a586de4f7c0d2dd45a2823b7c50f215dc6b5b
67cd18a7fda508e2078d2cdaf3ebc292d4bfa8add9e8f312804d384151655d13
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a8c88207f9e61a4dcb960ea1e5139c581516d12fa52347230346f7a827727be
6b279888887a96cb76553ae053cf82e65f74ce91ea29e15d14cd6b9fb159aacc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7092331fc692253229091474d0c1b1d3549b0db4a624fa8a3e72135101701102
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7238af0cd91f8d8a4bb3a152085a575d1823e71b7c7bd9eac22bfff0a9141349
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
756f7d91408734d467c10f89114da3e1cf9b9b94c30d0a9ebc61aed91a74e260
765fa014efe6f05589a4e00d03786d79ddf81b034955d0f641db2ca760e036ca
7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f
77b8df2737a1d747296997d643be5a405c272aa1f3822a2f2d8cf195a027f9ec
790ed97f913e3a42a6fc482cd444ccbdeff27af8f36a52f52f939e8ad08d9f14
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a9936e907d1486ae29caddd205b9b5d561bd5902d0ee790a83432af960d9237
7d239c1b42a2d3a3ffd0535c3945313fc8ec596eceab17eda303e0d82860f218
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
7f42bc84d36d1e8cae0281bed43f777e557c262d267e98d57597936721b511c0
80076c8128ba70e888a80aae8ee7d822e6e12c179ace9a5ada9b48bf85112680
8031d6b7eba9c47ac1879c70c09f5f6cb5886016b29dac3460aa8fa8621db810
80a3285b6007febe9b4427b610014ac8504cd0551f75afd28677f8f2abfd8518
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
863402490bc3676ecb6de7dd3abfb74af81985c05691efb1f9a201498b49f78e
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587
897a836a152c9cde8774ffbd7c3be36e5162b4e3440fd0013eeb6cf62b4a872b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
8f18878cfe58549585192ad6d4e796d1d1225755f4ec217dc2cd87ea9ec72b4e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
949c58865846cf546ce4493e289ae759fda2f3adc140fe5d532b6ea4525aa2f0
94b4083572be8dbd55c635c1702c9f192463e13c01cb7b25af3f5d8e0d454980
95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96de2614c2fd3059a93fdb5e87db045c018a13677d1286f018b3c794cb9cf130
981c6b07af25c255168cb3d6437a3270a73c2f4d201fbf6fea2685ae7d4c5005
98b4a154fd03a725de31cfaa74c31f30ac91c8511e11f3d4eafdf19cc48e1083
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
98f954e7800642205e2617e1052c1f0eff5d93ade8eff534b8ad7a3616ce0809
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b781bc4f98ff2cd86562500515f897bad3af128f289abaa6a7193c42cfc779f
9c5a300e1bffda500ddb65f39dadae505b90cc72bda4e6ca088d686bbc18a07a
9d83335d8e41e5a2ccbb3a1b3718fb650edbe2e162608748d14194407f2d381c
9dc31c58ee985c67762281ac8736adcf1e95d632195953531725e20607442baa
9fc0a0136110c52f912bde802f18e2646b808b7b4ae53705dcf848a879245cc1
9ff245e79b2ad34f78d82398ba24e0119d26371ebc7cd2f9b19d7339b2880519
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1635a3db21d771d13a8b0566763d96deb112fba03965f361fc26c56a45c7cd5
a3e4d16498e0ca9ac66adab8d9042327d1e7de8a27a12ac419a9b55b31fd605e
a63dbfcc290b16ae588f99e103d58daf6cc0298a4c64668a182dd6bb95b83b4c
a722f805651528878bc9431a6940cf5c80ee23b433f28d39026222d55172b5b6
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a94ec9812941289a8e9d6078fc64babf21d5f4b779d6f6a61a9946dbb87a73df
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
af6aeb41cbb2f95fe10b13f79a4a988bee56874536aebda90c90fd0e3275e9fc
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b079ce75fb3ca734c45e44fb7888bb12cd8ea68aab0a7f2dded81f9ebd8e2fe8
b112593bfa75dc55bb4391dd872cf9feb1f7f92355fc47f5ba043956841d1ecb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24d5e3a3f1e062ad3be639bed38431f876be35ad58f7287705ec9e2496ec990
b2cfb2884940239d4ca4430eeaf685a24b944c955f9385aec8d88e9818966962
b564389f3a3d3678dfa0feaaa909e0990e5620d13572e7432f301f8de6fc5b05
b5e8e88324db27839e79e31bc89fb035b70222cd3cf141b8bdc8a5d36896f2fd
b663da6a9b1ab55ee08a0b6c094da7b43d045493c9263b7bb15d1c53d57300e7
b6efbfaae36aa53ee47566894c4127095bd5e90ff1d974669b5e071ab3cfa657
b6f3cae8985724c4c35cb78a0abc3a3311124f070600db1d361f31b590500a45
b9b13fa21a1419e6c3b7cb99e74cab04e14213f44a02297f3f5745f68eca9bf2
b9d286e34f4966c9930d0bcd7d32e4f80e0e9b45ba493d3f71e5ff695ab7d92c
ba0da38f43fa73e7bf4f78b9d387519971bfb8146ef867db97bc643d58b13dbe
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca9c2fd57f990729288dc6498b576327d4e75a45a9d8af2b3b07f8f2d6582d3
bd445832f140e616125496d3688dbd4f3824a26d950037166948afd03a7da00b
c1a5317f17e27b81c83c6f70a67e2788aa2df9a96bd14d4a65e5504112b07a48
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2271d2fb55418eb8a76beae80659aa6e03bac30f25b5a0f8eca07e479b8f719
c337a53788470ecffbd05b567caa326760b4b6322c7162c40deaef6f1749f759
c4546487f2a7651a5f230593e4406632a49d4861d90c18e807631ab845259027
c46c67561e592db6a8319a1304842bfe7c332980ab022d769c158a09c2802287
c8d4bbc38eca000e5c5a89c8cfce2624f92b7431529900ac9402f8c593f82f2b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab8c437774fa13533ce1bcf5527b508c95e263eecb79fdd5f2a5cec5b683bbe
caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
cb0e8af991923ae082ece2b6ab957ffc6348cf46a74ca771c65dd433768b9c12
cc2cc7100f193c7b9d192602ef1e101d953da77d2fbe324143ae5354468df8f1
cc96a5d94b9fd891933746d77fe60cf4f3a7d45d1cab93a712ca21f331612cbe
cd52fe529da42ee00936b62eed815e85eb39905d74fbe23fadb298fece155bce
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cf1e386e924d2efc06becda04be0174ee75e5c215eba2215324b91830dc8c208
cf7fa00b9e1d696bce006b3a599f03086f44987c6b19b4dda8063c69a403df25
cf915bcbf546788b14cbe416eebf1829aa8aa9b593c26ef8ac7cfb9673d9d27e
d2d95ba8641781c36bdb6b9f4b99e2c06c5eadad5b3f0aacbed45a6171eec5a7
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d69a9f3c08cd8956e296e270939045762240cdd0eb8c0e655c7169d16c71c336
d7b399332f378a5fe89eea3ac1f4f98e1ec7c66c20a5ebe9c0a2bd16032b4666
d7e0f6082fa9f501722dff1d7451cf57166644c5ea6eb17e2afd8eeca3399a9a
d80e7adb95690837115b2d0b847caa38ceb1a10f601488e45b017fe83820d97b
da7d92b3065937b7a9a10128d93b11b9696f9abdb50ee6d82c75622fc5194e6b
ddecf48c7543346caf5a898adf0c24e98432e376bdabc919234aeaa6899bcfc1
de0a9bf9c2b2bfb5addc32902d7d7f4d54c18b074a44ca78df939a59d5a0c419
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df16953d31da536276eb6ee4d7fb9ce35adcc69d842b9afd2785894c2fe3f0dd
dfcb6fe4c954fc60b77811e62dc5ecac1de4af8bee9408d45b86b0c5115691d2
e047efdd60b846ea6313bc584ae40625eb0619525292579e2675acd9b90c6f10
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e20ea9043d89f8bc2899c0ae8ab78a439ae8d84998a152128d1e835c5a217d48
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eef507aecaefef7657410df82e442ad2b28afcc84c9c132513fe5458dc3f20
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e7e009ad2e30b1af7b136aa88198b28d8886b89eb9e37c674df0238ce41fee7d
e86e207ff93534c44593c2f1deeef300fec21e2aee47dc1bd0a948468e91fbca
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
ea29cedb42034202cd6a87c82c0e31bc569257106f052859698d86c1364e580f
ed2e8aa3a6b4844c94cdda60c704daeacf5649cf1ac0f43fd2520a12b09d6fff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef7e509360c81e98745dc1e6928bcb48533d141cc28cd7abca82bded598c21e6
f0c3f79fc805615e46b752c294e68900e3ca6826c46db082c9e903d94298bcc8
f11d0190d676c1a0772b71b30549e6b2566646cd65dd572f43a9cccb90f99a4c
f1616587502f3157136bf04fdfc60e3c8035662bc55cf4d632b3c9f1e0e30583
f265cada4106c5502f0ca98671a23690d87c37d7c08915cdb5db0a870625a55c
f3cd8fb4bf8737d083b573ad20b8330ec26b752a2f8958c727590c9cdd490609
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f
f9fa705edb441f1715235adf1ddbfb2887e61b60f9263465645df8f75bd84cf4
facf3d3a4ac6bcb57258383c7a817ddf250012d0b50b4a120b0f5213035d79e1
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fccd14c4247e5f4427fbefa7d856ddc9b99fd895a18c48ef3f643ee67c83c24d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.sonora.id Open in urlscan Pro 2600:9000:243d:2a00:0:ddab:1ac0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

308 Requests

96 %HTTPS

51 %IPv6

47 Domains

75 Subdomains

64 IPs

12 Countries

3622 kBTransfer

8020 kBSize

52 Cookies

11 Outgoing links

Page URL History

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sonora.id Open in urlscan Pro
2600:9000:243d:2a00:0:ddab:1ac0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

96 %
HTTPS

51 %
IPv6

47
Domains

75
Subdomains

64
IPs

12
Countries

3622 kB
Transfer

8020 kB
Size

52
Cookies

308 HTTP transactions
10 data transactions