www.haibunda.com Open in urlscan Pro
2606:4700::6812:154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.haibunda.com/
Submission Tags: falconsandbox
Submission: On October 15 via api (October 15th 2021, 3:12:11 pm UTC) from US — Scanned from DE

Summary HTTP 345 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 53 domains to perform 345 HTTP transactions. The main IP is 2606:4700::6812:154, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haibunda.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 6th 2021. Valid for: a year.

This is the only time www.haibunda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6812:154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	203.190.242.172 203.190.242.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
22	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6810:5c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	203.190.242.102 203.190.242.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 17	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2 6	13.225.87.8 13.225.87.8	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.58 18.66.97.58	16509 (AMAZON-02) (AMAZON-02)
11 32	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.99.104 13.32.99.104	16509 (AMAZON-02) (AMAZON-02)
1	54.148.74.183 54.148.74.183	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
35	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7 13	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
8 11	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
7	203.190.242.244 203.190.242.244	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1 1	34.250.206.93 34.250.206.93	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:c800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.85.44 18.159.85.44	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1 1	2600:9000:223... 2600:9000:223f:f600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:400a:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.155 64.233.167.155	15169 (GOOGLE) (GOOGLE)
1	103.49.221.173 103.49.221.173	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	54.77.217.29 54.77.217.29	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:12::6	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	103.49.221.102 103.49.221.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	18.197.87.177 18.197.87.177	16509 (AMAZON-02) (AMAZON-02)
1 1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1 1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
1 1	18.192.155.173 18.192.155.173	16509 (AMAZON-02) (AMAZON-02)
3 3	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	54.36.109.47 54.36.109.47	16276 (OVH) (OVH)
345	49

16 2606:4700::6812:154 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 203.190.242.172 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-172-242.190.203.detik.com

cdn.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:5c12 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 203.190.242.102 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-102-242.190.203.detik.com

akcdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.124.210.90 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.87.8 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-8.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.58 (United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 216.58.212.162 (Mountain View, United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.74.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-74-183.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.21.141.232 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.173.22 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 203.190.242.244 (Bekasi, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-244-242.190.203.detik.com

newrevive.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.206.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:c800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.85.44 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-85-44.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:f600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.49.221.173 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-173-221-49-103.detik.com

connect.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Gelsenkirchen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.217.29 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-217-29.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:12::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lzne6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.49.221.102 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-102-221-49-103.detik.com

images.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.87.177 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-87-177.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.155.173 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-155-173.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.151.21 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.47 (France)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	346 KB
57	doubleclick.net 11 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net bid.g.doubleclick.net	302 KB
51	haibunda.com www.haibunda.com cdn.haibunda.com	1 MB
36	detik.net.id cdn.detik.net.id akcdn.detik.net.id	729 KB
30	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5lzne6.c.2mdn.net	2 MB
20	detik.com cdnstatic.detik.com kayumanis.detik.com Failed newrevive.detik.com connect.detik.com images.detik.com	194 KB
19	google.com fundingchoicesmessages.google.com analytics.google.com www.google.com adservice.google.com	73 KB
17	eyeota.net 6 redirects ps.eyeota.net	10 KB
15	vidy.com static.vidy.com api.vidy.com	336 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com	11 KB
11	adnxs.com 8 redirects ib.adnxs.com	10 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
6	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	148 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	google.de www.google.de adservice.google.de	2 KB
3	demdex.net 2 redirects skydeutschland.demdex.net dpm.demdex.net	3 KB
3	w55c.net 3 redirects pm.w55c.net i.w55c.net	3 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	127 KB
3	googletagservices.com www.googletagservices.com	112 KB
3	facebook.com www.facebook.com	522 B
3	taboola.com cdn.taboola.com	145 KB
3	googletagmanager.com www.googletagmanager.com	124 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	633 B
2	avct.cloud 2 redirects ads.avct.cloud	960 B
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	897 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com	689 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	quantserve.com cms.quantserve.com	926 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	893 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	facebook.net connect.facebook.net	171 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
1	id5-sync.com id5-sync.com	1 KB
1	rfihub.com 1 redirects p.rfihub.com	753 B
1	avocet.io 1 redirects ads.avocet.io	243 B
1	ml314.com 1 redirects ml314.com	490 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	473 B
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	exactag.com m.exactag.com	1 KB
1	smaato.net 1 redirects s.ad.smaato.net	439 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	340 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	turn.com 1 redirects d.turn.com	438 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	897 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jsdelivr.net cdn.jsdelivr.net	11 KB
345	53

	Domain	Requested by
35	pagead2.googlesyndication.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com www.haibunda.com securepubads.g.doubleclick.net
35	cdn.haibunda.com	www.haibunda.com cdn.haibunda.com
32	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com www.haibunda.com
27	s0.2mdn.net	www.haibunda.com s0.2mdn.net
27	akcdn.detik.net.id	www.haibunda.com
21	tpc.googlesyndication.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net securepubads.g.doubleclick.net
17	ps.eyeota.net	6 redirects www.haibunda.com ps.eyeota.net
16	www.haibunda.com	www.haibunda.com cdn.haibunda.com static.cloudflareinsights.com
13	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
12	fundingchoicesmessages.google.com	www.haibunda.com
11	ib.adnxs.com	8 redirects googleads.g.doubleclick.net
10	images.detik.com	www.haibunda.com
10	securepubads.g.doubleclick.net	www.haibunda.com securepubads.g.doubleclick.net a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
9	cdn.detik.net.id	www.haibunda.com
8	static.vidy.com	www.haibunda.com static.vidy.com
7	api.vidy.com	static.vidy.com
7	newrevive.detik.com	www.haibunda.com newrevive.detik.com
6	googleads4.g.doubleclick.net	www.haibunda.com
6	googleads.g.doubleclick.net	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com www.haibunda.com
6	sb.scorecardresearch.com	2 redirects www.haibunda.com
5	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	rtb.openx.net	4 redirects
4	www.google.com	www.haibunda.com a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com static.vidy.com
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	www.googletagservices.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
3	www.facebook.com	www.haibunda.com
3	cdn.taboola.com	www.haibunda.com cdn.taboola.com
3	www.googletagmanager.com	www.haibunda.com www.googletagmanager.com
2	sync-tm.everesttech.net	2 redirects
2	ads.avct.cloud	2 redirects
2	sync.1rx.io	2 redirects
2	r1---sn-4g5lzne6.c.2mdn.net	www.haibunda.com
2	skydeutschland.demdex.net	1 redirects a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
2	csi.gstatic.com	imasdk.googleapis.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
2	imasdk.googleapis.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google.de	www.haibunda.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	sync.mathtag.com	2 redirects
2	match.adsrvr.org	2 redirects
2	connect.facebook.net	www.haibunda.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sync.search.spotxchange.com	1 redirects www.haibunda.com
2	cdnstatic.detik.com	www.haibunda.com
1	id5-sync.com
1	dpm.demdex.net	1 redirects
1	p.rfihub.com	1 redirects
1	ads.avocet.io	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	ml314.com	1 redirects
1	i.w55c.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	cdnjs.cloudflare.com	s0.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	m.exactag.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
1	connect.detik.com	cdn.detik.net.id
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s.ad.smaato.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	static.adsafeprotected.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	fonts.googleapis.com	a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.haibunda.com
1	certify.alexametrics.com	www.haibunda.com
1	analytics.google.com	www.googletagmanager.com
1	d.turn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	certify-js.alexametrics.com	www.haibunda.com
1	static.cloudflareinsights.com	www.haibunda.com
1	cdn.jsdelivr.net	www.haibunda.com
1	www.gstatic.com	www.haibunda.com
0	kayumanis.detik.com Failed	cdn.detik.net.id
345	81

This site contains links to these domains. Also see Links.

Domain
connect.detik.com
www.facebook.com
twitter.com
www.instagram.com
www.detik.com
www.youtube.com
pasangmata.detik.com
adsmart.detik.com
forum.detik.com
event.detik.com
poin.detikshop.com
www.transsnowworld.com
www.transstudiobandung.com
www.cnnindonesia.com
www.cnbcindonesia.com
www.insertlive.com
www.beautynesia.id
www.femaledaily.com

Subject Issuer	Validity	Valid
*.haibunda.com Thawte RSA CA 2018	`2021-07-06` - `2022-07-29`	a year	crt.sh
*.detik.net.id Thawte RSA CA 2018	`2021-01-30` - `2022-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.detik.com Thawte RSA CA 2018	`2020-11-14` - `2021-12-14`	a year	crt.sh
vidy.com Cloudflare Inc ECC CA-3	`2021-06-20` - `2022-06-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-09-28` - `2021-12-07`	2 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.haibunda.com/
Frame ID: 2F5BCA56E63F5AB8CDA461BD3E69CACE
Requests: 190 HTTP requests in this frame

Frame: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA0499418573173BC55A918598376067
Requests: 1 HTTP requests in this frame

Frame: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3CE88E5EBA0157571BF5B8E7D4DAE51C
Requests: 14 HTTP requests in this frame

Frame: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E279A7AEA3B5155F230A8A64D649D9DF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNUBXnpp_4Ogx865hi8qlA8s0TKB-tm2cLAhgv33RL2ukEUmv7SEmY00jDnUzTjhehSfXtkJD_HQmDIAFH-WzURhQ92qowpXK_CMclb2sAj2fA2I0eBs7Tn2O5rbuJSt6snXx7mrI_xBj9OpqpfDAbQLiCfyI1Dw0XKTuo7jnl-_WsaT3Rc
Frame ID: C03DBD531FF44E75A82B60254AC0664C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELCX968CGLSh5LYBMAE&v=APEucNVhMXA9Qa8dLy2C5reJs2QoalVD-SSpxem4laZEVZlyWXgwDVHRrINUdhm1-6yKmeBhsjRrvpmdEF_hVmUfWsVTckUoI86YXBeVd4wSCqncAadEJPA0WMmwS3i2D6HMe3NlNk69q_qHv-Kv8Rz2urz8CGlyAgKUOwhrpzKapj-fDVM6aS8
Frame ID: 33DF409627AAFB309B5F4E935812E31D
Requests: 5 HTTP requests in this frame

Frame: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E3C2778C50AD36C874450F6F2342BA8
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0AB269A3645F4F4A663207085CCD6C77
Requests: 9 HTTP requests in this frame

Frame: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 92B1FFB82A11AC1638CF083CCAA705B6
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D6E8E88991AC2117D5789F60A120D103
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AC502535883128DE91519FCE229857DC
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
Frame ID: 943C9D9757D3579481A40A8295F03FD4
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
Frame ID: 56429603DD73ECCB4AE8FAFB053A35F0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNzp-bQBMAE&v=APEucNVUEbA9vTP01iAdMaP4T8l2HijdJ3kYx7xyWlVg-RV5nwi9uot-qT9l-ywlcc6Cl-DzqQ_ySVouBWejVfDIPmr7U3nQLcenCtkA501CZ4GmoVsDdTWY0v862Jj07FMNi75S-_yf_ihQ_KAR32x237sobZzNDJqH0nc_bl2VchcFh4Z-Nh4
Frame ID: 09D18D839FFDD629FDBF1D7DE1B07848
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0895974EBB235F515448EDEEB7B7096F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5FBD18C7EC10583463A68D059CB95353
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E6B81CD03B04A39E4BBB4B4B739719D
Requests: 3 HTTP requests in this frame

Frame: https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166
Frame ID: D1E081ACB6ECF8B94D571E4CEF913F40
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
Frame ID: 98CD7EA7060527DC519F50FF47252FEE
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A52644A8B86B29BAA28481109D6E6D52
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0F8B74F54F47668C711506859A284554
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9B29F57BBA4374792407077F393F402A
Requests: 3 HTTP requests in this frame

Frame: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
Frame ID: 9D8A671B2E7BEE3F06163EFAD47358D5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Frame ID: 50776891BF6BBCEA4901261BC18A4579
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Frame ID: 5B7BEEBEAD5FB37ABD0874B9D02FF630
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Frame ID: FAD33DCD572B12631FC2CAC1CCDF3925
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4F70D8C2D8C0D2DFD43F7F49A9B796FC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 650F14FD608548EDB48795012F1F7DA4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Informasi Terkini Kehamilan, Parenting, dan Mom Life - Haibunda.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

345
Requests

99 %
HTTPS

44 %
IPv6

53
Domains

81
Subdomains

49
IPs

10
Countries

5671 kB
Transfer

12147 kB
Size

73
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.detik.com/oauth/authorize?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://connect.detik.com/accounts/register/option/?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://connect.detik.com/oauth/authorize?clientId=10166&adult=1&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HaiBundacom/

Search URL Search Domain Scan URL

URL: https://twitter.com/haibundacom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haibundacom/

Search URL Search Domain Scan URL

URL: https://www.detik.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/HaiBundacom

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/
Title: Pasang Mata

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/
Title: Adsmart

Search URL Search Domain Scan URL

URL: https://forum.detik.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://event.detik.com/
Title: detikEvent

Search URL Search Domain Scan URL

URL: https://poin.detikshop.com/
Title: detikPoint

Search URL Search Domain Scan URL

URL: https://www.transsnowworld.com/
Title: Trans Snow World

Search URL Search Domain Scan URL

URL: https://www.transstudiobandung.com/
Title: Trans Studio

Search URL Search Domain Scan URL

URL: https://www.cnnindonesia.com/
Title: CNN Indonesia

Search URL Search Domain Scan URL

URL: https://www.cnbcindonesia.com/
Title: CNBC Indonesia

Search URL Search Domain Scan URL

URL: https://www.insertlive.com/
Title: InsertLive

Search URL Search Domain Scan URL

URL: https://www.beautynesia.id/
Title: Beautynesia

Search URL Search Domain Scan URL

URL: https://www.femaledaily.com/
Title: Female Daily

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=

Request Chain 42

https://sb.scorecardresearch.com/cs/8443234/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 49

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634310722461&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634310722461&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=

Request Chain 52

https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=403c0b4a-2dca-11ec-8af7-16821cb20506

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkY1WkNBSGs5UHgtRUNBbnduMjd3alRRMWJpUzd2QWxVTnIyUWgxTm51b0U&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkY1WkNBSGs5UHgtRUNBbnduMjd3alRRMWJpUzd2QWxVTnIyUWgxTm51b0U&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKCaKLH5JvhHCxiT1Qr-Rcc&google_cver=1

Request Chain 61

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=28c9cb88-e2cb-462d-a28c-3a071602ac5c&bid=1e2n4ou

Request Chain 62

https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=a42c6169-9a42-4e00-a2ba-f5a7ea6de5c5&referrer_pid=mli4m40

Request Chain 63

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-S._zgMZE2pUfsON8Y4K8SqRJepwny1UFjUE-~A

Request Chain 64

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=mli4m40 HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4162784312116736838&newuser=1&referrer_pid=mli4m40

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmaQ.1.luq5nznXE4guJwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmaQ.1.luq5nznXE4guJwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

Request Chain 158

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIYVc7oZTggIapCXDvP_fauY_z1bZE_TfPfOutI7FDkFR-YTUDosW0JcBMytm5o3U_lwe_-VMAHtODnAgYWXDDrKJ0IRCQ&google_gid=CAESEFlyz22wlLK2VXGjsuJrcjU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIYVc7oZTggIapCXDvP_fauY_z1bZE_TfPfOutI7FDkFR-YTUDosW0JcBMytm5o3U_lwe_-VMAHtODnAgYWXDDrKJ0IRCQ&google_gid=CAESEFlyz22wlLK2VXGjsuJrcjU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxNTEyMDMwMDA4NTU2OTQyNDQ0OQ%3D%3D&google_push=AYg5qPIYVc7oZTggIapCXDvP_fauY_z1bZE_TfPfOutI7FDkFR-YTUDosW0JcBMytm5o3U_lwe_-VMAHtODnAgYWXDDrKJ0IRCQ

Request Chain 159

https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK&google_hm=8U7wcaahzlIcy11uuKZk3A==

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8KGhGzJ7LiWp4b4sCEiD8&google_cver=1&google_push=AYg5qPJpa-q6A9j2IgEH3KL7aSte8FQAnhuJed-roXOed1x7Tzop-skSCSI_nt6Ns5xttx1cI9jl3NToRITOd_o8ainbcsAsnzk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8KGhGzJ7LiWp4b4sCEiD8&google_cver=1&google_push=AYg5qPJpa-q6A9j2IgEH3KL7aSte8FQAnhuJed-roXOed1x7Tzop-skSCSI_nt6Ns5xttx1cI9jl3NToRITOd_o8ainbcsAsnzk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJpa-q6A9j2IgEH3KL7aSte8FQAnhuJed-roXOed1x7Tzop-skSCSI_nt6Ns5xttx1cI9jl3NToRITOd_o8ainbcsAsnzk

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAwkuywXKsSUXunMzkP_E24&google_cver=1&google_push=AYg5qPJDC83vO1DKMdf03tPTp9J2Rj6xia7Ds3Diye5SgP8-avEb6JxToY_dfV_4oyUTzkFRuIGbKMA89Mt8Ivirk0p332SUhH5A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQM0MtMVUtNzRJRw==&google_push=AYg5qPJDC83vO1DKMdf03tPTp9J2Rj6xia7Ds3Diye5SgP8-avEb6JxToY_dfV_4oyUTzkFRuIGbKMA89Mt8Ivirk0p332SUhH5A

Request Chain 162

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU

Request Chain 163

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH2PlsgbOnd568_vj0OTFNM&google_cver=1&google_push=AYg5qPKRwJEA9CVKF4VyXCV5bD8V52FNWNHYAHQzvuMk9HjKKQF3bKLGhEc-Bk3Ty5DgfOlPewNlGWW-_6sKrdAbU6IbWxHAYtQ2Uw HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRwJEA9CVKF4VyXCV5bD8V52FNWNHYAHQzvuMk9HjKKQF3bKLGhEc-Bk3Ty5DgfOlPewNlGWW-_6sKrdAbU6IbWxHAYtQ2Uw&google_hm=

Request Chain 168

https://pixel.adsafeprotected.com/rfw/st/826939/57461179/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 173

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cver=1&google_push=AYg5qPI5q1PAXnf9BIU5YnjxkmGNTgj_MrzdZQzMROVb1Kt91-Bq8lXVWavCDy_CJsySBGZsI1BPSnttQJlkumydPGsR-g6oWU6J HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cver=1&google_push=AYg5qPI5q1PAXnf9BIU5YnjxkmGNTgj_MrzdZQzMROVb1Kt91-Bq8lXVWavCDy_CJsySBGZsI1BPSnttQJlkumydPGsR-g6oWU6J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVRvVXpWYU8xTUJvU241&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cver=1&google_push=AYg5qPI5q1PAXnf9BIU5YnjxkmGNTgj_MrzdZQzMROVb1Kt91-Bq8lXVWavCDy_CJsySBGZsI1BPSnttQJlkumydPGsR-g6oWU6J

Request Chain 174

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFSyqfYuRKI7irZBAm2stGE&google_cver=1&google_push=AYg5qPJxtyLpRHkEs0Q50qeShbs544FqxvoWmu7mnXTC-h0eF0kYUk2gPAZ9Tt1eL1fl6tasbf6_uDEOI8Ja1OoyGx54BcWOy7l7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=pCxhaZpCTgCiuvWn6m3lxQ&google_push=AYg5qPJxtyLpRHkEs0Q50qeShbs544FqxvoWmu7mnXTC-h0eF0kYUk2gPAZ9Tt1eL1fl6tasbf6_uDEOI8Ja1OoyGx54BcWOy7l7

Request Chain 175

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEPlgKUn1l3z6wEdtqoaDsc&google_cver=1&google_push=AYg5qPJWwQnftB3um3dt8pTBt3n3jDbEjERpBoYhzvuztyf3gKr5hbr7GR8krToSBh5U0B5md-iUjis6pzL2qPedU-DoE_SeG54t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMxMTEwNjgwNTUyODcyOA%3D%3D&google_push=AYg5qPJWwQnftB3um3dt8pTBt3n3jDbEjERpBoYhzvuztyf3gKr5hbr7GR8krToSBh5U0B5md-iUjis6pzL2qPedU-DoE_SeG54t

Request Chain 176

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDlbfYsyf5A56aJoKWPryWM&google_cver=1&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITSrU01jeBNzj06vrhXNYUYdo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDlbfYsyf5A56aJoKWPryWM&google_cver=1&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITSrU01jeBNzj06vrhXNYUYdo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMxOTY5MDIzNzMwNjg5MTA4NA&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITSrU01jeBNzj06vrhXNYUYdo

Request Chain 177

https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE&google_hm=8U7wcaahzlIcy11uuKZk3A==

Request Chain 178

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECjSWgWPLy8zIe5md2y49yc&google_cver=1&google_push=AYg5qPKuzSviSssGvUcAs9djxAS30wXPOppvRsqglH7rclLR0-vIcnAfcNn-mibG_z8nPXu6dTGMjvy4C9U9GK7L--0ysKu4PD2M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKuzSviSssGvUcAs9djxAS30wXPOppvRsqglH7rclLR0-vIcnAfcNn-mibG_z8nPXu6dTGMjvy4C9U9GK7L--0ysKu4PD2M

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1

Request Chain 196

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmaQ.1.luq5nznXE4guJwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1

Request Chain 198

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

Request Chain 201

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAwkuywXKsSUXunMzkP_E24&google_cver=1&google_push=AYg5qPIsxnsBl674cjcbhFgnLWA2NCJ3SpqygvFjqbXMFHbyy7I9ozf4Fd3lYZ-CMo6LFieBu4k6oDpYmOEEfcd1N5knHEbQ6_U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQNjItMVotQVE5Rg==&google_push=AYg5qPIsxnsBl674cjcbhFgnLWA2NCJ3SpqygvFjqbXMFHbyy7I9ozf4Fd3lYZ-CMo6LFieBu4k6oDpYmOEEfcd1N5knHEbQ6_U

Request Chain 206

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=314410524&d_campaign=26570076&d_bust=882148549&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=314410524&d_campaign=26570076&d_bust=882148549&gdpr=&gdpr_consent=

Request Chain 212

https://gcdn.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/82F5DA85F1E7BD13C4073A27A00CD4C61C8FED96.38EE35CA88E3360892AF901DAB7F48F01A1D5788/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2D0E0DC3A9202C9557F95E7A58F47D449E0E0014.0B0CFCC34A8AB609ADA4522A8D9A865E7BE1E1F3/key/cms1/cms_redirect/yes/mh/ZC/mip/2a01:4f8:a1:1a1:86::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1634310303/mv/m/mvi/1/pl/42/file/file.mp4

Request Chain 246

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8KGhGzJ7LiWp4b4sCEiD8&google_cver=1&google_push=AYg5qPLtZHx35UaIZSHUun7N963N4C0rHF_Z6AY3qj1_znJiIb3bBGxpHu81Fw86n2DLcTw3r_tXwG1_pTrUFTHnakh_QaknZhiMrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtZHx35UaIZSHUun7N963N4C0rHF_Z6AY3qj1_znJiIb3bBGxpHu81Fw86n2DLcTw3r_tXwG1_pTrUFTHnakh_QaknZhiMrA

Request Chain 247

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAwkuywXKsSUXunMzkP_E24&google_cver=1&google_push=AYg5qPJ68G41HtrB14xDLliHpNOQoIAPRowQqpEo9SrvT12WX_2nD0PaOTosLp8Ds3I9VDKBsceg0kdotfheJOvWEdB-7yxNkgtuoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQR1otMUotNkdVRA==&google_push=AYg5qPJ68G41HtrB14xDLliHpNOQoIAPRowQqpEo9SrvT12WX_2nD0PaOTosLp8Ds3I9VDKBsceg0kdotfheJOvWEdB-7yxNkgtuoA

Request Chain 343

https://sync.1rx.io/usersync/eyeota/0?dspret=1&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/eyeota/0?zcc=1&dspret=1&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3D%5BRX_UUID%5D&cb=1634310727600 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f2557d63-e967-45fe-8402-adf67f41b058-003?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3DRX-f2557d63-e967-45fe-8402-adf67f41b058-003 HTTP 302
https://ps.eyeota.net/match?bid=d6m4omv&uid=RX-f2557d63-e967-45fe-8402-adf67f41b058-003 HTTP 302
https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D1%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26 HTTP 302
https://ps.eyeota.net/match?bid=9sn4omv&uid=QToUzVaO1MBoSn5&newuser=1&dc_rc=1&dc_mr=5&dc_orig=d6m4omv& HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2XZ8kjDdrPPk13TAnAQttd7-6K3QVtxL-O-ou5R4Y0F4&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&dc_rc=2&dc_mr=5&dc_orig=d6m4omv& HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9202273308&_puid=2VksjrwI_lxFwElNGwFyU1ObW4-ouVqKMUYSAXE19S_A&_redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dc9gd69u%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D HTTP 302
https://d.agkn.com/pixel/1716/?che=1634310728&sk=164900403940000254243&puid=2VksjrwI_lxFwElNGwFyU1ObW4-ouVqKMUYSAXE19S_A&as2=&l1=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dc9gd69u%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D164900403940000254243 HTTP 302
https://ps.eyeota.net/match?bid=c9gd69u&dc_rc=3&dc_mr=5&dc_orig=d6m4omv&&uid=164900403940000254243 HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Db2c3gb0%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D%7B%7BUUID%7D%7D%0A HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Db2c3gb0%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D%7B%7BUUID%7D%7D%0A HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Db2c3gb0%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D%7B%7BUUID%7D%7D%0A HTTP 302
https://ps.eyeota.net/match?bid=b2c3gb0&dc_rc=4&dc_mr=5&dc_orig=d6m4omv&&uid=880d9bb8-e1cd-4f31-a07d-566a001bb47a HTTP 302
https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559721307838183&bid=omt9pi0

Request Chain 344

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17c8482939c-7770000010f5fec&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?bid=6j5b2cv&uid=80840318566997199644075030411070147123&referrer_pid=mli4m40

Request Chain 345

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40&_test=YWmaRwAJUh2-WwAT HTTP 302
https://ps.eyeota.net/match?uid=YWmaRwAJUh2-WwAT&bid=0rijhbu&referrer_pid=mli4m40&_test=YWmaRwAJUh2-WwAT

Request Chain 347

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dmli4m40 HTTP 302
https://ps.eyeota.net/match?uid=1762185249949940899&bid=2cr76e1&referrer_pid=mli4m40

345 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.haibunda.com/ 54 KB
15 KB 430ms
237ms Document
text/html 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5d092b38d34c852f80e0993d25839cda55f201c5abbc75d1f3f1f57e272498

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:method: GET
:authority: www.haibunda.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: '1;mode=block'
strict-transport-security: "max-age=31536000; includeSubDomains" always
s: fe-publish3
x-cached: EXPIRED
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69e9fbb5bb494e8c-FRA
content-encoding: gzip

GET
H2 200 haibunda.wp.style.css
cdn.haibunda.com/css/ 216 KB
27 KB 691ms
219ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

1e0d978a09a9776d2cc6602d706e880504e526634b88ed33497bcde232fcc7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 09:36:56 GMT
server: static8
cache-status: MISS
etag: W/"607414b8-35fa2"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haibunda.cb.css
cdn.haibunda.com/css/ 13 KB
3 KB 691ms
219ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

a5403de584447c64021ad774ebc8fb49a14783e66afc4d41bbe83aa4ae6a181b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 03:14:56 GMT
server: static8
cache-status: MISS
etag: W/"61109db0-3396"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 87 KB
31 KB 784ms
194ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 07:01:24 GMT
server: static8
cache-status: HIT
etag: W/"60bdc444-15d9d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtmdl.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 4 KB
1 KB 785ms
195ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/gtmdl.js?v=haibunda.3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88e-e65"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik.ads.css
cdn.detik.net.id/commerce/desktop/css/ 9 KB
3 KB 783ms
194ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/desktop/css/detik.ads.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 03:46:21 GMT
server: static8
cache-status: HIT
etag: W/"5ddf430d-255c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dtk_commerce.js Show response
cdn.detik.net.id/commerce/commerce/ 2 KB
956 B 784ms
194ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/commerce/dtk_commerce.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

0356c516f36efead47f3474b418ff234ec7fa9a714947e955d4916dc43a1d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Mar 2020 09:00:40 GMT
server: static8
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e748638-623"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 48ms
18ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

caf8b3154c881006e3fff68f85302af4749a87a093b4694a303d1cc493ffecda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 988 of 1000 / last-modified: 1634306813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27197
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H2 200 portal.dc.js Show response
cdn.detik.net.id/libs/js-itportal/ 1010 B
860 B 784ms
194ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/js-itportal/portal.dc.js?v=1.0

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 10:11:15 GMT
server: static8
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e5f7ec3-3f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eyeotadtk.js Show response
cdnstatic.detik.com/live/js/ 312 B
533 B 1219ms
216ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.detik.com/live/js/eyeotadtk.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s2-172-242.190.203.detik.com
Software: static8 /
Resource Hash: 7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
last-modified: Thu, 17 May 2018 07:29:06 GMT
server: static8
barrier_2: MISS
cache-status: HIT
etag: W/"5afd2f42-138"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
middle-cache: MISS
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed.min.js Show response
static.vidy.com/ 5 KB
3 KB 114ms
35ms Script
application/javascript 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/embed.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151585
age: 13068
x-guploader-uploadid: ADPycduucp1E7RaHqI00UwArDe8EfcmSwzdrsFkFYgo4HS71F6jevOr9EHHE9aSkC9nhqPBTW0tiZow7JQ3494_d-IY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:31 GMT
server: cloudflare
etag: W/"b145d7539e78b5b1784435a21008f41b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=6c3BQg==, md5=sUXXU554tbF4RDWiEAj0Gw==
x-goog-generation: 1632151650900589
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,s-maxage=14400,max-age=1800
x-goog-stored-content-length: 4803
cf-ray: 69e9fbb7da6e324c-FRA
expires: Fri, 15 Oct 2021 15:34:13 GMT

GET
H2 200 972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png
akcdn.detik.net.id/community/media/visual/2019/07/23/ 8 KB
9 KB 932ms
216ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2019/07/23/972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png?d=1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 04:44:40 GMT
server: static1
cache-status: HIT
etag: W/"5d3690b8-211e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 login_loader.gif
cdn.haibunda.com/images/ 77 KB
74 KB 299ms
294ms Image
image/gif 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/login_loader.gif?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 09:23:47 GMT
server: static8
cache-status: HIT
etag: W/"5ea947a3-13516"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.png
cdn.haibunda.com/images/ 525 B
853 B 299ms
294ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/search-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-20d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb-icon.png
cdn.haibunda.com/images/ 931 B
1 KB 299ms
294ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/fb-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-3a3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter-icon.png
cdn.haibunda.com/images/ 1006 B
1 KB 299ms
294ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/twitter-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-3ee"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagram-icon.png
cdn.haibunda.com/images/ 3 KB
3 KB 299ms
294ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/instagram-icon.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-a20"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close.png
cdn.haibunda.com/images/ 225 B
518 B 299ms
295ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/close.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-e1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 225
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
cdn.haibunda.com/images/ 12 KB
12 KB 299ms
295ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-2f8e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.css
cdn.haibunda.com/css/ 2 KB
1 KB 220ms
220ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/pushnotif.css?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: MISS
etag: W/"5db2a88f-858"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico_haibunda.png
cdn.haibunda.com/images/ 2 KB
2 KB 609ms
605ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/ico_haibunda.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-8d2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.js Show response
cdn.haibunda.com/js/ 2 KB
1008 B 217ms
217ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/pushnotif.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 07:05:50 GMT
server: static8
cache-status: MISS
etag: W/"60dac64e-717"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_logo_haibunda.png
cdn.haibunda.com/images/ 13 KB
12 KB 609ms
605ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/footer_logo_haibunda.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-3311"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_logo2.png
cdn.haibunda.com/images/ 7 KB
7 KB 609ms
605ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/footer_logo2.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-1a35"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_fb.png
cdn.haibunda.com/images/ 2 KB
2 KB 609ms
605ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_fb.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-89e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_tw.png
cdn.haibunda.com/images/ 3 KB
3 KB 610ms
606ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_tw.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-b87"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_ig.png
cdn.haibunda.com/images/ 6 KB
7 KB 610ms
606ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_ig.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-1933"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_yt.png
cdn.haibunda.com/images/ 3 KB
3 KB 610ms
606ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_yt.png?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-b21"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haibunda-wp-js.min.js Show response
cdn.haibunda.com/js/ 118 KB
34 KB 225ms
221ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/haibunda-wp-js.min.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

a50d16fb94114f97b8afe54fe017441606825bce1a6cb8fd2390ebd8130d64e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 07:05:50 GMT
server: static8
cache-status: MISS
etag: W/"60dac64e-1d755"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imgLiquid-min.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 225ms
220ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/imgLiquid-min.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-13f7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.6/ 294 KB
97 KB 39ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.6/firebase.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98890
x-xss-protection: 0
last-modified: Wed, 18 Jan 2017 00:39:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 04:23:19 GMT

GET
H2 200 firebase.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 225ms
221ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/firebase.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2019 05:11:48 GMT
server: static8
cache-status: HIT
etag: W/"5df1cc14-14d6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik-vertical.js Show response
cdn.haibunda.com/js/ 1 MB
268 KB 300ms
296ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

8e28ee83958f79c4b7b82921b30801ee1e53747e1165ab461d28439d1b6bb21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 03:36:26 GMT
server: static8
cache-status: HIT
etag: W/"613ec73a-152d8a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 refresh.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 1 KB
716 B 197ms
191ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/refresh.js?v=haibunda.3.4.3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88e-430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikLiveUserCounterResponse.js Show response
cdn.detik.net.id/libs/livecounter/ 37 KB
10 KB 204ms
198ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=9cee2307

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 08:01:26 GMT
server: static8
cache-status: HIT
etag: W/"60f7d456-921a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 51ms
23ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2811094
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19168-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 69e9fbbf38fb7039-FRA

GET
H2 200 callback-revive.js Show response
cdnstatic.detik.com/live/_rmbassets/ 168 B
457 B 221ms
215ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.detik.com/live/_rmbassets/callback-revive.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s2-172-242.190.203.detik.com
Software: static8 /
Resource Hash: f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
last-modified: Wed, 28 Apr 2021 07:59:13 GMT
server: static8
barrier_2: MISS
cache-status: HIT
etag: "608915d1-a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
middle-cache: MISS
accept-ranges: bytes
barrier_1: Static
barrier_3: HIT
content-length: 168
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 connectdetik Show response
www.haibunda.com/ 262 B
310 B 225ms
219ms Script
application/javascript 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/connectdetik?fn=onLoginClient

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:path: /connectdetik?fn=onLoginClient
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-cached: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/javascript
s: fe-publish2
cf-ray: 69e9fbbf0bd84e8c-FRA
x-xss-protection: '1;mode=block'

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 93ms
61ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69e9fbbf39c52b1a-FRA

GET
H/1.1

200
OK

/ Show response
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=

1 KB
2 KB

20ms
20ms

Script
application/javascript

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d8c45ed2c0e279ad57acc40a24b9a249027d7341f436fc16d17f308e76fa2295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Type: application/javascript
Content-Length: 1210
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
32 KB 53ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aff5d67c1c48053e7d3e22251e77dcdfce14265e5109bd870e463069acce4d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32670
x-xss-protection: 0
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H2 200 AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0= Show response
fundingchoicesmessages.google.com/f/ 78 KB
28 KB 76ms
44ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

864370df7e2d2646b46e5bbb72bc1fa6cb549a5963b9e1286088b68c4c4ea4f5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-quX2JlQ8K3tB350cstLCdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-quX2JlQ8K3tB350cstLCdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-quX2JlQ8K3tB350cstLCdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-quX2JlQ8K3tB350cstLCdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/detik-haibunda/ 145 KB
24 KB 480ms
446ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.82.8 /
Resource Hash: ed77a2bd3ea133fd5e1078b0d91684562475ee49fdbb647e1873fa56a73d69a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 6VZL_luocuI4aojvVksoEePEABHLYPh7
content-encoding: gzip
etag: "b030af1bf51af67c3d1056f03c7acbb2ac48bf9d"
age: 0
via: 1.1 varnish
x-cache: MISS
content-length: 24057
x-amz-id-2: NcQC+A1l7HiWlxZstPrFp2iQAioRHjtaFSDyPIMNWhfTLQiW3GORnjK06/i8jh6yRFRDDxuH7B8=
x-served-by: cache-fra19126-FRA
last-modified: Fri, 15 Oct 2021 15:12:02 UTC
server: obaker.93.1.2-11.82.8
x-timer: S1634310720.681258,VS0,VE437
date: Fri, 15 Oct 2021 15:12:00 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: WK6D040992MZ17KJ
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 6
x-cache-hits: 0

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/8443234/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

14ms
14ms

Script
application/javascript

13.225.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:07:29 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 2045
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: zuvR5MXmJAnspJcOHY5fbbqPSHtR4xbfTm0EIQB-MIFsh4HG_qlLgg==

Redirect headers

date: Fri, 15 Oct 2021 15:12:02 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: QlcvrYHGyB4tEZNBPgzIqXT6o_5f2GQviXT0zgiGkV3TIm0y6mxEtw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
43 KB 44ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fba494ebb85f77289961ba57473465b23151e76c2cb2081fbc80d5c7f7db6613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44225
x-xss-protection: 0
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H2 200 opensans-semibold.ttf
cdn.haibunda.com/fonts/ 33 KB
33 KB 633ms
212ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-semibold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-822c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 33324
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-new.png
cdn.haibunda.com/images/ 846 B
1 KB 652ms
651ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/icon-new.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 07:18:08 GMT
server: static8
cache-status: HIT
etag: W/"5e576d30-34e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-regular.ttf
cdn.haibunda.com/fonts/ 43 KB
44 KB 612ms
212ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-regular.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-ade4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 44516
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-btn.png
cdn.haibunda.com/images/ 764 B
1 KB 648ms
648ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/search-btn.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-2fc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-light.ttf
cdn.haibunda.com/fonts/ 188 KB
188 KB 608ms
213ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-light.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-2ee74"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 192116
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634310722461&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%...
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634310722461&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C...

64 B
328 B

20ms
20ms

Image
image/gif

13.225.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634310722461&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-8.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: hk552wCof4D0upDU04LP3nIWJo2YHdG1iPwC0-Z5SbbwLt2xymAauw==

Redirect headers

date: Fri, 15 Oct 2021 15:12:02 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1634310722461&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length: 261
x-amz-cf-id: HxkCej4eL1cXyycktOnxZ0veyBBrcyDuKdgbci8hn0yTBVUg_TLBsQ==

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 204ms
204ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 398 B
201 B 39ms
22ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

283b069e9ffec726e1b1132f6c8a2395d298305db72af2a0a4256779acdcd111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 176
x-xss-protection: 0
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=403c0b4a-2dca-11ec-8af7-16821cb20506

0
588 B

21ms
21ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=403c0b4a-2dca-11ec-8af7-16821cb20506
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Fri, 15 Oct 2021 15:12:02 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 72
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Server: nginx
Location: /partner?source=280136&sync_limit=7&__user_check__=1&sync_id=403c0b4a-2dca-11ec-8af7-16821cb20506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 60
Connection: keep-alive
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b7f9c63a4512492b1b6be19fe6db3cdb6d6c7ebb6236a5e889cf3c8bec48209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49395
x-xss-protection: 0
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 1505
date: Fri, 15 Oct 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 16:46:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 36ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25966
x-xss-protection: 0
pragma: public
x-fb-debug: SmKuwr7nuZ3WkQWqmwzSSxbyQCXDKOD1o0k8mk7OBvzdEw83SfYT94hfw/qZ0q7xIWHP+J8N8mlC09KcPRVWFA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 15 Oct 2021 15:12:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 47ms
9ms Script
application/javascript 18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 14763876
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: sBcSGy7yzClEVIfufPJvoSPBYcDeO-sy92SiWSkeunZWbo3JpxL72Q==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 12ms
12ms Script
application/javascript 13.225.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 02:24:38 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 46111
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: IlaIN_S6_B_cdiuxZP0o2ktFZbkM5SToMbGyRjHcAaZOlneaSHOtIg==

POST
H2 204 AGSKWxUNaaVvv8bRyDsQ3CV5jVLYR-mlVqr8Vz86D5qcDk_-Rx-bPGKdHhTotrLmIYSzgUNhJmvkIp2iPZmLoi4Gatg= Show response
fundingchoicesmessages.google.com/el/ 0
918 B 50ms
25ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNaaVvv8bRyDsQ3CV5jVLYR-mlVqr8Vz86D5qcDk_-Rx-bPGKdHhTotrLmIYSzgUNhJmvkIp2iPZmLoi4Gatg=?pvid=A0502473-BF01-4349-BB80-78BEF0A5760A&anonid=7DFCD108-E02A-4511-AB27-EB682D94BCF0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uMy8O9i_-mc.es5.O/d=1/rs=AJlcJMyJCeTvOtxb_oY8-zs-g52rAvBHhw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dY60UEoDxJffYcQcVGxnAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dY60UEoDxJffYcQcVGxnAg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-dY60UEoDxJffYcQcVGxnAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dY60UEoDxJffYcQcVGxnAg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX1Su2q9SOOESpaTjDlFJqEo0ZFJxjrGJzvfx_1W2XQLFSXs_Z37Knz9j-aI4tWwBAOZ2T7bYn8PTJudoSPAas= Show response
fundingchoicesmessages.google.com/f/ 61 KB
23 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1Su2q9SOOESpaTjDlFJqEo0ZFJxjrGJzvfx_1W2XQLFSXs_Z37Knz9j-aI4tWwBAOZ2T7bYn8PTJudoSPAas=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MzEwNzIyLDU0NDAwMDAwMF0sIkEwNTAyNDczLUJGMDEtNDM0OS1CQjgwLTc4QkVGMEE1NzYwQSIsIjdERkNEMTA4LUUwMkEtNDUxMS1BQjI3LUVCNjgyRDk0QkNGMCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIl0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7f6d88f14a3ac268f45a5105809ce350496af91174dbeb66b0eec6a5b7c929c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3KYBR5E9iRYku9JJZPqbVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3KYBR5E9iRYku9JJZPqbVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3KYBR5E9iRYku9JJZPqbVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3KYBR5E9iRYku9JJZPqbVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkY1WkNBSGs5UHgtRUNBbnduMjd3alRRMWJpUzd2QWxVTnIyUWgxTm51b0U&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkY1WkNBSGs5UHgtRUNBbnduMjd3alRRMWJpUzd2QWxVTnIyUWgxTm51b0U&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKCaKLH5JvhHCxiT1Qr-Rcc&google_cver=1

70 B
440 B

11ms
11ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKCaKLH5JvhHCxiT1Qr-Rcc&google_cver=1
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=mli4m40&google_gid=CAESEKCaKLH5JvhHCxiT1Qr-Rcc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
https://ps.eyeota.net/match?uid=28c9cb88-e2cb-462d-a28c-3a071602ac5c&bid=1e2n4ou

70 B
440 B

12ms
11ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=28c9cb88-e2cb-462d-a28c-3a071602ac5c&bid=1e2n4ou
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=28c9cb88-e2cb-462d-a28c-3a071602ac5c&bid=1e2n4ou
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26referrer_pid%3Dmli4m40
https://ps.eyeota.net/match?bid=7vi0rg0&uid=a42c6169-9a42-4e00-a2ba-f5a7ea6de5c5&referrer_pid=mli4m40

70 B
440 B

10ms
10ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=7vi0rg0&uid=a42c6169-9a42-4e00-a2ba-f5a7ea6de5c5&referrer_pid=mli4m40
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ps.eyeota.net/match?bid=7vi0rg0&uid=a42c6169-9a42-4e00-a2ba-f5a7ea6de5c5&referrer_pid=mli4m40
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 15 Oct 2021 15:12:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-S._zgMZE2pUfsON8Y4K8SqRJepwny1UFjUE-~A

70 B
440 B

30ms
19ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-S._zgMZE2pUfsON8Y4K8SqRJepwny1UFjUE-~A
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Fri, 15 Oct 2021 15:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-S._zgMZE2pUfsON8Y4K8SqRJepwny1UFjUE-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=mli4m40
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4162784312116736838&newuser=1&referrer_pid=mli4m40

70 B
440 B

23ms
11ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4162784312116736838&newuser=1&referrer_pid=mli4m40
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:02 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4162784312116736838&newuser=1&referrer_pid=mli4m40
pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 17ms
17ms Image
text/plain 13.225.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8443234&ns__t=1634310722550&ns_c=UTF-8&cv=3.5&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c7=https%3A%2F%2Fwww.haibunda.com%2F&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-8.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: _q--9m6ac-BTqZgK3K6v4SzdM5AyqYcRZKGvf20SeZNSptPwnkeTJg==
x-cache: Miss from cloudfront

POST
H2 204 collect
analytics.google.com/g/ 0
165 B 17ms
15ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LW7SH9Y4G8&gtm=2oead0&_p=1766909678&sr=1600x1200&_gaz=1&ul=en-us&cid=1171546119.1634310723&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sid=1634310722&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
369 B 51ms
17ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LW7SH9Y4G8&cid=1171546119.1634310723&gtm=2oead0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 58ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LW7SH9Y4G8&cid=1171546119.1634310723&gtm=2oead0&aip=1&z=2137299879

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 304159643041671 Show response
connect.facebook.net/signals/config/ 492 KB
145 KB 313ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304159643041671?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb22aa4df5bc50c9504a6d0138dc990da569f3a95906fc2d68b80f7715177b16

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 147899
x-xss-protection: 0
pragma: public
x-fb-debug: heseQ5EDFopmFZl4KmdvfizXgraOdGUzh4CtJny+L9fT5Vu19NvR/O3cxVz9tOqHfv5WElcpu+EVEvDxUD5aNw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 15 Oct 2021 15:12:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 37ms
9ms Image
image/gif 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&time=1634310722582&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.haibunda.com%2F&random_number=11089095345&sess_cookie=c0cc3bba17c84829416b7d5e34b&sess_cookie_flag=1&user_cookie=c0cc3bba17c84829416b7d5e34b&user_cookie_flag=1&dynamic=true&domain=haibunda.com&account=iSYNs1rcy520uW&jsv=20130128&user_lang=en-US
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 05:06:47 GMT
Via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 36315
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA60-P3
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: zhLmxMtKnX83Gbd8TmtJH6062QI52KuYNTRBUvApx-dJ1K0xwo00vw==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 627ms
166ms Image
text/plain 54.148.74.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.74.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-74-183.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
server: Server

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 16ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1766909678&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&ul=en-us&de=UTF-8&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=512602760&gjid=1894911213&cid=1171546119.1634310723&tid=UA-891770-244&_gid=369648495.1634310723&_r=1&gtm=2wgad0WGBMBG8&cd1=47&cd6=kehamilan%2C%20menyusui%2C%20parenting%2C%20nama%20bayi%2C%20mom%27s%20life%2C%20motherhood%2C%20cerita%20bunda%2C%20resep%2C%20tips%20%2C%20video%2C%20referensi%20produk%2C%20rekomendasi%20tempat&cd16=wp&cd17=desktop&cd19=1.799&cd48=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&z=1049889227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-891770-244&cid=1171546119.1634310723&jid=512602760&gjid=1894911213&_gid=369648495.1634310723&_u=YADAAUAAAAAAAC~&z=2100471334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Oct 2021 15:12:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 57ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-891770-244&cid=1171546119.1634310723&jid=512602760&_u=YADAAUAAAAAAAC~&z=1398126013

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-891770-244&cid=1171546119.1634310723&jid=512602760&_u=YADAAUAAAAAAAC~&z=1398126013

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUNaaVvv8bRyDsQ3CV5jVLYR-mlVqr8Vz86D5qcDk_-Rx-bPGKdHhTotrLmIYSzgUNhJmvkIp2iPZmLoi4Gatg= Show response
fundingchoicesmessages.google.com/el/ 0
364 B 24ms
23ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aqGnDyyhNkh/V8F9BWE0mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aqGnDyyhNkh/V8F9BWE0mA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-aqGnDyyhNkh/V8F9BWE0mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aqGnDyyhNkh/V8F9BWE0mA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 45ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 44ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
257 B 51ms
50ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2406292379296579&correlator=4443021029315398&output=ldjh&impl=fif&eid=31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=4905536%2CHaiBunda_desktop%2Cballon_ads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634310722&dt=1634310722745&dlt=1634310721153&idt=1560&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3381077581&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2110&msz=1600x0&ga_vid=1171546119.1634310723&ga_sid=1634310723&ga_hid=1766909678&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

fcd1f72b518acb623ff3ec4d96baae7e8c32ee68d45a9f198e1c054f1e1468c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 222ms
221ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2406292379296579&correlator=4443021029315398&output=ldjh&impl=fif&eid=31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=4905536%2CHaiBunda_desktop%2Cbottomframe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634310722&dt=1634310722748&dlt=1634310721153&idt=1560&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=528661791&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1171546119.1634310723&ga_sid=1634310723&ga_hid=1766909678&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

988273bd97fdc73e5cd6519a6225d4bb129e10484b65cfbd23388b150a9ce46d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9380
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 402ms
401ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2406292379296579&correlator=4443021029315398&output=ldjh&impl=fif&eid=31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=4905536%2CHaiBunda_desktop%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&prev_scp=pos%3Dbillboard&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634310722&dt=1634310722749&dlt=1634310721153&idt=1560&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=221&adks=3438090239&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=1171546119.1634310723&ga_sid=1634310723&ga_hid=1766909678&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

124017361ed67d5b1147382fbf5b09de152ecd217bb1626fea96c384640eb2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8854
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 752ms
752ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2406292379296579&correlator=4443021029315398&output=ldjh&impl=fif&eid=31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634310722&dt=1634310722750&dlt=1634310721153&idt=1560&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=675&adks=2630211830&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1171546119.1634310723&ga_sid=1634310723&ga_hid=1766909678&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d8ecff3ac07eba5a37def47444f611be657e5a2b1fbc2a0a8c81934e8b859c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
19 KB 587ms
587ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2406292379296579&correlator=4443021029315398&output=ldjh&impl=fif&eid=31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1634310722&dt=1634310722752&dlt=1634310721153&idt=1560&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=960&adks=2451876870&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1171546119.1634310723&ga_sid=1634310723&ga_hid=1766909678&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3ad71be8ffbed2d121467ef9331648a8558e56998f133292caf8aac872c6ea72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19849
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA04 6 KB
4 KB 65ms
26ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 15:12:02 GMT
expires: Sat, 15 Oct 2022 15:12:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST /
kayumanis.detik.com/api/validation/ 0
0

GET
H2 200 impl.20211014-5_b2-PR-39602-DEV-98324-video-module-for-stories1-ebf744b9a2c-SNAPSHOT.js Show response
cdn.taboola.com/libtrc/ 594 KB
121 KB 18ms
17ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211014-5_b2-PR-39602-DEV-98324-video-module-for-stories1-ebf744b9a2c-SNAPSHOT.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: adca85fd7dc2eb5a22f1120e931a46d26a4e526ad2c5f25e2301343db62d873d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: j6dZwhYAEooZ759_2SVFse4jeribZtfz
content-encoding: br
etag: "1ffc149dae93b175778c9f2a123fa48a"
age: 20909
x-cache: HIT
content-length: 123802
x-amz-id-2: monVanvzBqcF+/p6/WA+fFRDjWBku7f5GKxkB/7648r7jR4spaOcuZOClgETrSoS9Bm4/d3x4ZY=
x-served-by: cache-fra19126-FRA
last-modified: Thu, 14 Oct 2021 17:18:14 GMT
server: AmazonS3-br
x-timer: S1634310720.141381,VS0,VE0
date: Fri, 15 Oct 2021 15:12:00 GMT
vary: Accept-Encoding
x-amz-request-id: NMYSF4KZGHTF26XG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 1521

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
75 B 18ms
18ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=video-module-for-stories_var
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634310720.141448,VS0,VE0
x-served-by: cache-fra19126-FRA
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 25ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1634310722949&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634310722948.1623296331&it=1634310722581&coo=false&exp=p0&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 25ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1634310722954&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634310722948.1623296331&it=1634310722581&coo=false&exp=p0&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H2 200 container.html Show response
a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CE8 6 KB
3 KB 310ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 15:12:02 GMT
expires: Sat, 15 Oct 2022 15:12:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E279 6 KB
3 KB 143ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 15:12:02 GMT
expires: Sat, 15 Oct 2022 15:12:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 newAdfoxConfig. Show response
fundingchoicesmessages.google.com/f/AGSKWxW7LilM0F5s8Ji6Gn47msdETeaezJYjubwNaBXSxPGE6FvfLscrpUuemt_XSMdK7UMW1r0O_Y_EU5PhCF_kdIm4yiKAXvP3M5VKruycoJvgMb-JjHpVqA8ClplUKr3k74BoxeDehnIxjUgGA3U1EEzQ1WQUt... 54 B
642 B 23ms
23ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW7LilM0F5s8Ji6Gn47msdETeaezJYjubwNaBXSxPGE6FvfLscrpUuemt_XSMdK7UMW1r0O_Y_EU5PhCF_kdIm4yiKAXvP3M5VKruycoJvgMb-JjHpVqA8ClplUKr3k74BoxeDehnIxjUgGA3U1EEzQ1WQUtC3AstXSJo0AFWZOHguRwyWk0P7Y8tgOMIzoMdq4BuWnj1GGKJvqMmLug5z006V1y4VlktwJWZlpmZAkCoc=/_/ad-sprite./adjug.-advertising/vast//adfrequencycapping./newAdfoxConfig.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e873d8ce31311b2b1606bd9a7960e2ce0e57b0c5f68bdfb0cd7215f540c4482e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cJ+iP6XpA1a+T6g8Pn8U0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cJ+iP6XpA1a+T6g8Pn8U0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-cJ+iP6XpA1a+T6g8Pn8U0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cJ+iP6XpA1a+T6g8Pn8U0Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
595 B 34ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 04:33:28 GMT

POST
H2 204 AGSKWxWDYHNRUj8wNAGz1jNbE90WdBQgfJGWHtEWya-MLfwN5MZoBcHtDsxkKd5h0j1CfBcRuDqeY26GPDheqfTjTNtWVz__vMNEDtOlge_T6Lhe3lNajO6HoOzEbyd5YOoRG7l7Mn2LvRp33NSgpzFyq_Tu3DLFUgndYdEYHODnRHsyvldGF4LcKnQWt8XR Show response
fundingchoicesmessages.google.com/el/ 0
363 B 25ms
24ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWDYHNRUj8wNAGz1jNbE90WdBQgfJGWHtEWya-MLfwN5MZoBcHtDsxkKd5h0j1CfBcRuDqeY26GPDheqfTjTNtWVz__vMNEDtOlge_T6Lhe3lNajO6HoOzEbyd5YOoRG7l7Mn2LvRp33NSgpzFyq_Tu3DLFUgndYdEYHODnRHsyvldGF4LcKnQWt8XR

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WUK7aPBnReOFhnoWXG3NjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WUK7aPBnReOFhnoWXG3NjQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WUK7aPBnReOFhnoWXG3NjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WUK7aPBnReOFhnoWXG3NjQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWDYHNRUj8wNAGz1jNbE90WdBQgfJGWHtEWya-MLfwN5MZoBcHtDsxkKd5h0j1CfBcRuDqeY26GPDheqfTjTNtWVz__vMNEDtOlge_T6Lhe3lNajO6HoOzEbyd5YOoRG7l7Mn2LvRp33NSgpzFyq_Tu3DLFUgndYdEYHODnRHsyvldGF4LcKnQWt8XR Show response
fundingchoicesmessages.google.com/el/ 0
363 B 33ms
33ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kGfgSaHagE4B+A7Qnfp8Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kGfgSaHagE4B+A7Qnfp8Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-kGfgSaHagE4B+A7Qnfp8Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kGfgSaHagE4B+A7Qnfp8Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWDYHNRUj8wNAGz1jNbE90WdBQgfJGWHtEWya-MLfwN5MZoBcHtDsxkKd5h0j1CfBcRuDqeY26GPDheqfTjTNtWVz__vMNEDtOlge_T6Lhe3lNajO6HoOzEbyd5YOoRG7l7Mn2LvRp33NSgpzFyq_Tu3DLFUgndYdEYHODnRHsyvldGF4LcKnQWt8XR Show response
fundingchoicesmessages.google.com/el/ 0
531 B 59ms
59ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DvmuFAx7T7W7iyR8UDKoEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DvmuFAx7T7W7iyR8UDKoEw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-DvmuFAx7T7W7iyR8UDKoEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DvmuFAx7T7W7iyR8UDKoEw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXp7uv9n6xP4FuTGM62QMTa_FiIx5502b6ECLSunkc9urn0TrH76FnLaWTxOnSC_XSjnXUvvFbzrQ7Cj9Dpteef2MLPNUCI_DeX87f30wbNmnkY65fuFJfPfRT-cEIVCvjW0u54yJNhZWUc18EhQhOTnNMhcTKvb1zjDiPJj3NnEhkjuwXJR4lujjUs Show response
fundingchoicesmessages.google.com/f/ 42 KB
16 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXp7uv9n6xP4FuTGM62QMTa_FiIx5502b6ECLSunkc9urn0TrH76FnLaWTxOnSC_XSjnXUvvFbzrQ7Cj9Dpteef2MLPNUCI_DeX87f30wbNmnkY65fuFJfPfRT-cEIVCvjW0u54yJNhZWUc18EhQhOTnNMhcTKvb1zjDiPJj3NnEhkjuwXJR4lujjUs?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MzEwNzIzLDI0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e80e7f2beeedba5ae1a4c4d58e4b91da3cc034766af2011dc9d4c17cdfda424c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hXrhjFoNAkF2BUDrOEsocw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-hXrhjFoNAkF2BUDrOEsocw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-hXrhjFoNAkF2BUDrOEsocw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-hXrhjFoNAkF2BUDrOEsocw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWDYHNRUj8wNAGz1jNbE90WdBQgfJGWHtEWya-MLfwN5MZoBcHtDsxkKd5h0j1CfBcRuDqeY26GPDheqfTjTNtWVz__vMNEDtOlge_T6Lhe3lNajO6HoOzEbyd5YOoRG7l7Mn2LvRp33NSgpzFyq_Tu3DLFUgndYdEYHODnRHsyvldGF4LcKnQWt8XR Show response
fundingchoicesmessages.google.com/el/ 0
361 B 62ms
62ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.mdPmZhaM1p4.es5.O/d=1/rs=AJlcJMwIGUhmNjrLMzGUiEPwx83XKCFptw/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EL2a3104/D5nlY2ZuizbIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EL2a3104/D5nlY2ZuizbIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-EL2a3104/D5nlY2ZuizbIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EL2a3104/D5nlY2ZuizbIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVmxVWkXS9KlP5iqzWkJ-N1hh12jfGZ09K5uBsvRKI_E9Ds_Xkn7_d76AehP51ACPkN-GF_qFVlnoPVhakugVppmYIgcLwYAQsoSoH93BPwJ4-BGgQj_2kquMH9C6P-pDMW196xoxiglgokWRX0i3CGIGngBivBXUKM0w4w3puUQOWjThC2QA23_OHJ Show response
fundingchoicesmessages.google.com/el/ 0
362 B 89ms
89ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmxVWkXS9KlP5iqzWkJ-N1hh12jfGZ09K5uBsvRKI_E9Ds_Xkn7_d76AehP51ACPkN-GF_qFVlnoPVhakugVppmYIgcLwYAQsoSoH93BPwJ4-BGgQj_2kquMH9C6P-pDMW196xoxiglgokWRX0i3CGIGngBivBXUKM0w4w3puUQOWjThC2QA23_OHJ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.KYXuLLvT_bk.es5.O/d=1/rs=AJlcJMyCGyJJhyeSqlGOKkzppHcX-jSKFA/m=cookie_refresh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uH9/O/oortVSKxkwI66oHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uH9/O/oortVSKxkwI66oHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uH9/O/oortVSKxkwI66oHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uH9/O/oortVSKxkwI66oHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVmxVWkXS9KlP5iqzWkJ-N1hh12jfGZ09K5uBsvRKI_E9Ds_Xkn7_d76AehP51ACPkN-GF_qFVlnoPVhakugVppmYIgcLwYAQsoSoH93BPwJ4-BGgQj_2kquMH9C6P-pDMW196xoxiglgokWRX0i3CGIGngBivBXUKM0w4w3puUQOWjThC2QA23_OHJ Show response
fundingchoicesmessages.google.com/el/ 0
362 B 68ms
68ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YiFx/t188TRlF+zi276yjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YiFx/t188TRlF+zi276yjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-YiFx/t188TRlF+zi276yjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YiFx/t188TRlF+zi276yjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C03D 624 B
504 B 23ms
22ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNUBXnpp_4Ogx865hi8qlA8s0TKB-tm2cLAhgv33RL2ukEUmv7SEmY00jDnUzTjhehSfXtkJD_HQmDIAFH-WzURhQ92qowpXK_CMclb2sAj2fA2I0eBs7Tn2O5rbuJSt6snXx7mrI_xBj9OpqpfDAbQLiCfyI1Dw0XKTuo7jnl-_WsaT3Rc

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNUBXnpp_4Ogx865hi8qlA8s0TKB-tm2cLAhgv33RL2ukEUmv7SEmY00jDnUzTjhehSfXtkJD_HQmDIAFH-WzURhQ92qowpXK_CMclb2sAj2fA2I0eBs7Tn2O5rbuJSt6snXx7mrI_xBj9OpqpfDAbQLiCfyI1Dw0XKTuo7jnl-_WsaT3Rc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlLVLW7H1vJ8ZhVXpAfFDKUrCR3I5VQus9-j61EIwZPan6abchsrG7BNLZXHz4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 15 Oct 2021 15:12:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3CE8 79 KB
29 KB 44ms
44ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuvHMZvDXnxF9l3QSI8weunOAgtKpOmzVuMuM2XPs_bT3RjxSDVPQtyyYq86WxhmXw5EnMildjTa6xj11ZqU7ivSzg0ylL1DF0LUn16iS_Cho-msVSROIH_1uPFknOscHBd9AF3OfvYAkk_TIYjLYD0iAQsA&dbm_d=AKAmf-CN4LojxzGoc23YqKMfTucxuJEzJUyyxt90CKQ1eouOGvi_dandCJ2iHz3Cosxq3DI4tUlTjul76unzzUyUTzU77GdptQZfMPkOtJygU6jBt1q0xPPIYpJ_PzJ0-pv3dv-LTKMUpBTU062RxtA8x0HBupdG-87_Ady-Jb_4KQJdwu4MTRAl1Pv4HwVH5_pOx4IFC7nSXpHJ4TwM4pVMmuou6qkkef9QdVlvPqcJiq1cMZVHUF0PLZ2wR9tMUe0RXjOBvwJvMYJeMZzU6xiHk8IgedCHVqmXxdQ6p2Cl2tJzjnOYwjTk_NzYGiAYUEgFSW-iYar0--KuIVobrXjnvRnbppkVt9U_cUEFJHaNrgI_cmwbrzvQbeNTXpuosWruOzFo3f2CuVUFkdGdQ1q5VQOxXtOzhV-6g_V5T3US40Nz2lwa3YJThKFTg9Nq6rZaUkB5UpSPKUHAU3JiHeKEWwk3A-7wTcIJTjNkCNeRyWNpenmozyqUaj3lAiFss4RZGRIefUAeRVsHxLcLINDiZ8DUu4MBx_AZXxu_5wwH3LFnWCvG8LPFF9bSWKm2xXTZ8GWjUeS1E4R0ckXbVhCXzL8QFYAv2dKWKytBuJcETaN7QwSEast871iIIB-ZCQ5XPQO8r4lU4v4AgteiOwzICg6SSfDmIG8zEb00T0woTNQMpbd0XDBoDAKwb6ekc6Tl7CCfOn2rWTNDDHaNqJ10pCscITQyfzvTLodm9VMEQbr19-QHnlIBe9iRFn42feCOf-ONMu6vvlf9Jq_4VFO9FKCHhTicSuV0bwWY3IsswfrJ293q41QwZVCBu5WmtbYCx6KPKQcvy6Yz-FhWAd6EnidztUmXIFzjXSE0dlPGWHmc5dSJHtumlXI6vrfjSvVa6IIz9Lu5l3ouNiUc3wBldpgdt5PbJWHCMBti8zYrs4NMZfaRqAiXd7kE5wcMww1sOhSL2YpznAcWbwStQfV3GP9V6ddPPFyBjPhlKNSQnVZrMog-HunHxpdSkSR6u7w6tXb7j2K6gROitk10qvmEhz2Q1-FF2C3ZyqmQbFPOPMwjIPX9XwBudou3uQ0-AirU6k_u2o0FfEjaiMaxA4jBgKQwo8rVooZSGTCEQwLNnQjJMLZ59qGUfzMQsG87pLoPOL7qqxwAnGommiMYTW8oxgc1nSQdRLe3Gus_2hXEBZrGCJPLvBdNxtjUPuFE9s7_Ag13B-KUzsidqvymYDlIACNIUiHOwYUINTQY9FJElqzXIQgLmgZFlkTkxnausHUdAssTHRmzCxCJbIqgBvfEP--GohhtrRrRa2Js9oIio_jBMyzsGhGLbNJCNYWWSmoDrWu_rs_6pVJLoJEGWwSmlLJAghfCdGDIyeP24Xj3Q2F9AUtw3Xtxut-B9cw573m_HRd3II5wwzlqzUzGyLPEtBbuEPR48LBcyAXnJ5eQI7yDLJSfWtzucLaUp1wpE551W6PdHAlurwfh3fjLKl17QUZ2Rlim1lIbWizqwCge_ri1KYaAHM01FNIWp0arSPJHptsoXuIbOfejZLQDEOmVr-VyCJBl8UqkPANABZ7D99D8Vl6MmVZs_bPPzo1f5AK_ucdliPlCa1DxauJ8lBQ5dpmKxVnFjQLeAfm1k4T3zbA6WFUx3QyKKfxv9hLvltP2IcXt1Fpjb6y-1AgvFFiBuf16n7tet1Kt5HVQv5bSCbkKgpzYdn1IP6TxscEj-Snu2mq2xPWlh5n6D-vcSenwPdTZC6p1ABajn6Q4-Wlz6ROxKOZwc-eaxd26qid2gOw_HG2LSoDYTqktLCjnyWOncNPOTz4HzTes92_X0kN787TiGu0REabdgpAAu5Bojc2VFjV2Ed7QY9DoZTS8jVI2l2CZw3WiExaMU5Af_hTyrWFkddrPMlJ-PQo8FHZmHUfP9kVCoUDT1QbAEFsCPtgO93v6hu6tHMNxxXHzOGUANtYBtceRmEbE2qvw-MtDyomZUCsdo8dgvqlj25_J33CCYfvdUP_hVg4fgfntQn90bZWtEjDw03gMrYdW5PovOohtV_gJv7FStA73_aeijgD_77c123oLe9gk4L8WVDZOmwdUnnF12YD9rFxWSVgXk-Q-kLXpa0gQJkg5aFcpv9DIf4c-NTlHe2N6TQh8fDGPvmhrpuGbE4Erj8GH9iZCGaAZFARo3Pii-gvMMrEQ-oVlSr5NDQPDon3osAGmXvUTqy5sQV8pu0cuqPbW7PegwpdSOV6OyhsLY2h5vsvwJ7yXTsPT9bQGYtvdhLnSdDr-dpnsUvUb58mImYa_3wIh5364JARfpRGdvEzGK8GUrLnDKMRy_fUknH_URrmuPRJv7Ekj3_XKN5gZFWwDS_BmPb0DwlrJtjzH5qKT9GAroVddfNoHOqYu7TjJFWqvaf5H7Cqyso3h9n1lUAHf-LboUpg8v0OdJJ5A_VDHPGyid4Gpfqh0NYJcwbYq4YxOWm4gIqUAhwjZ5wr48AK98Ne-NCsT8Zve5W3SbpIehWtpQAyyjst23vfva06CzJtU3EDi7bDRPZghamGEdDtL0PknXF4TwKz589osMGVVDtJ6ynnY8c85iLnelwPzXbCMVdVN63eRYqit_VD3PcMaD8_rD8i_O8NvveeMMpDZ7EvAHGKEO4J4Im3SyQHG0NBbifvhJon0CVB1a5pmZFDJa-d-WaFLSod9rYvr6Caozrtzis_p73QDnt9eO9pkQaXhYiV8_iAi4o8OImReN5AOW_5Hwfd-45XXT6ETp2JSqFSxN2nvz3hxh-sh285MoU0v1mgMlJvmgO9dkkZ0ws4vQwnzUnYcEZrt-mWn34XGe7quIZdNOtT5f-ewSasKqTTBxZZbYpQ-vjThhZcJ8KgxvfcuZDc9FJ9ob7xoU2HLNk7ZnFznObtlHxm6zaVxPo8GAr2rkXIpV5Hz4g-OESWQxCxdeuGKVH5-xbBmbs_0gJpdUe-MTux6qxJmYRNzhi3nOAsro969_VA6QaZdpyx3XXmmA7W8fulaHUrXe6qUu6NRAerRGGidnaW0FCcJg9lkUFZkrtmbCbdIySM2X5d_r-WuZNdRT3I-OTKeHjXwZF1brUVaLGscIerR3GkthN_ZPTNh4sCn1GaG5qV9YARH-gi6rtiHWEdzKpSwVDFf1X3VIGczEGF-c-YfUrt_kkAUDEW5vGaN38lxJlK0i9jvLG1A_6kWVbMRvsJXJqg_yzz0p5NqBgBo0TbJR04ne4z_eaf5OAocZoqRTtacKT0yT0zUnuX3ezgbX3uO&cid=CAASEuRoKN4NPy2kSWn3HrntV_Yk2Q&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7acd4df7eb73b971b6bae57cbfd5a4521618b0434de11cd049372461c61a2037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29759
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CE8 42 B
173 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-JbwfOTUKqj92GFJL6hDFZUvmWwOQXx1ytcJn-Tc4GY-xxgzwAp28sKYpYaZ-D6nAV8SX7O2J3UH8QsS5RgOFcyadOh126dlWx2H2BHae1NM8YCY

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3CE8 3 KB
1 KB 38ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 14:43:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CE8 123 KB
37 KB 64ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 15:12:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3CE8 14 KB
7 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:04:41 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 33DF 624 B
340 B 20ms
20ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELCX968CGLSh5LYBMAE&v=APEucNVhMXA9Qa8dLy2C5reJs2QoalVD-SSpxem4laZEVZlyWXgwDVHRrINUdhm1-6yKmeBhsjRrvpmdEF_hVmUfWsVTckUoI86YXBeVd4wSCqncAadEJPA0WMmwS3i2D6HMe3NlNk69q_qHv-Kv8Rz2urz8CGlyAgKUOwhrpzKapj-fDVM6aS8

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNTh_a4CELCX968CGLSh5LYBMAE&v=APEucNVhMXA9Qa8dLy2C5reJs2QoalVD-SSpxem4laZEVZlyWXgwDVHRrINUdhm1-6yKmeBhsjRrvpmdEF_hVmUfWsVTckUoI86YXBeVd4wSCqncAadEJPA0WMmwS3i2D6HMe3NlNk69q_qHv-Kv8Rz2urz8CGlyAgKUOwhrpzKapj-fDVM6aS8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlLVLW7H1vJ8ZhVXpAfFDKUrCR3I5VQus9-j61EIwZPan6abchsrG7BNLZXHz4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 15 Oct 2021 15:12:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E279 71 KB
28 KB 52ms
52ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASO7ZkhpXgmxq2393USxiRmpAgMhl1QUzo3EQAKpJeEJP2CHDhUxoqoXdCOClJY0_ntgVJ_dvAlNrkwK9XXBULukeWczqB0zhE5Ai-yvXDow9P3ArJjEZD4fQLWWpXIaYjAJhSc4_i6y6gNaSITsiy-b7kVg&dbm_d=AKAmf-BEzqWQTs4AIg8NnUlL8_IrPLFlJFVIsmK48W3VpLqwbTJMtSccH1yIvh32lSx8q71tZ6DYYVX16gfOfiDkI0ZOi2Xht3gboA7qntkk95sqyVAkWIaedwRNDe5DcIbpwWNuBk1hYTulcrCWYY3WXhr0cxNpHZksCRK0o_1Nr_4CP7wMRCbwNjy_DBy1atrrfuPau3Z7fnnVFO9bM36Ie346lijdGJB4veZBx8_lBJZgZUEOMJUhQ1NgK6-DLPNkznFqNYFhJImQCVYQgf_rJanNsebrXgcb-vMcuOpqvsubPCD_wwX27srP6hiVukE7kRoCA8hSsp0zr2s5m6X7UFxk-f_XHkPAcdnCQvaLy5Io9VheJcj7gycRYqFupChU5g3GlAKW-HBkiw4aSUwC8ixJjGnUsSS2RVrCUnRscA1UgdRg0LI7-xIrDInUK6J9ugyxDg9pEOD-OqOWIuCc1o7MIrTEPsIqhoO7MGtsmDThWp6QirTTn2ZhaZiEXxvuDeAkJCH2bF-N2LsoeXQRJYRiSIxwOGCRbN7NEKg2LllluvQYnUQUqN8q5EZ3hpDsanfiT8ZD0jAY8cAPQ_ImrjuPbIbXhUJHxwBBJlF3ExLkCyskEZ4XbfFTsNHwbVRExaLUc2krheYHK32jocvKKhWgMjT9m2Bh7D-Y9pQHFpPuXNSUV_FyzxhNah_YSiek56LJf1KiaYz0vtXQ4tWX1F8uQQXvIxRQyWi1AqJZhPfnWqPz8GXQES4f-sVF8L1ucX4A-gdhSu0G70NkhtJVYoqQxy8wRLL_jg0rMO9NSgX6701DhJeyNnJ_awlSBVC7fPtARrhsq6DhbHfGcpc-d07zIWTK0D5X16NaIVW6obIQ_8rI2dryhlIa7Wbs1XU9lDCyMsBra9aetZNGfLLYmkh1A6bu4W263SRPo5ad-x5JSAdcAEUu3CqHF39QDYIL7lZuJ2ALbnuRmH668BOMYiBKBvJ1oSXMEvZf4sZdkJEzu-ijwS7eqHloevfuKCjeurW481j9DoIiepHnK3cKisVpAd_e2zRdMNMmobloOpjGA15CVRwSAE36P1K8FTjIP6GzwkNcsC4-izIlR1qcCdKVPu2XFu9kq3qPEXsMZz7lLFcY669-B9a3ihybg7bY4fQ3S7zE5ac4zyP3S2loHWHWNCw3JzMpu9mq3I0Fx09s9qhZ6MWuInwmm5-qKiBvnfF_w9UPCKfMzz9-iFaGoq1m8C0ddKR1Q3wssRQKi0MrtpHRuTKN2AuyE1O_oPi6bMuPdEBHQDt0pz81BruDvOE9WLWWFI4TQ3Q42QgNEujWv-usHgSXRR1Ir28KLrlHZXsJ-jrFM6N9xcJywn10oOe2EEG9WFDXxSEjBqjNdM2TjYcAFZYGMJLpHrCJtpzavd8kvN1bWg1-OLo8z1QNR0OO77sjqLOBe2x-Dwd1D6e6NRWFo284f_3wKWD5DmfH3bKi_ZUeapZKKLJ_DAz47ioibx4lea0LF_sCyez0kle1Fv-XRZRWpebYh9uHk0aWEaAgf8Y7dRg6VElgXcGeJamzXDx_ttq28hFTdzPxOpUbwe1nkmgZeOKGIWD9VsmU10Vx_tD2WdCESz_a3_gd9GzWM5ajQVGrYifHgXzCZ_mmEwx02TUOx2Vw8gDbBoU__sLgYPUoicRtILaE0eT0zKGjZ1l-W-nohhXQ64TT879G9A5kzLPqU4vLatu_8Go1BzDNyUYHgEGM3yOSDND1aU_41m5PYzdZbE7kB-PLS6BY_IRYzbvm4Xo4pE-J-oJ4XtVXYbMlwiy_N0N--T_m4gz8U8bfM7RX6kbTuHZGcjTc0xIIshINI3dzPbplW1iCOVI3_klhPg9mypkJb22E85nKBWhuGTju8_JQ0rH2tddKNTaVJVBjWrjFXrMkLXOrJqbAxrsqhg_4Cqqb6fiyb8eeX3yUJETwvc0ndnmHe_E3iMpxNj00-YzsCXSHoR031DPutJv2r0wQGve5ioLRUheBSG_cZUdFXmMM9enlnNHC9rGlE7m7oiYO5hW-UypiW2xRb3Ov0GwqGokERuTasJknxhFatZynJokga2Iaw-T0ERMoieUsLaBvZlYMznR-JYd5xSIlgy2n5QWWIo49AW1vXvDMZILoXEmNgaeVmgfSl_hvBnQRQJnJs9b56XCGbsWu8CQ9YjQtgAqCQpAyowfIdHv9iYH8VRrdZQYr25dV6hsuqjlEgN0mgPJBZLOeirWQ9eZLNwuY9wWoMarrgwPRT3sspmH9mIdILe-4mXW88cZPVogZowKu_nPw0Vj6O-yV7dIFuJiZriZyHtP21zGiX8iyl77CkjTIpwLfVm9dFNHwt_r53G8BK301pY17sdFhJ77KSbWYuGT_dI3EYRpb7mlAn_zYGoHrd9EmxAMgNF_C0fCM1gWuswGQRD-H3jMKRw-Szt4Cn5A_F4O9DtSh5PwTm6DaUuHzW-yeEpBz9T_JMZUQflqfKo9Ax-HFtSHD2_QoxSHG-UgPyM-Xc_7GGWpI1JxVVMHe2HN7wGzNj7e2lgZGRYate6r8Hvui9m6fMfSCAeIQlpgHOMMSYWGffTbmsZNEeIEVBj6GoEcDFuh0o0jBgM0tf8VB6_bS7bGinu7R_ucVg6fkrCHzBX788Ev36gjFMomq1Dth1paBUUrulD7tbNiCWgwnEqZhWTcAQgmn_llS0Mo4QheTFU-5TCi7LpVOAwSCXV0T7LTxDmTHlcThv_0NhYUP4c3vuO5R4lvMHx8hneF5vhv7JXcFhQRcRL5erIvmZa7LNyJaYOLTPoEtM_5HEfJFC1Vq2-xrTKCf4cNZTW9LPD7oj-IbOoy4P7jKQ0O-yS_wmD08kuPxV326lqpDWXk9AwIZ9cbaY6-EkB_Al5PWid7S3tiL17wAnyzpTMg3uRtq-N0Zc0WaVZiC3xCrjta1jpm0EDTn5XfG&cid=CAASEuRokbPvWMlElKHPtGQmJ_ZWmg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1cf1d72365bef7e9729783b8f5623427c2f6c231989900f30f46da593eaf3690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E279 42 B
107 B 41ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZQ9uhPov2XPSBnULvA32xot3PJd_Wn8gLPTRdc8JoBndigTe_pdbSbwP3vMEpsYvtBGhh5rfPGgg8evQFGPWy4g54XMCfszM6aYDBAGMlXiJ5_-I

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame E279 3 KB
1 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 14:43:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E279 123 KB
38 KB 55ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 15:12:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame E279 14 KB
6 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:04:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E279 0
0 17ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs4dViuR5Kvz5Jo03HQRhMQBsxzmzLkUBkyQ4uUE4B5pz_SJMKQX9YJ37s3MqKcU0bnwrEpU03jY8DeijdNusXr6xe7g
Requested by: Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 container.html Show response
a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E3C 6 KB
3 KB 10ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 15:12:02 GMT
expires: Sat, 15 Oct 2022 15:12:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C03D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1

43 B
1014 B

21ms
21ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNUBXnpp_4Ogx865hi8qlA8s0TKB-tm2cLAhgv33RL2ukEUmv7SEmY00jDnUzTjhehSfXtkJD_HQmDIAFH-WzURhQ92qowpXK_CMclb2sAj2fA2I0eBs7Tn2O5rbuJSt6snXx7mrI_xBj9OpqpfDAbQLiCfyI1Dw0XKTuo7jnl-_WsaT3Rc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 15:12:03 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 15 Oct 2021 15:12:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C03D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmaQ.1.luq5nznXE4guJwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2

43 B
894 B

17ms
17ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNUBXnpp_4Ogx865hi8qlA8s0TKB-tm2cLAhgv33RL2ukEUmv7SEmY00jDnUzTjhehSfXtkJD_HQmDIAFH-WzURhQ92qowpXK_CMclb2sAj2fA2I0eBs7Tn2O5rbuJSt6snXx7mrI_xBj9OpqpfDAbQLiCfyI1Dw0XKTuo7jnl-_WsaT3Rc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 15:12:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C03D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY9JnKtwEwAQ&v=APEucNUBXnpp_4Ogx865hi8qlA8s0TKB-tm2cLAhgv33RL2ukEUmv7SEmY00jDnUzTjhehSfXtkJD_HQmDIAFH-WzURhQ92qowpXK_CMclb2sAj2fA2I0eBs7Tn2O5rbuJSt6snXx7mrI_xBj9OpqpfDAbQLiCfyI1Dw0XKTuo7jnl-_WsaT3Rc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d1382875-b486-46f4-9597-3fb6660c11e2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dcdc5d2d-8cae-4db0-8198-a277ccd62f58
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C03D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7c478bfd-7670-42c4-95aa-106394b856f8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 33DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1

43 B
894 B

18ms
18ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELCX968CGLSh5LYBMAE&v=APEucNVhMXA9Qa8dLy2C5reJs2QoalVD-SSpxem4laZEVZlyWXgwDVHRrINUdhm1-6yKmeBhsjRrvpmdEF_hVmUfWsVTckUoI86YXBeVd4wSCqncAadEJPA0WMmwS3i2D6HMe3NlNk69q_qHv-Kv8Rz2urz8CGlyAgKUOwhrpzKapj-fDVM6aS8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 15:12:03 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 15 Oct 2021 15:12:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 33DF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmaQ.1.luq5nznXE4guJwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2

43 B
894 B

24ms
24ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELCX968CGLSh5LYBMAE&v=APEucNVhMXA9Qa8dLy2C5reJs2QoalVD-SSpxem4laZEVZlyWXgwDVHRrINUdhm1-6yKmeBhsjRrvpmdEF_hVmUfWsVTckUoI86YXBeVd4wSCqncAadEJPA0WMmwS3i2D6HMe3NlNk69q_qHv-Kv8Rz2urz8CGlyAgKUOwhrpzKapj-fDVM6aS8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 15:12:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 33DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1

43 B
1 KB

31ms
31ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELCX968CGLSh5LYBMAE&v=APEucNVhMXA9Qa8dLy2C5reJs2QoalVD-SSpxem4laZEVZlyWXgwDVHRrINUdhm1-6yKmeBhsjRrvpmdEF_hVmUfWsVTckUoI86YXBeVd4wSCqncAadEJPA0WMmwS3i2D6HMe3NlNk69q_qHv-Kv8Rz2urz8CGlyAgKUOwhrpzKapj-fDVM6aS8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 87b487f8-835b-40ce-998e-a72631a54a22
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e5c071a3-2f5a-44dc-bdd6-c031d00b9121
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAFBv6UHhrlNHXT-nl34K_Q%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 33DF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c2bd9956-c5ed-4b99-9916-d39cd9447849
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 4E3C 18 KB
8 KB 314ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:01:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4E3C 8 KB
1 KB 292ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 14:51:33 GMT
server: ESF
date: Fri, 15 Oct 2021 15:12:03 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 15 Oct 2021 15:12:03 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/ Frame 4E3C 14 KB
3 KB 35ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.css

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 10:39:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Tue, 11 Oct 2022 18:33:21 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/ Frame 4E3C 352 KB
122 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af2a8ce32fd1a1765ee52d154940f56c2388ff1927226dc71570584202d8e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125117
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 10:39:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Tue, 11 Oct 2022 12:52:54 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 4E3C 14 KB
6 KB 315ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:04:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4E3C 0
0 15ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHv-X-NT3Xhh8-mw5O5jHlnp6123GDGI3w5Xhl4_gIo_ZlKoME0MCPFiBOnaMI1SDXM0ETdZFxmNTUpDRqP4eWcLIa4Q
Requested by: Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 3CE8 169 KB
59 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 13:24:22 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 3CE8 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuvHMZvDXnxF9l3QSI8weunOAgtKpOmzVuMuM2XPs_bT3RjxSDVPQtyyYq86WxhmXw5EnMildjTa6xj11ZqU7ivSzg0ylL1DF0LUn16iS_Cho-msVSROIH_1uPFknOscHBd9AF3OfvYAkk_TIYjLYD0iAQsA&dbm_d=AKAmf-CN4LojxzGoc23YqKMfTucxuJEzJUyyxt90CKQ1eouOGvi_dandCJ2iHz3Cosxq3DI4tUlTjul76unzzUyUTzU77GdptQZfMPkOtJygU6jBt1q0xPPIYpJ_PzJ0-pv3dv-LTKMUpBTU062RxtA8x0HBupdG-87_Ady-Jb_4KQJdwu4MTRAl1Pv4HwVH5_pOx4IFC7nSXpHJ4TwM4pVMmuou6qkkef9QdVlvPqcJiq1cMZVHUF0PLZ2wR9tMUe0RXjOBvwJvMYJeMZzU6xiHk8IgedCHVqmXxdQ6p2Cl2tJzjnOYwjTk_NzYGiAYUEgFSW-iYar0--KuIVobrXjnvRnbppkVt9U_cUEFJHaNrgI_cmwbrzvQbeNTXpuosWruOzFo3f2CuVUFkdGdQ1q5VQOxXtOzhV-6g_V5T3US40Nz2lwa3YJThKFTg9Nq6rZaUkB5UpSPKUHAU3JiHeKEWwk3A-7wTcIJTjNkCNeRyWNpenmozyqUaj3lAiFss4RZGRIefUAeRVsHxLcLINDiZ8DUu4MBx_AZXxu_5wwH3LFnWCvG8LPFF9bSWKm2xXTZ8GWjUeS1E4R0ckXbVhCXzL8QFYAv2dKWKytBuJcETaN7QwSEast871iIIB-ZCQ5XPQO8r4lU4v4AgteiOwzICg6SSfDmIG8zEb00T0woTNQMpbd0XDBoDAKwb6ekc6Tl7CCfOn2rWTNDDHaNqJ10pCscITQyfzvTLodm9VMEQbr19-QHnlIBe9iRFn42feCOf-ONMu6vvlf9Jq_4VFO9FKCHhTicSuV0bwWY3IsswfrJ293q41QwZVCBu5WmtbYCx6KPKQcvy6Yz-FhWAd6EnidztUmXIFzjXSE0dlPGWHmc5dSJHtumlXI6vrfjSvVa6IIz9Lu5l3ouNiUc3wBldpgdt5PbJWHCMBti8zYrs4NMZfaRqAiXd7kE5wcMww1sOhSL2YpznAcWbwStQfV3GP9V6ddPPFyBjPhlKNSQnVZrMog-HunHxpdSkSR6u7w6tXb7j2K6gROitk10qvmEhz2Q1-FF2C3ZyqmQbFPOPMwjIPX9XwBudou3uQ0-AirU6k_u2o0FfEjaiMaxA4jBgKQwo8rVooZSGTCEQwLNnQjJMLZ59qGUfzMQsG87pLoPOL7qqxwAnGommiMYTW8oxgc1nSQdRLe3Gus_2hXEBZrGCJPLvBdNxtjUPuFE9s7_Ag13B-KUzsidqvymYDlIACNIUiHOwYUINTQY9FJElqzXIQgLmgZFlkTkxnausHUdAssTHRmzCxCJbIqgBvfEP--GohhtrRrRa2Js9oIio_jBMyzsGhGLbNJCNYWWSmoDrWu_rs_6pVJLoJEGWwSmlLJAghfCdGDIyeP24Xj3Q2F9AUtw3Xtxut-B9cw573m_HRd3II5wwzlqzUzGyLPEtBbuEPR48LBcyAXnJ5eQI7yDLJSfWtzucLaUp1wpE551W6PdHAlurwfh3fjLKl17QUZ2Rlim1lIbWizqwCge_ri1KYaAHM01FNIWp0arSPJHptsoXuIbOfejZLQDEOmVr-VyCJBl8UqkPANABZ7D99D8Vl6MmVZs_bPPzo1f5AK_ucdliPlCa1DxauJ8lBQ5dpmKxVnFjQLeAfm1k4T3zbA6WFUx3QyKKfxv9hLvltP2IcXt1Fpjb6y-1AgvFFiBuf16n7tet1Kt5HVQv5bSCbkKgpzYdn1IP6TxscEj-Snu2mq2xPWlh5n6D-vcSenwPdTZC6p1ABajn6Q4-Wlz6ROxKOZwc-eaxd26qid2gOw_HG2LSoDYTqktLCjnyWOncNPOTz4HzTes92_X0kN787TiGu0REabdgpAAu5Bojc2VFjV2Ed7QY9DoZTS8jVI2l2CZw3WiExaMU5Af_hTyrWFkddrPMlJ-PQo8FHZmHUfP9kVCoUDT1QbAEFsCPtgO93v6hu6tHMNxxXHzOGUANtYBtceRmEbE2qvw-MtDyomZUCsdo8dgvqlj25_J33CCYfvdUP_hVg4fgfntQn90bZWtEjDw03gMrYdW5PovOohtV_gJv7FStA73_aeijgD_77c123oLe9gk4L8WVDZOmwdUnnF12YD9rFxWSVgXk-Q-kLXpa0gQJkg5aFcpv9DIf4c-NTlHe2N6TQh8fDGPvmhrpuGbE4Erj8GH9iZCGaAZFARo3Pii-gvMMrEQ-oVlSr5NDQPDon3osAGmXvUTqy5sQV8pu0cuqPbW7PegwpdSOV6OyhsLY2h5vsvwJ7yXTsPT9bQGYtvdhLnSdDr-dpnsUvUb58mImYa_3wIh5364JARfpRGdvEzGK8GUrLnDKMRy_fUknH_URrmuPRJv7Ekj3_XKN5gZFWwDS_BmPb0DwlrJtjzH5qKT9GAroVddfNoHOqYu7TjJFWqvaf5H7Cqyso3h9n1lUAHf-LboUpg8v0OdJJ5A_VDHPGyid4Gpfqh0NYJcwbYq4YxOWm4gIqUAhwjZ5wr48AK98Ne-NCsT8Zve5W3SbpIehWtpQAyyjst23vfva06CzJtU3EDi7bDRPZghamGEdDtL0PknXF4TwKz589osMGVVDtJ6ynnY8c85iLnelwPzXbCMVdVN63eRYqit_VD3PcMaD8_rD8i_O8NvveeMMpDZ7EvAHGKEO4J4Im3SyQHG0NBbifvhJon0CVB1a5pmZFDJa-d-WaFLSod9rYvr6Caozrtzis_p73QDnt9eO9pkQaXhYiV8_iAi4o8OImReN5AOW_5Hwfd-45XXT6ETp2JSqFSxN2nvz3hxh-sh285MoU0v1mgMlJvmgO9dkkZ0ws4vQwnzUnYcEZrt-mWn34XGe7quIZdNOtT5f-ewSasKqTTBxZZbYpQ-vjThhZcJ8KgxvfcuZDc9FJ9ob7xoU2HLNk7ZnFznObtlHxm6zaVxPo8GAr2rkXIpV5Hz4g-OESWQxCxdeuGKVH5-xbBmbs_0gJpdUe-MTux6qxJmYRNzhi3nOAsro969_VA6QaZdpyx3XXmmA7W8fulaHUrXe6qUu6NRAerRGGidnaW0FCcJg9lkUFZkrtmbCbdIySM2X5d_r-WuZNdRT3I-OTKeHjXwZF1brUVaLGscIerR3GkthN_ZPTNh4sCn1GaG5qV9YARH-gi6rtiHWEdzKpSwVDFf1X3VIGczEGF-c-YfUrt_kkAUDEW5vGaN38lxJlK0i9jvLG1A_6kWVbMRvsJXJqg_yzz0p5NqBgBo0TbJR04ne4z_eaf5OAocZoqRTtacKT0yT0zUnuX3ezgbX3uO&cid=CAASEuRoKN4NPy2kSWn3HrntV_Yk2Q&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:08:53 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 3CE8 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:07:58 GMT

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame E279 169 KB
59 KB 53ms
13ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 13:24:22 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame E279 8 KB
3 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASO7ZkhpXgmxq2393USxiRmpAgMhl1QUzo3EQAKpJeEJP2CHDhUxoqoXdCOClJY0_ntgVJ_dvAlNrkwK9XXBULukeWczqB0zhE5Ai-yvXDow9P3ArJjEZD4fQLWWpXIaYjAJhSc4_i6y6gNaSITsiy-b7kVg&dbm_d=AKAmf-BEzqWQTs4AIg8NnUlL8_IrPLFlJFVIsmK48W3VpLqwbTJMtSccH1yIvh32lSx8q71tZ6DYYVX16gfOfiDkI0ZOi2Xht3gboA7qntkk95sqyVAkWIaedwRNDe5DcIbpwWNuBk1hYTulcrCWYY3WXhr0cxNpHZksCRK0o_1Nr_4CP7wMRCbwNjy_DBy1atrrfuPau3Z7fnnVFO9bM36Ie346lijdGJB4veZBx8_lBJZgZUEOMJUhQ1NgK6-DLPNkznFqNYFhJImQCVYQgf_rJanNsebrXgcb-vMcuOpqvsubPCD_wwX27srP6hiVukE7kRoCA8hSsp0zr2s5m6X7UFxk-f_XHkPAcdnCQvaLy5Io9VheJcj7gycRYqFupChU5g3GlAKW-HBkiw4aSUwC8ixJjGnUsSS2RVrCUnRscA1UgdRg0LI7-xIrDInUK6J9ugyxDg9pEOD-OqOWIuCc1o7MIrTEPsIqhoO7MGtsmDThWp6QirTTn2ZhaZiEXxvuDeAkJCH2bF-N2LsoeXQRJYRiSIxwOGCRbN7NEKg2LllluvQYnUQUqN8q5EZ3hpDsanfiT8ZD0jAY8cAPQ_ImrjuPbIbXhUJHxwBBJlF3ExLkCyskEZ4XbfFTsNHwbVRExaLUc2krheYHK32jocvKKhWgMjT9m2Bh7D-Y9pQHFpPuXNSUV_FyzxhNah_YSiek56LJf1KiaYz0vtXQ4tWX1F8uQQXvIxRQyWi1AqJZhPfnWqPz8GXQES4f-sVF8L1ucX4A-gdhSu0G70NkhtJVYoqQxy8wRLL_jg0rMO9NSgX6701DhJeyNnJ_awlSBVC7fPtARrhsq6DhbHfGcpc-d07zIWTK0D5X16NaIVW6obIQ_8rI2dryhlIa7Wbs1XU9lDCyMsBra9aetZNGfLLYmkh1A6bu4W263SRPo5ad-x5JSAdcAEUu3CqHF39QDYIL7lZuJ2ALbnuRmH668BOMYiBKBvJ1oSXMEvZf4sZdkJEzu-ijwS7eqHloevfuKCjeurW481j9DoIiepHnK3cKisVpAd_e2zRdMNMmobloOpjGA15CVRwSAE36P1K8FTjIP6GzwkNcsC4-izIlR1qcCdKVPu2XFu9kq3qPEXsMZz7lLFcY669-B9a3ihybg7bY4fQ3S7zE5ac4zyP3S2loHWHWNCw3JzMpu9mq3I0Fx09s9qhZ6MWuInwmm5-qKiBvnfF_w9UPCKfMzz9-iFaGoq1m8C0ddKR1Q3wssRQKi0MrtpHRuTKN2AuyE1O_oPi6bMuPdEBHQDt0pz81BruDvOE9WLWWFI4TQ3Q42QgNEujWv-usHgSXRR1Ir28KLrlHZXsJ-jrFM6N9xcJywn10oOe2EEG9WFDXxSEjBqjNdM2TjYcAFZYGMJLpHrCJtpzavd8kvN1bWg1-OLo8z1QNR0OO77sjqLOBe2x-Dwd1D6e6NRWFo284f_3wKWD5DmfH3bKi_ZUeapZKKLJ_DAz47ioibx4lea0LF_sCyez0kle1Fv-XRZRWpebYh9uHk0aWEaAgf8Y7dRg6VElgXcGeJamzXDx_ttq28hFTdzPxOpUbwe1nkmgZeOKGIWD9VsmU10Vx_tD2WdCESz_a3_gd9GzWM5ajQVGrYifHgXzCZ_mmEwx02TUOx2Vw8gDbBoU__sLgYPUoicRtILaE0eT0zKGjZ1l-W-nohhXQ64TT879G9A5kzLPqU4vLatu_8Go1BzDNyUYHgEGM3yOSDND1aU_41m5PYzdZbE7kB-PLS6BY_IRYzbvm4Xo4pE-J-oJ4XtVXYbMlwiy_N0N--T_m4gz8U8bfM7RX6kbTuHZGcjTc0xIIshINI3dzPbplW1iCOVI3_klhPg9mypkJb22E85nKBWhuGTju8_JQ0rH2tddKNTaVJVBjWrjFXrMkLXOrJqbAxrsqhg_4Cqqb6fiyb8eeX3yUJETwvc0ndnmHe_E3iMpxNj00-YzsCXSHoR031DPutJv2r0wQGve5ioLRUheBSG_cZUdFXmMM9enlnNHC9rGlE7m7oiYO5hW-UypiW2xRb3Ov0GwqGokERuTasJknxhFatZynJokga2Iaw-T0ERMoieUsLaBvZlYMznR-JYd5xSIlgy2n5QWWIo49AW1vXvDMZILoXEmNgaeVmgfSl_hvBnQRQJnJs9b56XCGbsWu8CQ9YjQtgAqCQpAyowfIdHv9iYH8VRrdZQYr25dV6hsuqjlEgN0mgPJBZLOeirWQ9eZLNwuY9wWoMarrgwPRT3sspmH9mIdILe-4mXW88cZPVogZowKu_nPw0Vj6O-yV7dIFuJiZriZyHtP21zGiX8iyl77CkjTIpwLfVm9dFNHwt_r53G8BK301pY17sdFhJ77KSbWYuGT_dI3EYRpb7mlAn_zYGoHrd9EmxAMgNF_C0fCM1gWuswGQRD-H3jMKRw-Szt4Cn5A_F4O9DtSh5PwTm6DaUuHzW-yeEpBz9T_JMZUQflqfKo9Ax-HFtSHD2_QoxSHG-UgPyM-Xc_7GGWpI1JxVVMHe2HN7wGzNj7e2lgZGRYate6r8Hvui9m6fMfSCAeIQlpgHOMMSYWGffTbmsZNEeIEVBj6GoEcDFuh0o0jBgM0tf8VB6_bS7bGinu7R_ucVg6fkrCHzBX788Ev36gjFMomq1Dth1paBUUrulD7tbNiCWgwnEqZhWTcAQgmn_llS0Mo4QheTFU-5TCi7LpVOAwSCXV0T7LTxDmTHlcThv_0NhYUP4c3vuO5R4lvMHx8hneF5vhv7JXcFhQRcRL5erIvmZa7LNyJaYOLTPoEtM_5HEfJFC1Vq2-xrTKCf4cNZTW9LPD7oj-IbOoy4P7jKQ0O-yS_wmD08kuPxV326lqpDWXk9AwIZ9cbaY6-EkB_Al5PWid7S3tiL17wAnyzpTMg3uRtq-N0Zc0WaVZiC3xCrjta1jpm0EDTn5XfG&cid=CAASEuRokbPvWMlElKHPtGQmJ_ZWmg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:08:53 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame E279 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:07:58 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CE8 41 KB
15 KB 292ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0AB2 1 KB
864 B 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:06:15 GMT
expires: Fri, 15 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 65148
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3CE8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa6911a00b48044521877fff379fe9491a8760f6f42bb81b13ba5c3bb01032e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 api Show response
www.haibunda.com/ 48 KB
12 KB 273ms
273ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

598e372cf0cdaaa088941b12bafe5cf9c317001c58e9696e27b44d3176763f6c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: beritautama%2F47
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=db47a837f86cbbe0:T=1634310722:S=ALNI_MaWXuZBnIq2SEnFIQD5eWIJzGOHUQ
content-length: 11
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: beritautama%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69e9fbc5f80d4e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 69 KB
15 KB 383ms
383ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab591f0b282a3acf736c98459eda8f7da29315936bfdb8e7aeeb3eec3222c113

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: search
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=db47a837f86cbbe0:T=1634310722:S=ALNI_MaWXuZBnIq2SEnFIQD5eWIJzGOHUQ
content-length: 34
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: search
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 69e9fbc5f8194e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 6 KB
2 KB 295ms
294ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f687bfa66911f5c2f4a199ad3f2c244700fe6d73f6e84ccf928834a9b3c270f

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: author%2Fkolom
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=db47a837f86cbbe0:T=1634310722:S=ALNI_MaWXuZBnIq2SEnFIQD5eWIJzGOHUQ
content-length: 28
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: author%2Fkolom
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish3
cf-ray: 69e9fbc5f81c4e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 958 B
423 B 845ms
845ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ea4bc5c4ef75dc66dda955e8126f9b5603f5b1d573b28f667e174d4dcd3db90

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: tags%2F47
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=db47a837f86cbbe0:T=1634310722:S=ALNI_MaWXuZBnIq2SEnFIQD5eWIJzGOHUQ
content-length: 2
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: tags%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69e9fbc5f8214e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 91 KB
22 KB 268ms
268ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1702de4a100c75fb4add23d0c95cc35c3c8c27fde6341fabdc35ca8b05aed69

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: mostpop%2F47
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=db47a837f86cbbe0:T=1634310722:S=ALNI_MaWXuZBnIq2SEnFIQD5eWIJzGOHUQ
content-length: 11
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: mostpop%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish3
cf-ray: 69e9fbc608284e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 272 KB
60 KB 861ms
861ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6d38b55a0497e898fdc88995ffcc99b37997b718e39daee1bc0eb0c6e887da6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: nonheadline%2F47
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=db47a837f86cbbe0:T=1634310722:S=ALNI_MaWXuZBnIq2SEnFIQD5eWIJzGOHUQ
content-length: 21
:path: /api
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: nonheadline%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 69e9fbc608364e8c-FRA
x-xss-protection: '1;mode=block'

GET
H2 200 right-arrow.png
cdn.haibunda.com/images/ 504 B
831 B 215ms
215ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/right-arrow.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-1f8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asyncjs.php Show response
newrevive.detik.com/delivery/ 29 KB
7 KB 708ms
208ms Script
text/javascript 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncjs.php

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive5
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1;mode=block
expire: Fri, 15 Oct 2021 16:12:03 GMT
x-cached: MISS

GET
H2 200 detikconnect_auto_login.js Show response
cdn.detik.net.id/libs/dc/v1/ 993 B
800 B 192ms
191ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/connectdetik?fn=onLoginClient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Oct 2021 03:30:43 GMT
server: static8
cache-status: HIT
etag: W/"6167a463-3e1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 container.html Show response
a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 92B1 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 15 Oct 2021 15:12:02 GMT
expires: Sat, 15 Oct 2022 15:12:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 thetracker-haibunda-v3.min.js Show response
cdn.detik.net.id/loganalysistracker/ 6 KB
3 KB 192ms
192ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/thetracker-haibunda-v3.min.js?v=3.1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 02:34:34 GMT
server: static8
cache-status: HIT
etag: W/"6018ba3a-185f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E279 41 KB
15 KB 94ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D6E8 1 KB
783 B 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:06:15 GMT
expires: Fri, 15 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 65148
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E279 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7e935045ff1fd6e534adb15d982efbd2d59d09e262df3c6faf40d44676c741e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
www.facebook.com/tr/ Frame AC50 0
108 B 309ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2422
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.haibunda.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.haibunda.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Fri, 15 Oct 2021 15:12:03 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/ Frame 943C 98 KB
24 KB 318ms
17ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1a901425348ee77fb5a02d0bbd73b1731e5f074c8929a7ed652cadc25e71476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 24954
date: Fri, 15 Oct 2021 15:12:03 GMT
expires: Sat, 16 Oct 2021 15:12:03 GMT
cache-control: public, max-age=86400
last-modified: Wed, 08 Sep 2021 08:07:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E279 0
61 B 99ms
83ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux-4HlMRaxVqdnDO1J4O-kR5rDp9cm3uBlIZicvsYR549dnvulFVJF5cvselIQppHP0OgJIXTAhqXIy-oMcv47Yk7gk1YqmFGqUr1nNaHj5wGrWfpOjdixIkHTzCZ7pn6A_d71EoG03Hb4K_FLZdiTo2ILinRodgY65xmHbN04pGfPO9plZtdW4f4UI9iIGXf3AxQUGGbt_bArEl3fuN6vGo8tH2pVH5u3Cbni2ROtOGuhKFVmcAPJyZMnfAyouydfqAwYQZzOomjwlvSw_UAi6D73vp4CEIW1m0N6w8epI7_pbsiU6ULoNeP6Ow4-1XlWwl9d3IN_Ntk04EeoUQmNfbYknK3pvUDm9bukX__FsmkSfmzx_HePM2MlP-BCLhFBFvLBm9mfI1ZemDf34fkqO1ITIHDNYR17fkF78fUx8T3jvcBi7gCfs5dWcSolwWwavoYogmcNMcw01yu2IzjrT5tkJhqIMFjI31Xk44I_vbKOvzWwDuifC3W5C-xUJ9omqKRdEscc33OfhHGGhlXA-Gk3IJ3U76KxHc7L8ad8APf4qu8DR0IGnC6psefcTyGxN8BM58PrAHeH9E1U0g54HOff5_dVNXNI5iPLZI6yUqB47vTu8pJcSQW4zrO_427pZ3_hDWQHQ0cPLj-h9ZyNY2E3nyF91AIUNeN1RoRUnyV0qqKAc5wx-tanAtSW9e40Pk2uatajgpmGIaTATbiMjiIPvRGEgYEq8AmqQikVJeOhRf8rsz22puihQnSN6oexDX-MdCfwQMz99rsnbnxIOJQuWPkbH_y6ZPqEK2NrBfgzqYaNbBTyDPL4nObD4SZXCRMUz7xIm741D5dMU9W0NsbZCWkh6p2NBriMQmyzH_44PEGIH_cQXTqe9dADpz6ocqPVyQa1-v35DOw57y0K5VTd2zXRH0sGyCByobSHmVXAvJV62R9gCmyFwI_ttrUhx8iqkEY2s3ROIolDpWNrYOlbBnvhHXNBzpbBA4yVuekX6dK5uwgPZgZ1IP3TywZbA2FMx7E3c3y1TFZZIulg-sqBQkjMbaVNasPeDx8zV0u_eueibWDe2hJqbdlwa2M4FTY35NrJvr44uYuKaxT490rwp2dGb_gLDxEVCUgFeZcpj9WGTFy1RVjGz9YLR4OTUuM2VVZPHeIjMUNR2bo&sai=AMfl-YREsvSSjwvzjfoeTcXtW88dwd7dw1vQUqwUowIP06iPrrr9C8V_XlMFY83VhuzcYVJn2WHNnaK5hO6suW_D5djs0RNKitiLlsEag5jUXEbn_f-CggpNZtb0y-aGjgerVFOCObt0oZD65vTYTRlhJJyrRyFnWQ&sig=Cg0ArKJSzK-2Axp4qdhDEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&cbvp=1&cstd=264&cisv=r20211013.17251&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 15 Oct 2021 15:12:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/1753477455059412092/ Frame 5642 128 KB
25 KB 315ms
22ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df324cf99cbc625fa43f78407ff343a898086a912141da1396ba334a42d2774c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:03 GMT
expires: Sat, 15 Oct 2022 15:12:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Jun 2021 10:59:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3CE8 0
205 B 61ms
51ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue-AkIk427azjRZHwzpG6ixLRUGbCp0ALBBD7dLod3-pCemjd4KefCoUc1vD1bktYaZOUWBMt29ukGuUKuihjDigsz3p3lEtJcwTzDOBWKALWZqlVM_hOFzJGsetL30ApCsVjtx17GoEZoo3TAatR3UxYEdcK5F-BgNCaffVoB2w0r09d6jt1iWuLXJBWGr2Ys7Uj3AqvNJ8gaE7pVGSx9yLyZhFAxgmRVZUsYrjJABtTQBKdY8rnKF6ng6AvFo_W3E13IydXnCg4Cs7LavK5efP0C1kU4uePdgpxYwy1DBwzACIC0rJ5mOChJ2nFOBdKk3GLu51po6mZ2MrX03X3KkTtvBAdSCpluLPHzGIaFDQY6mxyaoO3sOg2xmjtEVw1n_v6sziEBPzMAtty56FuIVhpGZf4-qBwpeYj3AhSVOtD0PKZFmO4qwvGdxz4P0ZWPboszTLc7TwobjL4yadR_IJ1ojn3PxLE_00eZAGljhjHrZBLSjejxZfTl8cFetYjQN0COAK7GQCauDB5pm-4HgylhfpiTv_kB_olnyN7UZn2EFRGiRGAFZ86KstSFfWvub1YeIaemL8CgIBzjFMRmQ7oEaM-LmsaY1P_0GYOCz1QAzXJrt6_snXoLWnfl0ElqRryCeeBZvv3XUY2yyRZ5szXYH5eWGwtuYttTdf9WpjXMG1qJfRPfQF3YbWuLWr5Yn0UU3ZUmtoGMM8QtciqI2fH71A3k17Y_HA-iDvshgGG7ly5ZhZ1TKvXIgeMbRhqYtYH2UrT2vmUKfPQEufpfQerXuQYkGBv38RsFGib7BxZeoQrDsJh8PJWJvWaKlel8I55YRk2llXLeY9h5OFuZl3Jzis6K6ng8uIZj6FMVX_1CyFS_LVpRcY6NsPX0gR6D1ZDHO2TfT5YbUlKSLpufGPn46elxuCc1VjiQlIAVXUOJFznmwThBjP-5tYfUsTOF45N-cfTJdfk3eINukam71-iCt9ktV7oEUkdG9c4NOZP1g_F--InZZxZ-N0AKQtUuFSpiap25bnK_vssxCglkE1_DrDu0NjskbMz4miDCOR1jHPoNQLvyDNUe9Enle98AYXypAlNwifmN3VKir4bzECNWh126ie6D6-BnyowYcY5aqsn97Hgb4SEEUz0tO6jN-K96WvWtA35V9O5J1s2c4uVmpm27SbLwOyxQH4e9t11sdCtTG6w9g1ZZiP8JAjg0K_yhsl8iJQtLzDryVXNp9u1aJGWFcQ&sai=AMfl-YTQ-gzUTuESfAmKF_4AeQzkjTG4PAUNlvgzDt5arJFj6sHagLGOiosq_gfeUhkPNeF4o48o6reRBK8u_s9RM3SSwaY3orWzBUWqD--F19lxAVFdJ-nDr-SDoAun5WXo3bDXdliKnCWROlLXGFMu1LfW8oXP8A&sig=Cg0ArKJSzAcGTJhVixXWEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=288&cbvp=1&cstd=285&cisv=r20211013.90024&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 15 Oct 2021 15:12:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0AB2 35 B
463 B 47ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUqk_56rsaUCgT10tdFtO0&google_cver=1&google_push=AYg5qPKLYdPfQxCvoHN1sl2tbzE4964Vd91pIWac7Ee7rTXomjM4VfLhT1k3gzkaOCYPwwxASJGosdVJN2FUFqATzYt8nUDkMjs

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB2
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIYVc7o...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIYVc7o...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxNTEyMDMwMDA4NTU2OTQyNDQ0OQ%3D%3D&google_push=AYg5qPIYVc7oZTggIapCXDvP_fauY_z1bZE_TfPfOutI7FDkFR-YTUDosW0JcBMytm5o3U...

170 B
188 B

19ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxNTEyMDMwMDA4NTU2OTQyNDQ0OQ%3D%3D&google_push=AYg5qPIYVc7oZTggIapCXDvP_fauY_z1bZE_TfPfOutI7FDkFR-YTUDosW0JcBMytm5o3U_lwe_-VMAHtODnAgYWXDDrKJ0IRCQ

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxNTEyMDMwMDA4NTU2OTQyNDQ0OQ%3D%3D&google_push=AYg5qPIYVc7oZTggIapCXDvP_fauY_z1bZE_TfPfOutI7FDkFR-YTUDosW0JcBMytm5o3U_lwe_-VMAHtODnAgYWXDDrKJ0IRCQ
pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 15 Oct 2021 15:12:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB2
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK
https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK&google_hm=8U7wcaahzlIcy11uuKZk3A==

170 B
188 B

24ms
23ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK&google_hm=8U7wcaahzlIcy11uuKZk3A==

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLwVPm8YmtstFOvwAhGeyPtNdazzRuDLWjc7zjwqPbqlE9XESurqCCivrUbx6h1jqID8J4bTLhgkCdF6BqXK95stsdL3fjK&google_hm=8U7wcaahzlIcy11uuKZk3A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: aj6nsq79c787ohllahjpo2iqi2r0agjp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJpa-q6A9j2IgEH3KL7aSte8FQAnhuJed-roXOed1x7Tzop-skSCSI_nt6Ns5xttx1cI9jl3NToRITOd_o8ainbcsAsnzk

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJpa-q6A9j2IgEH3KL7aSte8FQAnhuJed-roXOed1x7Tzop-skSCSI_nt6Ns5xttx1cI9jl3NToRITOd_o8ainbcsAsnzk
date: Fri, 15 Oct 2021 15:12:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAwkuywXKsSUXunMzkP_E24&google_cver=1&google_push=AYg5qPJDC83vO1DKMdf03tPTp9J2Rj6xia7Ds3Diye5SgP8-avEb6JxToY_dfV_4oyUTzkFRuIG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQM0MtMVUtNzRJRw==&google_push=AYg5qPJDC83vO1DKMdf03tPTp9J2Rj6xia7Ds3Diye5SgP8-avEb6JxToY_dfV_4oyUTzkFRuIGbKMA89Mt8Ivirk0p332SUhH5A

170 B
188 B

19ms
19ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQM0MtMVUtNzRJRw==&google_push=AYg5qPJDC83vO1DKMdf03tPTp9J2Rj6xia7Ds3Diye5SgP8-avEb6JxToY_dfV_4oyUTzkFRuIGbKMA89Mt8Ivirk0p332SUhH5A

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQM0MtMVUtNzRJRw==&google_push=AYg5qPJDC83vO1DKMdf03tPTp9J2Rj6xia7Ds3Diye5SgP8-avEb6JxToY_dfV_4oyUTzkFRuIGbKMA89Mt8Ivirk0p332SUhH5A
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 0AB2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxh...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AB2
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH2PlsgbOnd568_vj0OTFNM&google_cver=1&google_push=AYg5qPKRwJEA9CVKF4VyXCV5...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRwJEA9CVKF4VyXCV5bD8V52FNWNHYAHQzvuMk9HjKKQF3bKLGhEc-Bk3Ty5DgfOlPewNlGWW-_6sKrdAbU6IbWxHAYtQ2Uw&google_hm=

170 B
188 B

19ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRwJEA9CVKF4VyXCV5bD8V52FNWNHYAHQzvuMk9HjKKQF3bKLGhEc-Bk3Ty5DgfOlPewNlGWW-_6sKrdAbU6IbWxHAYtQ2Uw&google_hm=

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRwJEA9CVKF4VyXCV5bD8V52FNWNHYAHQzvuMk9HjKKQF3bKLGhEc-Bk3Ty5DgfOlPewNlGWW-_6sKrdAbU6IbWxHAYtQ2Uw&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 14 Oct 2021 15:12:03 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0AB2 0
12 B 20ms
20ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iqvfz5vZwQMt-g7bOD74TIXZdOYRAB0p0YC1CUhQw6IBH5EyNXZdVETSNjcVDZAc43lk-sDA

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 09D1 624 B
297 B 19ms
19ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNzp-bQBMAE&v=APEucNVUEbA9vTP01iAdMaP4T8l2HijdJ3kYx7xyWlVg-RV5nwi9uot-qT9l-ywlcc6Cl-DzqQ_ySVouBWejVfDIPmr7U3nQLcenCtkA501CZ4GmoVsDdTWY0v862Jj07FMNi75S-_yf_ihQ_KAR32x237sobZzNDJqH0nc_bl2VchcFh4Z-Nh4

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COWiHhDhjN4CGNzp-bQBMAE&v=APEucNVUEbA9vTP01iAdMaP4T8l2HijdJ3kYx7xyWlVg-RV5nwi9uot-qT9l-ywlcc6Cl-DzqQ_ySVouBWejVfDIPmr7U3nQLcenCtkA501CZ4GmoVsDdTWY0v862Jj07FMNi75S-_yf_ihQ_KAR32x237sobZzNDJqH0nc_bl2VchcFh4Z-Nh4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlLVLW7H1vJ8ZhVXpAfFDKUrCR3I5VQus9-j61EIwZPan6abchsrG7BNLZXHz4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 15 Oct 2021 15:12:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 92B1 77 KB
29 KB 45ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DH4GrlVxd7R1j_ETEwCOQuzz-NKJ8op6GA5eKEqkbdEnLQ1akphod4FM4LNquhpAjdZlZ8SGl-PMysJ55f9HIMrxy6nABqU27R6VZXWPGjVaalzzGTEtSgYLvO4VEHGkSMHsehhWP_qHUmrpMfixtXWXhcfg&dbm_d=AKAmf-D2rurL05SHVRWj_Akxaho7x43uXrqqL0m9NR6Vd-0dMlnJQE2-QgMfg8uM34eCvFUnvfNJSwaiKBr26_s50D_bIzQdyXEZDrZV2EJjuGnJj7St9socmPMw2TiCZLpwfOCcBEHIys5zRb_gUy8XZ21raMFkjE5LgThUYQzGs5RMgvAixgP9JncviLHP4_ABeJ8IqyYLtGqkS0cZb8MuynZGZC-ad3WaVZr8hZZEDqVsG1GcD00_c1Zltw_PSY3VN3zvV0PW-lDbAFl_R85MbVOYmBe64vfN_jt02SFRqm1iII-Lxe7pAsSagQ5JlioscZcfVt9e2VpmJWssCZfH9dAamLWuN9BRpxaD6YuSpNmEc_bUGWymPHKl4PWsu4aNWFgOMQlLK9GPzJ--LnMYKx4BlJbxUmJ3Uj6vPBc51HkxqDDEZ7522VdIFT4tv95ZTrMILDeT0AHF09J77VPOL9-wnnoEx-1gShiPuEn0ZPlCkpJKsaoBaCtEiIfxp7qvoCYKP2e6SOvpus4fb5yge7-tBl9_A8AH51kSoE1WbwsaA7xatFJQph3Y62PYQHgErdwTr7d7HfxmXoIuZkmkzxjezxfdeOR2zl9AToUcZ1vZ0HM1asmJRgNPEIul_jcOBEx9jWmV6SWhS5eEvyYMCKkYXJXnDLoBQXAafGkBR638-enfZc86-n7Gau9TRhd50r3mBXEkTEO34rZ2t8d5E4wyIj-BwmLsnodM6k6xus0EOWsNHlokTJBJAa6LcCutBz6BV0jevk1TPfEfKfS99JUYFVEAm6qgLD-dRkIcvKw-7z_L2LgX5c70i-Rrc4vG9NaH9g3_jjN1Y_08myvuZwUIuSuQLWFYPnSFjqRz-oSZEKP5sFG0xyu6WY0sn7mzPAth6ENQl2NeVtfIyJb8tFgc8hzAjiJ6A7QEDVJF7-WxdVCw_S5_mDMzFMy8gNUAZ9t-43YRxNngV-JPkdwI878YXe1AQcVDiIIxvksGFxuzAd-Keh-uPhfxkbHdn9_2Xwd8J_OQBsT5eui4qrCW-CF6T2CNZna8T2ggKEFTF5M8BrDQ86bQ3CamStVmKb4enEAIIbfAYvraqCLiVFfTSk5vCY0PHbU85-9jU9yY6RDgWaxKi4LuR7fV3t5bUkGR3EtyEsKn991T_reiMirl2FALu17bQt2FBBrchD6qHe1V20qrYeguzZwO9zQQ3F7YsYYh7LrH9SQ8gIXb9M33xN0uOpydNIpTYwtYa6ic0VOy9tUe0BKotFJvOMXTR9rxi9hlP3oemWZpHkNA_C_K6z4XNwYwiu1Pvre1eCQXNInWdeZkD_8QI9eaX0yBkeyfZt96Uyu6MwAIE5GnWtMDCxw4EaqiTR8rY5Zr1RHsjoNnhAVllzH477kIsvtg0buwIkxJUyzrKsdagZOmtDzzuZZWjb572gLvk9uYMQCso5fAaQYEuKrm2-ZYOY75yKZIuPsAiOmfjW8KmFSYjMJI4oWo3_E29kjnKzIuD6gA4U1h6Kwe4-RNGWzc5-XomnCJu7JQnee35MFRBmzVu7vnM_-YAcMdVSnPH81cw6Ej_B15flRFOZzJaiYSP7PnwSoC8xxP8OMPO-VTVebL-ZX1hefNxzITgucm5TgM1BEkXciSkIkfabjDj_Hqcm7va272gNPPmpkO3N4Zx1G4VEufnwrghiKnG8pSkn6RYoqsA-HvAjQgCZe-p4FzbU_eMcvJZHpC6hFJEJgHVhgAH1P9Gq-SCJClEiK5JVewOfb8PxZxDx1-JWlzmnGVm8b066XJHGxyow5LYx4lw8bdc65o7DERkJydGdOnfIFvrmie9-CAQhbkdc3fth7fSqZjh6JTmA6CMKAXJawBbpPt9FL37O4rlFeGxaq-vw1grJj5uAYGGL40JqHLZduWaZVPtQejkKtOGOmMhVH73h4wv6KCx5X1Mw2ppWIuaQ4_FOlnwAXbVZni9uxzikDz9JwE9Xqtt1Ixy_tHlcYXXAxvCI3Ksdt1p98RQyp49_WgmpnbUUGMkWmIricLYSgJQnJLq_TRksGsZ5hqtgmEdNK5eVIpMHnrQz5q1Vcui-GtOuB4159IKCkUGUhJMkQw5C2f2dx2XMjv-E38dIVRafmU6Z8s_jxK8IHhFpNBCfK-CTkIW18n2_HXMbz6tpotcts5t59zDd5-7e7vqG8kfp6G8qTitcDSwZSBOHMHf83QlOqm0WR5L4doz5PPpE_YD_expWCszM2reCCxSa46CxEA_BCyrD3nhO6sRZWXx-WyLqpFvSRL4jduDy58HXtpzqPbC7cDHgFeqyLoLwtn2-IE2Pka7b--9Wr4geyAgBmnNyOcd0KPTRP9kvlBtQVVovnYnaIhJ3CYrCWaFVpN0DCKi_4yuCQ99XsqUHfrtbOVeFXnw2SKrY5n9YaUdC9CypAGQxo2EeutlgsWAX-apu6s267NooS7T_9ZIL0D0dsnlqxO0bMUNMqpodP43p_ZBBgYBox_7LG92R9MN3SFIosKNDeeHM4jDBzPdPHl7GubDYAr1rM0ULeDpzRtXhcFg8C41xV-M6Milldd_PBIa23IcK3AylCdOgpzEs80HBkHMLOi85pFM3OdSiWF7CWKm2oPVwRxzbYZ-73zJIu5wsGqz4oylv8Qg5mi25IbNv4JU_vYySYJTMGKB5g3YPA1I_msHu2kLEnzVQCpxgMeah0u4JKVGjuSLCxu5LBp7EOT7KzzIUhFc0F4WYLlyUoGCVJRiMG3GCLXVXc6P3d9D73V03GUoU0f7TwA6VZs57eqGaIPEKtguq7q9bqAYD-KBgTVtAu4CIKk1d88luZCiEN7XgM3xos-AYC4aZkK2c2Q06NQaM-iazc4IeJe1MmUvksNalPS59eXqcODWxlhGQRlMPiQIgFWeMVzeNKcxpFAhdA9ouSJPjDP4M7SajvTjvftXUZn6gTqAPsGvb2Uo8B2slfGFOQ-HjjRAjG87d7VnGE-IaZU0_X7s3Ytq_P5vrhmMyD7U57Mrgn3g30dUClaaW9i0Dhv7R_Q_WgmCYIkM4lOES3Cf2CXbgYdO7Lt6FNfJR3F280I5gAJBBX63u9PyocTn98VyxRJRG4RU4NOxEi6pzmiMvBcEwg&cid=CAASEuRokENdEFaOQwUZ__L81F1PRg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

92feaf41bee72e49e88787ed8c590f21a995008039e704b9ef561a1d954df686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30008
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B1 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CR2jASafbU1_KJE-FDI0_UJLN7fYus5vq2UuPSxnVufEHQK8Kcy7dHVZCJnTYCJhuV2Crz80SjTkP9kKDb-XkDOF8aOzwWvZnGQBAYsJTNnMX62iU

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 92B1
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/826939/57461179/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
482 B

59ms
12ms

Image
image/gif

2600:9000:224a:c800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
age: 6044249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: _sapOQkkPnI68LNJW8-1tDV_NQCGujr4ivwqiOpnZGMxUZLu2YY8TA==

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 92B1 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 14:43:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92B1 123 KB
37 KB 324ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Oct 2021 15:12:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 92B1 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:04:41 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D6E8 35 B
463 B 39ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUqk_56rsaUCgT10tdFtO0&google_cver=1&google_push=AYg5qPKHkKo5Q8kqNt7PI43YzZBUCE5a9t_kDGxJFHiQClGF7BTYBwJrD6x-O5_C9WcTSR_GD2HTPxnInOO3V8IikB6VlZSRpRHj

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6E8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVRvVXpWYU8xTUJvU241&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cver=1&google_push=AYg5qPI5q1PAXnf9BIU5YnjxkmGNTgj_MrzdZQzMROVb1Kt...

170 B
188 B

22ms
21ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVRvVXpWYU8xTUJvU241&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cver=1&google_push=AYg5qPI5q1PAXnf9BIU5YnjxkmGNTgj_MrzdZQzMROVb1Kt91-Bq8lXVWavCDy_CJsySBGZsI1BPSnttQJlkumydPGsR-g6oWU6J

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-0081ebc652be302bb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVRvVXpWYU8xTUJvU241&google_gid=CAESEGcbg_NdrNaWcCjsAowWoeE&google_cver=1&google_push=AYg5qPI5q1PAXnf9BIU5YnjxkmGNTgj_MrzdZQzMROVb1Kt91-Bq8lXVWavCDy_CJsySBGZsI1BPSnttQJlkumydPGsR-g6oWU6J
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6E8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFSyqfYuRKI7irZBAm2stGE&google_cver=1&google_push=AYg5qPJxtyLpRHkEs0Q50qeShbs544FqxvoWmu7mnXTC-h0eF0kYUk2gPAZ9Tt1eL1fl6tasbf6_uDEOI8Ja1Ooy...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=pCxhaZpCTgCiuvWn6m3lxQ&google_push=AYg5qPJxtyLpRHkEs0Q50qeShbs544FqxvoWmu7mnXTC-h0eF0kYUk2gPAZ9Tt1eL1fl6tasbf6_uDEOI8Ja1OoyGx54BcWO...

170 B
188 B

19ms
19ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=pCxhaZpCTgCiuvWn6m3lxQ&google_push=AYg5qPJxtyLpRHkEs0Q50qeShbs544FqxvoWmu7mnXTC-h0eF0kYUk2gPAZ9Tt1eL1fl6tasbf6_uDEOI8Ja1OoyGx54BcWOy7l7

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=pCxhaZpCTgCiuvWn6m3lxQ&google_push=AYg5qPJxtyLpRHkEs0Q50qeShbs544FqxvoWmu7mnXTC-h0eF0kYUk2gPAZ9Tt1eL1fl6tasbf6_uDEOI8Ja1OoyGx54BcWOy7l7
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 15 Oct 2021 15:12:02 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6E8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEPlgKUn1l3z6wEdtqoaDsc&google_cver=1&google_push=AYg5qPJWwQnftB3um3dt8pTBt3n3jDbEjERpBoYhzvuztyf3gKr5hbr7GR8krToSBh5U0B5md-iUjis6pzL2qP...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMxMTEwNjgwNTUyODcyOA%3D%3D&google_push=AYg5qPJWwQnftB3um3dt8pTBt3n3jDbEjERpBoYhzvuztyf3gKr5hbr7GR8krToSBh5U0B5md-iUjis6pzL2qPedU-...

170 B
188 B

20ms
19ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMxMTEwNjgwNTUyODcyOA%3D%3D&google_push=AYg5qPJWwQnftB3um3dt8pTBt3n3jDbEjERpBoYhzvuztyf3gKr5hbr7GR8krToSBh5U0B5md-iUjis6pzL2qPedU-DoE_SeG54t

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxOTMxMTEwNjgwNTUyODcyOA%3D%3D&google_push=AYg5qPJWwQnftB3um3dt8pTBt3n3jDbEjERpBoYhzvuztyf3gKr5hbr7GR8krToSBh5U0B5md-iUjis6pzL2qPedU-DoE_SeG54t
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6E8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDlbfYsyf5A56aJoKWPryWM&google_cver=1&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITSrU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDlbfYsyf5A56aJoKWPryWM&google_cver=1&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMxOTY5MDIzNzMwNjg5MTA4NA&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITS...

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMxOTY5MDIzNzMwNjg5MTA4NA&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITSrU01jeBNzj06vrhXNYUYdo

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMxOTY5MDIzNzMwNjg5MTA4NA&google_push=AYg5qPJcjhpR1IgAQG00qwOZzkdokWx3c7H_SqZ0YIDxuYrM_sP-Due17x-zhD5KU-GTy-LBmlvITSrU01jeBNzj06vrhXNYUYdo
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6E8
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE
https://rtb.openx.net/sync/dds?google_gid=CAESEFQSPJgNPHksdIaWFs4QBz4&google_cver=1&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE&google_hm=8U7wcaahzlIcy11uuKZk3A==

170 B
188 B

22ms
22ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE&google_hm=8U7wcaahzlIcy11uuKZk3A==

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIrkKzGhM-ARMiDV2MiM1Ze42g_1HnoGJxzE7yWlbL95zFQuilPVyMFOxrN6_4LgQ-9IKW2i57oVdsEQSTPupy9eikPZOxE&google_hm=8U7wcaahzlIcy11uuKZk3A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: kluh7pn91bjmio14ek8fdgupgvnrrur6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D6E8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECjSWgWPLy8zIe5md2y49yc&google_cver=1&google_push=AYg5qPKuzSviSssGvUcAs9djxAS30wXPOppvRsqglH7rclLR0-vIcnAfcNn-mibG_z8nPXu6dTGMjvy4C9U9GK7L...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKuzSviSssGvUcAs9djxAS30wXPOppvRsqglH7rclLR0-vIcnAfcNn-mibG_z8nPXu6dTGMjvy4C9U9GK7L--0ysKu4PD2M

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKuzSviSssGvUcAs9djxAS30wXPOppvRsqglH7rclLR0-vIcnAfcNn-mibG_z8nPXu6dTGMjvy4C9U9GK7L--0ysKu4PD2M

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Oct 2021 15:12:03 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKuzSviSssGvUcAs9djxAS30wXPOppvRsqglH7rclLR0-vIcnAfcNn-mibG_z8nPXu6dTGMjvy4C9U9GK7L--0ysKu4PD2M
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 1tXXq2l7LksiBO-wMF0jcu74lKJ3CN-wrT_AkSAvWLn5Ech3d37Xyg==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D6E8 0
12 B 16ms
16ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JjJ3QTN1vKOksrlf8BA5jrlHdQ1sV5K63H6Pd8ocbAXeo4EnT66jLtUQNEqXV_7d8Xw0Kb

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 4E3C 0
348 B 823ms
277ms Ping
image/gif 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kusiep35&c=7611358700786&slotId=3805679350393&qqid=CKWb7PDZzPMCFdQz4AodKHMIdg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4E3C 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 168023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4E3C 15 KB
15 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 337466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 17:27:37 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E3C 0
58 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cc-r1Q5ppYeXtCNTngAeo5qGwB_yh2tFkrpXS5ZcOv-iivcABEAEg4P_mHGCVgoCAmAegAaH1-ZkByAEFqQKCQa6FI3ezPqgDAcgDmwSqBOsBT9BSOkLmtBvDdY3s7UzNktvQM7mLKn9LeN5Vf4a_VXPuEIKtyIiHXEkrD4WQupvspv-5pXLNbzuhealeMuPJpUMp2bRBPAy0pQlIFCR0WT-06N93mAu5a_fH9Ya2rElTi17IhVlZhZxaTfaFOdxCP2klV8t-hFzIdgirhXlTiWzh2zJuoHGuZyef8UPIZaLu-Ivf214NbeXd_THan60GxdwuCp0BpMM7yn7CwbbzdI26YqEZNYMAf0VU-ql5gymLUuJXUM40hJk0Z-sdab1fyeRbCbA6fBXApr-b-jNnld6kBszzl0P8nxbBi8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDyAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogU6QzYFAHQFQGAFwE&eventType=clickstring&clientTime=1634310723717&ai=Cc-r1Q5ppYeXtCNTngAeo5qGwB_yh2tFkrpXS5ZcOv-iivcABEAEg4P_mHGCVgoCAmAegAaH1-ZkByAEFqQKCQa6FI3ezPqgDAcgDmwSqBOsBT9BSOkLmtBvDdY3s7UzNktvQM7mLKn9LeN5Vf4a_VXPuEIKtyIiHXEkrD4WQupvspv-5pXLNbzuhealeMuPJpUMp2bRBPAy0pQlIFCR0WT-06N93mAu5a_fH9Ya2rElTi17IhVlZhZxaTfaFOdxCP2klV8t-hFzIdgirhXlTiWzh2zJuoHGuZyef8UPIZaLu-Ivf214NbeXd_THan60GxdwuCp0BpMM7yn7CwbbzdI26YqEZNYMAf0VU-ql5gymLUuJXUM40hJk0Z-sdab1fyeRbCbA6fBXApr-b-jNnld6kBszzl0P8nxbBi8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDyAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogU6QzYFAHQFQGAFwE

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4E3C 28 KB
14 KB 97ms
49ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dj3vL3GrNIObXVI4QTwiFCwgcFADQMp6rzlu3jUqXF2U3b3t9ivf4SDMRL99gdyzh_zVMGlmawr9eqW1MvBcg7NRwr8g&cry=1&dbm_d=AKAmf-CaZO15IRZA-WMTYipSTJPqkDWKaMElGt2YfUpwi-qM6yUQnu2DNvPtuBXhn80hvqLJzhOpMnnE_llA0_nTvIeyELRHyQkarGcUII84PN_g2jTFRQuB0zhdRVQY2MfBfg3E2-Dc-gkkRuAx-Xhog8FFLbCOK5V8JVUEITvMjRlxQ5yWjDGCBHsCS6b8OmetyBNLRpG2LlTM6w7lhEzhpc8kUwixIGsOpiqjHBSWgUapIBl62do4D4uXDkibV-2x8l2jwLlv7WILMjSxx9EiYznTNIIPi7V7NkUtPWSjWKz189AUYVASIM5yyHv_jocJIaoFhq9lT-STCYpCX5-OCsN9Xl6HJqEdam_PDAgxWszD8LIC47ZARvdzZr9lBj6O5uCOtnogoPoFjcfNDv1AZDm50_CFQ9ApoVonPaf9pLhJFDjZR-DJc6BLp8zWCiizwBH353wcc4sy4lxE60YvjBep88Qr7vi0SKxjKwcyeAgANxeA4R0AaEAAPy7HUj42YJdlxV4wni63Bvtx9sVJTlVyEbWb_e0kI2XvfSmKNQ2CIMRz6HYO0PC1oKjEprrvytxvF2pwqLnDmkQLKxbWyGtW1NjEam9QAkPaStrCRN1fz24TEWtkOmuB3GS-3PP6xr6gbbEk3W8W5mCZex2xq8HKskxVqZVsXHnNEpRkHRr9HwdKkvJ9B07EAdtvDxileMBBHG9_c0IbtwLZroApaRBsvSyCTEjquCy8AOIsAEVB3gn81rD-I_mAFHU8PyzM3nnc4jWKCPVbp9LaWxv5-R3odCjuHldsJ3ST69cdhMNrAqVYvcCa10bwGtU4ItOlo2e4a4HIgxlvBVPVZnb12kqMViU2E9z5XUeY327VxD2uPU04WSCZkju7i70lTR29AW8XPodjAbaiaSVIgx3-U3JdxnhELdxAfO3Kz2M7ltnHkTqHbP3tNDp8-KNMfDqSdsTsAwAdON7FbiXs2jwMksdoMTRpSZqTe_AuGEBC7VivgN9g8MZCyHbDyvg-bCCAvXkoFZbm3nPyaZg7ndtnwJVX4HscVHbjaq283Fe6NFLp-Wm6IFCmoXtf1q0BziZczcWZnM84p17DFTXvfJRRwiUQp0ZW2FSG-v2Nl6QjtC23PBdRfDL6mkxQaLVIClN1lBttIRZZiB4U_BNsi-hbkPhl7PO7IqNgH5PJ19s_0QUdRVN6CaUl-EVhuUJyMDGKVB9-UHrZj2KX0Bw9dvtGjEUbTlSlukUpp8usgJTE_UIYvaWLnen9bakRhPFQHHG9TMPcQVXk2ZTC2RKieZoAm3lqapPEB1FDczWch1KWnqEEGES5mskz83uGwMShmBBT3-mXTzH82io9OvXPeUn9KDdfHOF6NUCaCUbXG03Kf-MPKd9efInMc327iXRJ49x1CLB5dScDEmISnRDX2zzwaxTbqCY9z1uX12sQSe8vWWOf7pAiWS4wj0swoniRu5prRfeNL-Of3Rm7jZ5F87QGBwLPo9ckCjTVu3HKjjYE1CXVfklRni2dRXS5vMZYsSPQ2_ntDXeJchof2Kv_-MLM30zWl1ua_GrGFqPPD1RRm2ng5jMU47KC4SAO8BlaxF2YZjx7koJ4KNS6VRVjWoNGQbfSCW_Suu2PGjx7QI0Saz_23M_hPaUbqdB2jAchj7AucGGgwBpLHEvYvNFgkMfU5vUIWRjg2C_fOzr9wYaQIZl-Ev9Ee6PBYh31kaxmga_2lGQiiIUyZnp3sUIVCYWzj4r3K-UM98OTs4MGekNxZgjfDHxEmAR5AW6c-D2YrnsyWTa4mbTw1K7jpy2o4bNqG-yWgjFXTaepXTJyDNuxuS_hnlg_rItoehTqrUVwBJQ5R7OvJ3c_TODyGON4NHtwH9q7qdMX2MG77JLSNP6wXy2viN26TZCCgoxo9XUjAqttvNmFyPkyw7JOCOKCaJnZd1HK7_OaLc9yFMZUOuZeZWv86hE4HdVmQZJJ8YvlCZRYLHxEfUKXTyKu2h2SIcXc1DDvbYP3epZrRSYMGuJzGb21xeyPqjiuh6F7VhLoixotDkpY5sPLERl-3ziRlg5_QyKy7kDFHeiBdmmT2xYEvJY2b-VrLwZ_qssI_XlqCHWkQ52MkVIW8JF-aOZ3HzMyXEsfkuLUv9Ax4z70xbb1-5IA-ig2iGKMI3qTRdjhXwogi2v957jUNYu8nNpS9fKHPH2PgPgKlqk_OHUfwjFXzf0spozCevCJYi9yNqa0XcNmNnEz8L66SOuhm-5Yfi-HgxS6-40okn_dGCYepBNAGAcBjKH0PISxHFhGCy6I8ZNxegFPdwOmQgv2Lbl9dq1AUHIInSGBNHJfGVSRNi1VPYzhdhP5TEMyxxERv3ge-DwA18uMEEeoc-SFCIZE3hpg6NzgURWXxhVQRQfXkXSCXYQTKHxMR9KlDYmlIFWIRMS-XOICbagXaKDZsd3oXdTfQYGtHy_JHVOGUud0wOjqjQCfVm7DKuXexsYt_Z0sL1udU-Ss6NnMMvkvuP4fP0CdnpZWo0vzxSrCKA2t2rp0uXaYrKu8JY3WW53NkrckZPkkTCJQ3-gBFJZo5tbmY9oTAgiAqBO2sE0gDQusZyIK0QI9-AiVpXTzG9s9wwy4UaxaNK-SN161m6ePs6_xaHiE3G0X_joTzb-icFGdTC8E1n1Qze8ps7qKMWAqylr3TWP3mPQp6-fST2iTW_jf5EfhFymqJe9kcmyeimDf6qqVnhz5FAiIQf4v1uUn8WmPbtp7y6D-t2QJzQqCGv6OuoXDNB2eGzCo2XdcwWvYgnma4-W7ggMGwRb2H8HmTPCzBlu8BAxNdA8bXgz5VrpVYDCw6d9TFqOpXjs5YesoQSoLPO11ClmPwy1rSrlqzYSrXr8rAdH0kXDo1U6rlC62wKQPlDwcbJIc726XR7-ro2oRpm_wjBlsiX21GexYFP81TCQBUKmQd1B3DD5az7idMp-ArOCH44IisJg9boROa__ESR8aC4DTLQVtGu_zNkb1lC_Qzb-bqf4rMxGuc6Z8JThBkUeex4bepT0xTSKzLaZirdPlRZiUnRMIwxVZPz7vJgffbOPn3ew8GIwZ63pDs0pBWZAcP5eCv36P-skcvAQd4ntlvJdo837pCNbbG29xGT92rNgs6-7BIYYqqOhPPSZV96moCnCibBjuCzbLJQM_NJLKsJMoOjzqjQ5PXO3I9MVd8vlAEo2chEvJ-UoWk_sGmBgcpFgRidkSm84UvVjx4d7FrZUIJJOIFfZuO0RS5_TvT8i3LrKsmeO1eq2wYFhmAEi07Qr88UEjOFy6DiEWK7es8a1yzhY7mDnNTx-VlUHZY0l6FJWb2R3FtDTEyVMIZMmAnnEe3q0xC_eg74l21YcycfwQoVY&cid=CAASEuRo4SNpJtyWBEzCj0E5Op0B_g&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

c6eb3e3a54eee9d5f76e4c3cecd4af01a3179af01c8c6c8588dc910cccc13406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13956
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4E3C 0
0 19ms
18ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClD34Q5ppYeXtCNTngAeo5qGwB_yh2tFkrpXS5ZcOv-iivcABEAEg4P_mHGCVgoCAmAegAaH1-ZkByAEFqQKCQa6FI3ezPqgDAaoE6AFP0FI6Qua0G8N1jeztTM2S29AzuYsqf0t43lV_hr9Vc-4Qgq3IiIdcSSsPhZC6m-ym_7mlcs1vO6F5qV4y48mlQynZtEE8DLSlCUgUJHRZP7To33eYC7lr98f1hrasSVOLXsiFWVmFnFpN9oU53EI_aSVXy36EXMh2CKuFeVOJbOHbMm6gca5nJ5_xQ8hlou74i9_bXg1t5d39MdqfrQbF3C4KnQGkwzvKfsLBtvMsjEjMMuMoEau7oWgWTV8zuo3icWaiGwV2ZCJ-4b5jlEd6TNAPAIvJBu6-O3Y3ApVia7cq1Fpmv8BzwASWiJiu0QPgBAOIBazYtLc1kgUGCAMQARgBkgUGCBsQAhgBkgULCCIQAxgDSL6LkwGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB8eKhuYCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHChCxrxkYm_3YsgHSCAkIgOGAEBABGB2ACgPICwGwE5ubsgzIE4GLgN4D0BMA2BMKiBTpDNgUAdAVAYAXAbIXHgocCAASFHB1Yi0wNDI4NTE2MTY0MjI1MTcyGODPEQ&sigh=E8rlLep4lfg&cid=CAQSPACNIrLMdsF00NnHqPQnWhCwUWPgrxhi6PNugzPwAt_-gVnrAYEqwQo-Slv4r-Jto-dQvwXX1UWjUy1S5g&vt=10
Requested by: Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0895 1 KB
783 B 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:06:15 GMT
expires: Fri, 15 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 65148
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4E3C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8543802859880c5f3873d40991a29efabf298485f14f8168b75145cd218e16b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 92B1 169 KB
59 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 13:24:22 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 92B1 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DH4GrlVxd7R1j_ETEwCOQuzz-NKJ8op6GA5eKEqkbdEnLQ1akphod4FM4LNquhpAjdZlZ8SGl-PMysJ55f9HIMrxy6nABqU27R6VZXWPGjVaalzzGTEtSgYLvO4VEHGkSMHsehhWP_qHUmrpMfixtXWXhcfg&dbm_d=AKAmf-D2rurL05SHVRWj_Akxaho7x43uXrqqL0m9NR6Vd-0dMlnJQE2-QgMfg8uM34eCvFUnvfNJSwaiKBr26_s50D_bIzQdyXEZDrZV2EJjuGnJj7St9socmPMw2TiCZLpwfOCcBEHIys5zRb_gUy8XZ21raMFkjE5LgThUYQzGs5RMgvAixgP9JncviLHP4_ABeJ8IqyYLtGqkS0cZb8MuynZGZC-ad3WaVZr8hZZEDqVsG1GcD00_c1Zltw_PSY3VN3zvV0PW-lDbAFl_R85MbVOYmBe64vfN_jt02SFRqm1iII-Lxe7pAsSagQ5JlioscZcfVt9e2VpmJWssCZfH9dAamLWuN9BRpxaD6YuSpNmEc_bUGWymPHKl4PWsu4aNWFgOMQlLK9GPzJ--LnMYKx4BlJbxUmJ3Uj6vPBc51HkxqDDEZ7522VdIFT4tv95ZTrMILDeT0AHF09J77VPOL9-wnnoEx-1gShiPuEn0ZPlCkpJKsaoBaCtEiIfxp7qvoCYKP2e6SOvpus4fb5yge7-tBl9_A8AH51kSoE1WbwsaA7xatFJQph3Y62PYQHgErdwTr7d7HfxmXoIuZkmkzxjezxfdeOR2zl9AToUcZ1vZ0HM1asmJRgNPEIul_jcOBEx9jWmV6SWhS5eEvyYMCKkYXJXnDLoBQXAafGkBR638-enfZc86-n7Gau9TRhd50r3mBXEkTEO34rZ2t8d5E4wyIj-BwmLsnodM6k6xus0EOWsNHlokTJBJAa6LcCutBz6BV0jevk1TPfEfKfS99JUYFVEAm6qgLD-dRkIcvKw-7z_L2LgX5c70i-Rrc4vG9NaH9g3_jjN1Y_08myvuZwUIuSuQLWFYPnSFjqRz-oSZEKP5sFG0xyu6WY0sn7mzPAth6ENQl2NeVtfIyJb8tFgc8hzAjiJ6A7QEDVJF7-WxdVCw_S5_mDMzFMy8gNUAZ9t-43YRxNngV-JPkdwI878YXe1AQcVDiIIxvksGFxuzAd-Keh-uPhfxkbHdn9_2Xwd8J_OQBsT5eui4qrCW-CF6T2CNZna8T2ggKEFTF5M8BrDQ86bQ3CamStVmKb4enEAIIbfAYvraqCLiVFfTSk5vCY0PHbU85-9jU9yY6RDgWaxKi4LuR7fV3t5bUkGR3EtyEsKn991T_reiMirl2FALu17bQt2FBBrchD6qHe1V20qrYeguzZwO9zQQ3F7YsYYh7LrH9SQ8gIXb9M33xN0uOpydNIpTYwtYa6ic0VOy9tUe0BKotFJvOMXTR9rxi9hlP3oemWZpHkNA_C_K6z4XNwYwiu1Pvre1eCQXNInWdeZkD_8QI9eaX0yBkeyfZt96Uyu6MwAIE5GnWtMDCxw4EaqiTR8rY5Zr1RHsjoNnhAVllzH477kIsvtg0buwIkxJUyzrKsdagZOmtDzzuZZWjb572gLvk9uYMQCso5fAaQYEuKrm2-ZYOY75yKZIuPsAiOmfjW8KmFSYjMJI4oWo3_E29kjnKzIuD6gA4U1h6Kwe4-RNGWzc5-XomnCJu7JQnee35MFRBmzVu7vnM_-YAcMdVSnPH81cw6Ej_B15flRFOZzJaiYSP7PnwSoC8xxP8OMPO-VTVebL-ZX1hefNxzITgucm5TgM1BEkXciSkIkfabjDj_Hqcm7va272gNPPmpkO3N4Zx1G4VEufnwrghiKnG8pSkn6RYoqsA-HvAjQgCZe-p4FzbU_eMcvJZHpC6hFJEJgHVhgAH1P9Gq-SCJClEiK5JVewOfb8PxZxDx1-JWlzmnGVm8b066XJHGxyow5LYx4lw8bdc65o7DERkJydGdOnfIFvrmie9-CAQhbkdc3fth7fSqZjh6JTmA6CMKAXJawBbpPt9FL37O4rlFeGxaq-vw1grJj5uAYGGL40JqHLZduWaZVPtQejkKtOGOmMhVH73h4wv6KCx5X1Mw2ppWIuaQ4_FOlnwAXbVZni9uxzikDz9JwE9Xqtt1Ixy_tHlcYXXAxvCI3Ksdt1p98RQyp49_WgmpnbUUGMkWmIricLYSgJQnJLq_TRksGsZ5hqtgmEdNK5eVIpMHnrQz5q1Vcui-GtOuB4159IKCkUGUhJMkQw5C2f2dx2XMjv-E38dIVRafmU6Z8s_jxK8IHhFpNBCfK-CTkIW18n2_HXMbz6tpotcts5t59zDd5-7e7vqG8kfp6G8qTitcDSwZSBOHMHf83QlOqm0WR5L4doz5PPpE_YD_expWCszM2reCCxSa46CxEA_BCyrD3nhO6sRZWXx-WyLqpFvSRL4jduDy58HXtpzqPbC7cDHgFeqyLoLwtn2-IE2Pka7b--9Wr4geyAgBmnNyOcd0KPTRP9kvlBtQVVovnYnaIhJ3CYrCWaFVpN0DCKi_4yuCQ99XsqUHfrtbOVeFXnw2SKrY5n9YaUdC9CypAGQxo2EeutlgsWAX-apu6s267NooS7T_9ZIL0D0dsnlqxO0bMUNMqpodP43p_ZBBgYBox_7LG92R9MN3SFIosKNDeeHM4jDBzPdPHl7GubDYAr1rM0ULeDpzRtXhcFg8C41xV-M6Milldd_PBIa23IcK3AylCdOgpzEs80HBkHMLOi85pFM3OdSiWF7CWKm2oPVwRxzbYZ-73zJIu5wsGqz4oylv8Qg5mi25IbNv4JU_vYySYJTMGKB5g3YPA1I_msHu2kLEnzVQCpxgMeah0u4JKVGjuSLCxu5LBp7EOT7KzzIUhFc0F4WYLlyUoGCVJRiMG3GCLXVXc6P3d9D73V03GUoU0f7TwA6VZs57eqGaIPEKtguq7q9bqAYD-KBgTVtAu4CIKk1d88luZCiEN7XgM3xos-AYC4aZkK2c2Q06NQaM-iazc4IeJe1MmUvksNalPS59eXqcODWxlhGQRlMPiQIgFWeMVzeNKcxpFAhdA9ouSJPjDP4M7SajvTjvftXUZn6gTqAPsGvb2Uo8B2slfGFOQ-HjjRAjG87d7VnGE-IaZU0_X7s3Ytq_P5vrhmMyD7U57Mrgn3g30dUClaaW9i0Dhv7R_Q_WgmCYIkM4lOES3Cf2CXbgYdO7Lt6FNfJR3F280I5gAJBBX63u9PyocTn98VyxRJRG4RU4NOxEi6pzmiMvBcEwg&cid=CAASEuRokENdEFaOQwUZ__L81F1PRg&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:08:53 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 92B1 23 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 15:07:58 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5FBD 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 115018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E6B 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 115018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.js Show response
static.vidy.com/0.38.5/ 767 KB
246 KB 36ms
17ms Script
application/javascript 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/index.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151626
age: 2156790
x-guploader-uploadid: ADPycdudrbLalRfpktf0avHg99gbjC-Zvg4GfuY7C6WRWkcF6Bl_jA2LRWjf-5fmoiZKoD117_FcXgs6tKnVkdDenG4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"adb6bb0bddb9236e076354be09c1d8df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=vk2y4g==, md5=rba7C925I24HY1S+CcHY3w==
x-goog-generation: 1632151645319398
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 785503
cf-ray: 69e9fbc7bffb4401-FRA
expires: Tue, 20 Sep 2022 15:29:03 GMT

GET
H2 200 me.html Show response
connect.detik.com/token/ Frame D1E0 288 B
388 B 833ms
219ms Document
text/html 103.49.221.173
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.49.221.173 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-173-221-49-103.detik.com

Software

Tengine /

Resource Hash

4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: connect.detik.com
:scheme: https
:path: /token/me.html?autoLogin=1&clientId=10166
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

server: Tengine
date: Fri, 15 Oct 2021 15:12:04 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Cookie
serverloc: dc2
content-encoding: gzip

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 09D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1

43 B
894 B

20ms
20ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNzp-bQBMAE&v=APEucNVUEbA9vTP01iAdMaP4T8l2HijdJ3kYx7xyWlVg-RV5nwi9uot-qT9l-ywlcc6Cl-DzqQ_ySVouBWejVfDIPmr7U3nQLcenCtkA501CZ4GmoVsDdTWY0v862Jj07FMNi75S-_yf_ihQ_KAR32x237sobZzNDJqH0nc_bl2VchcFh4Z-Nh4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 15:12:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 09D1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWmaQ.1.luq5nznXE4guJwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2

43 B
894 B

33ms
32ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNzp-bQBMAE&v=APEucNVUEbA9vTP01iAdMaP4T8l2HijdJ3kYx7xyWlVg-RV5nwi9uot-qT9l-ywlcc6Cl-DzqQ_ySVouBWejVfDIPmr7U3nQLcenCtkA501CZ4GmoVsDdTWY0v862Jj07FMNi75S-_yf_ihQ_KAR32x237sobZzNDJqH0nc_bl2VchcFh4Z-Nh4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Oct 2021 15:12:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGirAPIDRM3CvUcC0XdW4bk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 09D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1

43 B
1006 B

13ms
12ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNzp-bQBMAE&v=APEucNVUEbA9vTP01iAdMaP4T8l2HijdJ3kYx7xyWlVg-RV5nwi9uot-qT9l-ywlcc6Cl-DzqQ_ySVouBWejVfDIPmr7U3nQLcenCtkA501CZ4GmoVsDdTWY0v862Jj07FMNi75S-_yf_ihQ_KAR32x237sobZzNDJqH0nc_bl2VchcFh4Z-Nh4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 260e9b8a-57fd-4cb2-9834-bc77a92a8f66
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAFBv6UHhrlNHXT-nl34K_Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09D1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

170 B
188 B

21ms
21ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:03 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 564f2ffd-2f38-4cfe-961a-8794f4abbd97
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2MjE4NTI0OTk0OTk0MDg5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 montserrat-bold.ttf
cdn.haibunda.com/fonts/ 43 KB
44 KB 208ms
207ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-bold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-acac"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 44204
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 opensans-light.ttf
cdn.haibunda.com/fonts/ 36 KB
37 KB 241ms
240ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-light.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-91d8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 37336
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0895
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAwkuywXKsSUXunMzkP_E24&google_cver=1&google_push=AYg5qPIsxnsBl674cjcbhFgnLWA2NCJ3SpqygvFjqbXMFHbyy7I9ozf4Fd3lYZ-CMo6LFieBu4k...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQNjItMVotQVE5Rg==&google_push=AYg5qPIsxnsBl674cjcbhFgnLWA2NCJ3SpqygvFjqbXMFHbyy7I9ozf4Fd3lYZ-CMo6LFieBu4k6oDpYmOEEfcd1N5knHEbQ6_U

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQNjItMVotQVE5Rg==&google_push=AYg5qPIsxnsBl674cjcbhFgnLWA2NCJ3SpqygvFjqbXMFHbyy7I9ozf4Fd3lYZ-CMo6LFieBu4k6oDpYmOEEfcd1N5knHEbQ6_U

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQNjItMVotQVE5Rg==&google_push=AYg5qPIsxnsBl674cjcbhFgnLWA2NCJ3SpqygvFjqbXMFHbyy7I9ozf4Fd3lYZ-CMo6LFieBu4k6oDpYmOEEfcd1N5knHEbQ6_U
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0895 0
12 B 21ms
20ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlSrcorbu4xbIxGUszs5fnx0s1bFq1

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/ Frame 98CD 36 KB
6 KB 43ms
16ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 5616
date: Fri, 15 Oct 2021 15:12:03 GMT
expires: Sat, 16 Oct 2021 15:12:03 GMT
cache-control: public, max-age=86400
last-modified: Fri, 11 Sep 2020 18:40:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 92B1 0
24 B 52ms
50ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJuftVRSYd2GP-VMTv4H-XmBjf9GEy9TXaQT53wO_mhj_UogJLiYqcmZcqhN0a1N2LqGReO7Nb_Iuw7fG_6jaQygWh6brTtCD9VVNshp_JyKS9iMNQ0-AOOZHMw4RZhQapLr9mSltHDEw9p_QaGq2z0sUCVRdBwRBTMHGnufnXhWh4uswbXAQjugUL-vdW4Ya_8R55Iyhr_VayoSpZ345-1BhjTuvy8dOIaMYxPb24jcN0bc_8ejlKMxvW0mMG-Phc_0o4voSndSuQMJkUAMZhr4JUFyB3iAp66yTk0h2IC80x_yC3vZpVWRrRTHaHYt_PP9MEU2uQLdhn5PvSh47WNqMxjTVeufBPi7m5kjU-VTuB3kykv8qgqkzMAtsqE8iSUZ0bvbjilSCIit11QNlmbfe7haelirP9IqpuW9DsD3IhCwhbUXiLnfsMcbeQos7gc7q4fry1P-reu2zHOQn02paHVnNX-qjjJsMFp-P3mdLfjKv1JTs8aPVapLzt2_8D4K3Ooe-Ml0j_Www4cQDS1Juh4jxmO6SRrLvR20UU2vuyH-IYIoFa4W13wqVDXZO22K7t4GOlCjlzn-KSF84zL0mUlD6m-DzGL_cQQqUytiwYpoA-7dSYSv4rf3oewCqg-Gqlq_3ORLj7TCmsg2QQxm2aEVzWkz04vYJkibUtGVSdY8EPYoPAE_p8VpvFBToChv79En-E9fOOPxKp8U2lgFfpdja8bM3sLiy5SpNj6wLTBsh9tsFcTSqB9Jc5Ud5UPZH_p2u1lT6fvDLxgo_wg3ix2qPDYLs3TdozxpnS_sMQ-oysI9rcOTAPqQzXZf17uF16-SpX-3fLDEm12WwZ2jXo_jhTLHR3h3xxmPri1VIbmSilKexMe4LYFr_V6n3G7f_fCyk4Lk13snvXBJESPaOaEi9OUOFxv7U4v4wf9dY5FfduIIStxn2ub9K4jJ0y4a_bMABNiIr-whaVWkkbtHZjMKfvk8KE2hVMchPrbwpERA7w-38Ew8sdbrfx4aNRXEa89fJDH8e3RXJDUuBlILLMD_zrTkIaj4Nz6wAGUlkvQ-SxvaLK-YQHzlQfwjaBXK9Q4IJpRG-eWsSk03Muql6h_DiQbE4v-NTs8ou3NXmOD4xZsRjBTmIiq2Lj12BIfos1D4gGYFtpFBorjYt695fRtVIC_R4FtV6FFgw9SuCtUjN-OlHMwTTzCfLsGs_HUdrbbsimO_4i&sai=AMfl-YRHL6OHWKsCRVpQcm8wBnFNRqQD1Osn8bnzCyyvuvS4MVfOevYXubvAED4wIaXrwbuBJMLMhXImIj4mcUPJQbneurXUgjIpYDzL2ta-BXRDR8QiNabIPWTUNPJNlO1YoLXjDpxo1ASBAm7A_YuDoKqQ0ARIow&sig=Cg0ArKJSzPITuGYfTPBFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=55&cisv=r20211013.06289&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 15 Oct 2021 15:12:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 92B1 43 B
1 KB 117ms
19ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=23798292&extPm=379483356&extCr=14809544370&gdpr=&gdpr_consent=&rnd=882148549

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Gelsenkirchen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 15 Okt 2021 03:12:03 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 15 Oct 2021 15:12:03 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 92B1
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=314410524&d_campaign=26570076&d_bust=882148549&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=314410524&d_campaign=26570076&d_bust=882148549&gdpr=&gdpr...

42 B
967 B

39ms
39ms

Image
image/gif

54.77.217.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=314410524&d_campaign=26570076&d_bust=882148549&gdpr=&gdpr_consent=

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.217.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-217-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-03e0f6c8e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Uq4xAdffQL0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-0cd393dcb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Y6hzXwbpSPU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=314410524&d_campaign=26570076&d_bust=882148549&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 92B1 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A526 1 KB
783 B 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 14 Oct 2021 21:06:15 GMT
expires: Fri, 15 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 65148
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
111 B 228ms
228ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: newsfeed1
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: newsfeed1
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 69e9fbc80b664e8c-FRA
x-xss-protection: '1;mode=block'

GET
H2 200 montserrat-semibold.ttf
cdn.haibunda.com/fonts/ 44 KB
44 KB 231ms
231ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-semibold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-af50"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 44880
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E3C 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 14:24:06 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4E3C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

61ms
8ms

Fetch
video/mp4

2a00:1450:4001:12::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2D0E0DC3A9202C9557F95E7A58F47D449E0E0014.0B0CFCC34A8AB609ADA4522A8D9A865E7BE1E1F3/key/cms1/cms_redirect/yes/mh/ZC/mip/2a01:4f8:a1:1a1:86::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1634310303/mv/m/mvi/1/pl/42/file/file.mp4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:12::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:04 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 890172
Last-Modified: Fri, 20 Aug 2021 15:16:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Oct 2021 15:12:04 GMT

Redirect headers

date: Fri, 15 Oct 2021 15:12:03 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2D0E0DC3A9202C9557F95E7A58F47D449E0E0014.0B0CFCC34A8AB609ADA4522A8D9A865E7BE1E1F3/key/cms1/cms_redirect/yes/mh/ZC/mip/2a01:4f8:a1:1a1:86::1/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1634310303/mv/m/mvi/1/pl/42/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 ajax-loader.gif
cdn.haibunda.com/css/ 0
0 216ms
216ms Image
text/html 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.haibunda.com/css/ajax-loader.gif
Requested by: Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s2-172-242.190.203.detik.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 left-arrow-pink.png
cdn.haibunda.com/images/ 1 KB
1 KB 217ms
216ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/left-arrow-pink.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:32:33 GMT
server: static8
cache-status: MISS
etag: W/"5f72e311-451"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 right-arrow-pink.png
cdn.haibunda.com/images/ 1 KB
1 KB 218ms
218ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/right-arrow-pink.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:32:33 GMT
server: static8
cache-status: MISS
etag: W/"5f72e311-449"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FBD 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 09:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 09:47:24 GMT

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E6B 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 09:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 09:47:24 GMT

GET
H2 200 settings Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/ 393 B
376 B 33ms
23ms XHR
application/json 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/settings

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 69e9fbc8ba294401-FRA
date: Fri, 15 Oct 2021 15:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 83
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=300
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0F8B 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 115018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B29 23 KB
9 KB 9ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 14 Oct 2021 14:24:07 GMT
expires: Fri, 14 Oct 2022 14:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 89276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 homepage Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 11 B
107 B 244ms
243ms XHR
application/json 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=1800
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69e9fbc92c314401-FRA
content-length: 11

GET
H2 200 iframe.html Show response
static.vidy.com/0.38.5/ Frame 9D8A 170 B
451 B 16ms
16ms Document
text/html 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.vidy.com
:scheme: https
:path: /0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-type: text/html
x-guploader-uploadid: ADPycdvYWaFnAxe3Go3MjHYlm7IKBbvZ6BIyOk1Ln01hj3JYobwmX4QUfDmZ07uLpTdizB91KtM8FDCGcSeTCb87G3s
cache-control: public,max-age=31536000,immutable
expires: Tue, 20 Sep 2022 17:33:34 GMT
last-modified: Mon, 20 Sep 2021 15:27:28 GMT
x-goog-generation: 1632151648524711
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170
x-goog-hash: crc32c=L2PN0Q== md5=30+26Rimyfs6gQOLghFtrQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type *
cf-cache-status: HIT
age: 2151510
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69e9fbc93fe3324c-FRA
content-encoding: gzip

GET
H2 200 embed.min.css
static.vidy.com/0.38.5/ 159 KB
36 KB 21ms
21ms Stylesheet
text/css 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.min.css

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2154728
x-guploader-uploadid: ADPycduqPyFVIKfV6T2GZ1bIAPmDPlp2ZhweBT_GW16mAfK2oePo4NC7dH_-XFP8-SJ7VULDW8zmBhQbogoLo1L5Nno
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:27 GMT
server: cloudflare
etag: W/"d625cd0dcb9328385d986851871fcde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=LJbN1g==, md5=1iXNDcuTKDhdmGhRhx/N4w==
x-goog-generation: 1632151646968836
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 163315
cf-ray: 69e9fbc93fe4324c-FRA
expires: Tue, 20 Sep 2022 16:39:55 GMT

GET
H2 200 alive Show response
api.vidy.com/ 2 B
94 B 18ms
18ms XHR
text/plain 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/alive

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 3879
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69e9fbc93c744401-FRA
content-length: 2

GET
H2 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/ Frame 98CD 6 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1741
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 18:40:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 16:58:42 GMT

GET
H2 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 98CD 109 KB
37 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 10:51:53 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 98CD 59 KB
22 KB 34ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 390780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQoYYpQ4ZVlTtog4RjCpOMHFJIJ%2Fx1PUUdrFnry%2FY2kG6UhuIAp4bSLLHSKEF54aDwacxs9SdHx5SvtxsDLsnpKg%2FbPchSmXcO3OcEPU3ESvQY1WWD5GVCroP0VJmlB0aGw3gs2q4g%2BUVee8tOLU7OSb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69e9fbc9fc834ac2-FRA
expires: Wed, 05 Oct 2022 15:12:04 GMT

GET
H2 200 ilustrasi-anak-takut-tidur_43.jpeg
akcdn.detik.net.id/visual/2020/07/30/ 23 KB
23 KB 217ms
216ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/07/30/ilustrasi-anak-takut-tidur_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

062991d895f715aad3e5d0726af0963f895d6458e329f33bc5c446191950ca37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"d45f09650a20283c020380625cdc371461a55231"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumbnail-vod_43.jpeg
akcdn.detik.net.id/visual/2021/10/15/ 25 KB
25 KB 441ms
441ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/15/thumbnail-vod_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

7a407233040aae63b18079d8e270ac73987427ac068a3ebadee3f176b73bebb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static8
cache-status: HIT
etag: W/"c7410401b517efec4bd8ebda8d5cacfe48055ecd"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pepes-tahu_43.jpeg
akcdn.detik.net.id/visual/2021/04/29/ 33 KB
33 KB 441ms
441ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/04/29/pepes-tahu_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

62b57202462584e34407a29526c1a8c61d2b70d40c46f2dc4b805e057622195d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"2b6b1082b5efb8a28665d8f91f0228a8068d99dd"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5ad4b128bee190d5b762e7601bd40399.jpeg
images.detik.com/community/media/detikconnect/2019/6/10/ 7 KB
7 KB 850ms
193ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2019/6/10/5ad4b128bee190d5b762e7601bd40399.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"070214d212805fb8cc87ade1b019c490e1fb8cff"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ed9c1e05b1011a2d613daffe3881570a.jpg
images.detik.com/community/media/detikconnect/2020/9/3/ 8 KB
8 KB 850ms
193ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2020/9/3/ed9c1e05b1011a2d613daffe3881570a.jpg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"3d95b4a2e815081ac921a748f884904ef83e6c5d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6bcadd65ddca5022b2642cee6f7144aa.jpg
images.detik.com/community/media/detikconnect/2021/5/10/ 7 KB
7 KB 1043ms
387ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/5/10/6bcadd65ddca5022b2642cee6f7144aa.jpg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"52e5ac4aac19a050a0f46335ed4c216fc4416462"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6b9fd8d81a98f06906b9d2816204f542.jpeg
images.detik.com/community/media/detikconnect/2021/9/27/ 8 KB
9 KB 1044ms
387ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/9/27/6b9fd8d81a98f06906b9d2816204f542.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"e37ec18e2fd7a184acbfaf2b30891b7f28038966"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 86b1e3261456913bd43af15c131becee.png
images.detik.com/community/media/detikconnect/2021/7/28/ 9 KB
9 KB 1044ms
387ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/7/28/86b1e3261456913bd43af15c131becee.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"55b98ae6b531b04d3d48a89af72b82ee7bdfb38e"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a770264d95ec2894a075fe8d6ef92d13.jpeg
images.detik.com/community/media/detikconnect/2021/9/1/ 12 KB
12 KB 1043ms
387ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/9/1/a770264d95ec2894a075fe8d6ef92d13.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"15915358813f060d7da914c8be5e093e829dd148"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: MISS
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 466dbe57f8e363aabd1a9b50a7c91dba.png
images.detik.com/community/media/detikconnect/2021/8/27/ 106 KB
106 KB 537ms
536ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/8/27/466dbe57f8e363aabd1a9b50a7c91dba.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"854d875fc634f18d21b52184cb9a221e5f744288"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 38a36b0c70b63b95a3647df21c9f1d7f.png
images.detik.com/community/media/detikconnect/2020/10/1/ 10 KB
11 KB 537ms
536ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2020/10/1/38a36b0c70b63b95a3647df21c9f1d7f.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"3fca812151aa290461d41b4eb4f8765c63874370"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 62c4fd5303d433a0c16c7cfc99710ad4.blob
images.detik.com/community/media/detikconnect/2021/8/13/ 6 KB
6 KB 723ms
722ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/8/13/62c4fd5303d433a0c16c7cfc99710ad4.blob
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: 621ecfa8e99a39b4446b12466869dd1f7203d803b8a11b88fb588e0bddfeb0a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"cd19d9d478b9d0482c921df7a91e5e41836d0163"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b89e7a1fbe0b81ddbc520461da363466.png
images.detik.com/community/media/detikconnect/2021/6/14/ 8 KB
8 KB 723ms
723ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/6/14/b89e7a1fbe0b81ddbc520461da363466.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static1 /
Resource Hash: d5651f8d6acec8fc8b6c54a58c71800dd618912b5b813d489dd8b6f3e3749294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"77ece11e8745a3b41c3c2c4a913547a7d98d6539"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pangeran-harry-dan-meghan-markle-di-new-york-city-3_11.jpeg
akcdn.detik.net.id/visual/2021/09/24/ 30 KB
30 KB 646ms
646ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/09/24/pangeran-harry-dan-meghan-markle-di-new-york-city-3_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

cfe3d8a127cc58c12430d097689951143872bd51b3af429e5d68699d86eb13ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static6
cache-status: HIT
etag: W/"c1790226d3c6ed5452e4a5afda6b00b2215b9984"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aliva-aulia-suud-2_11.jpeg
akcdn.detik.net.id/visual/2021/10/15/ 74 KB
74 KB 819ms
818ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/15/aliva-aulia-suud-2_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

2300d0340b4099a5708c37b443923f46881ce5d39c851a3b3778730300bb962d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"f96ef0ef500751b04da9a4570fae45d3553b65c9"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-pramugari_11.jpeg
akcdn.detik.net.id/visual/2021/09/01/ 31 KB
31 KB 819ms
819ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/09/01/ilustrasi-pramugari_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

d0380143580595e4b3207fec88e571c2b607221931fcc86b925cd3da706f1001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"fa1bff903b720d4e707502ee0c328f70cbcef274"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-anak-takut-tidur_11.jpeg
akcdn.detik.net.id/visual/2020/07/30/ 44 KB
44 KB 819ms
819ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/07/30/ilustrasi-anak-takut-tidur_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

e00dbc7b40e47ff722a89c0eb223876375b5d0688131847429eceb6d836e1fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"24183937ef814f271596dfc82a6720aec016c818"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pepes-tahu_11.jpeg
akcdn.detik.net.id/visual/2021/04/29/ 53 KB
53 KB 819ms
819ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/04/29/pepes-tahu_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

ef26d7d9512775cbf75eadf994f976b42a2a5d3d39f8f16c28a9f31533a374eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"893f02b1ff78d751cc0cccb6d2afbee83a5e3cde"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A526
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtZHx35UaIZSHUun7N963N4C0rHF_Z6AY3qj1_znJiIb3bBGxpHu81Fw86n2DLcTw3r_tXwG1_pTrUFTHnakh_QaknZhiMrA

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vlKalAMVS2Oy-Vub0t5jaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLtZHx35UaIZSHUun7N963N4C0rHF_Z6AY3qj1_znJiIb3bBGxpHu81Fw86n2DLcTw3r_tXwG1_pTrUFTHnakh_QaknZhiMrA
date: Fri, 15 Oct 2021 15:12:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A526
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAwkuywXKsSUXunMzkP_E24&google_cver=1&google_push=AYg5qPJ68G41HtrB14xDLliHpNOQoIAPRowQqpEo9SrvT12WX_2nD0PaOTosLp8Ds3I9VDKBsce...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQR1otMUotNkdVRA==&google_push=AYg5qPJ68G41HtrB14xDLliHpNOQoIAPRowQqpEo9SrvT12WX_2nD0PaOTosLp8Ds3I9VDKBsceg0kdotfheJOvWEdB-7yxNkgtuoA

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQR1otMUotNkdVRA==&google_push=AYg5qPJ68G41HtrB14xDLliHpNOQoIAPRowQqpEo9SrvT12WX_2nD0PaOTosLp8Ds3I9VDKBsceg0kdotfheJOvWEdB-7yxNkgtuoA

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTSUVQR1otMUotNkdVRA==&google_push=AYg5qPJ68G41HtrB14xDLliHpNOQoIAPRowQqpEo9SrvT12WX_2nD0PaOTosLp8Ds3I9VDKBsceg0kdotfheJOvWEdB-7yxNkgtuoA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A526 0
12 B 17ms
17ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4xVh8KNnJ2KZ3MghLcDQVAgI5a5ZfoRwa5U8

Requested by

Host: a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
URL: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 206
Partial Content file.mp4
r1---sn-4g5lzne6.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665846723/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4E3C 869 KB
870 KB 327ms
9ms Media
video/mp4 2a00:1450:4001:12::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:12::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8222c0abfdeba53481fa3b2d61887bd1bfee871ba0deb41482d48f78bfe1cdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 15 Oct 2021 15:12:04 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-890171/890172
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 890172
Last-Modified: Fri, 20 Aug 2021 15:16:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
Expires: Fri, 15 Oct 2021 15:12:04 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.vidy.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:47:17 GMT
x-content-type-options: nosniff
age: 282287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:47:17 GMT

GET
H2 200 montserrat-400.woff2
static.vidy.com/fonts/ 13 KB
13 KB 32ms
32ms Font
font/woff2 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-400.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtP5vmQy8xxvTVMvbNvDElLPS2adG4Gm4jLPNDw49h1uSRlKI2Np6mYOYx2vH9HTqFiZZBIFW5IpAgOd0vP6_o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13248
last-modified: Fri, 16 Aug 2019 21:18:32 GMT
server: cloudflare
etag: "cdd5aad3fd6aaa1b80d5119924cd0d52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=QsfZfg==, md5=zdWq0/1qqhuA1RGZJM0NUg==
x-goog-generation: 1565990312626694
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age= 31536000
x-goog-stored-content-length: 13248
accept-ranges: bytes
cf-ray: 69e9fbca98464401-FRA
expires: Sat, 15 Oct 2022 14:12:13 GMT

GET
H2 200 montserrat-300.woff2
static.vidy.com/fonts/ 13 KB
13 KB 22ms
22ms Font
font/woff2 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-300.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2809521
x-guploader-uploadid: ADPycdtpu-47wlgDNNfzLwkYhCYtIWMAhcZDbGYHRXtihB22sPu9Nfk0k0jvMvVtBXpMfukBl1ubb3h9S4fXeaYUeog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13080
last-modified: Fri, 16 Aug 2019 21:18:32 GMT
server: cloudflare
etag: "de24050b75ebfbbd133cdc9b72c42f27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=Lybbjw==, md5=3iQFC3Xr+70TPNybcsQvJw==
x-goog-generation: 1565990312627687
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13080
accept-ranges: bytes
cf-ray: 69e9fbca98494401-FRA
expires: Tue, 13 Sep 2022 02:46:43 GMT

GET
H2 200 montserrat-500.woff2
static.vidy.com/fonts/ 13 KB
13 KB 23ms
23ms Font
font/woff2 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-500.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15153029
x-guploader-uploadid: ABg5-UzOqhLUP_9ur2htVQrfGt_O1AY2rqSezeyTDNOR-B3MvoBlkCmclWRkqYIUlnRH5-1HCYEbV1Mwi-FE9w48Zd8Mc_fMyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13248
last-modified: Fri, 16 Aug 2019 21:18:31 GMT
server: cloudflare
etag: "99b4803ab7e53e3d5c2db534a3828caa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=VvdztQ==, md5=mbSAOrflPj1cLbU0o4KMqg==
x-goog-generation: 1565990311428633
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13248
accept-ranges: bytes
cf-ray: 69e9fbca98504401-FRA
expires: Sat, 23 Apr 2022 05:19:02 GMT

GET
DATA 200
OK truncated
/ Frame 92B1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20607a9c8488626397e8fe2ecd43ed0bc55c0fd9506a21fd79d21dd85eadb7fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 943C 116 KB
39 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 20:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 20:53:35 GMT

GET
H2 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 5642 110 KB
38 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 03:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 03:32:47 GMT

GET
H2 200 embed.iframe.js Show response
static.vidy.com/0.38.5/ Frame 9D8A 23 KB
11 KB 19ms
18ms Script
application/javascript 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.iframe.js

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151636
age: 2154728
x-guploader-uploadid: ADPycdscVe-GmHSZ5yCKDOP4yy7whBGTSTGupTxY9hSFrdRchZ_gIk3MU5XJcFhN8TYKYtex7TvtL_awGidl9L5v3wI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"45a6ee3245fe51114660172b9c7f7876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=yhA8bg==, md5=RabuMkX+URFGYBcrnH94dg==
x-goog-generation: 1632151645266389
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 23957
cf-ray: 69e9fbcb0a2b324c-FRA
expires: Tue, 20 Sep 2022 16:39:56 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 92B1 0
23 B 44ms
43ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJuftVRSYd2GP-VMTv4H-XmBjf9GEy9TXaQT53wO_mhj_UogJLiYqcmZcqhN0a1N2LqGReO7Nb_Iuw7fG_6jaQygWh6brTtCD9VVNshp_JyKS9iMNQ0-AOOZHMw4RZhQapLr9mSltHDEw9p_QaGq2z0sUCVRdBwRBTMHGnufnXhWh4uswbXAQjugUL-vdW4Ya_8R55Iyhr_VayoSpZ345-1BhjTuvy8dOIaMYxPb24jcN0bc_8ejlKMxvW0mMG-Phc_0o4voSndSuQMJkUAMZhr4JUFyB3iAp66yTk0h2IC80x_yC3vZpVWRrRTHaHYt_PP9MEU2uQLdhn5PvSh47WNqMxjTVeufBPi7m5kjU-VTuB3kykv8qgqkzMAtsqE8iSUZ0bvbjilSCIit11QNlmbfe7haelirP9IqpuW9DsD3IhCwhbUXiLnfsMcbeQos7gc7q4fry1P-reu2zHOQn02paHVnNX-qjjJsMFp-P3mdLfjKv1JTs8aPVapLzt2_8D4K3Ooe-Ml0j_Www4cQDS1Juh4jxmO6SRrLvR20UU2vuyH-IYIoFa4W13wqVDXZO22K7t4GOlCjlzn-KSF84zL0mUlD6m-DzGL_cQQqUytiwYpoA-7dSYSv4rf3oewCqg-Gqlq_3ORLj7TCmsg2QQxm2aEVzWkz04vYJkibUtGVSdY8EPYoPAE_p8VpvFBToChv79En-E9fOOPxKp8U2lgFfpdja8bM3sLiy5SpNj6wLTBsh9tsFcTSqB9Jc5Ud5UPZH_p2u1lT6fvDLxgo_wg3ix2qPDYLs3TdozxpnS_sMQ-oysI9rcOTAPqQzXZf17uF16-SpX-3fLDEm12WwZ2jXo_jhTLHR3h3xxmPri1VIbmSilKexMe4LYFr_V6n3G7f_fCyk4Lk13snvXBJESPaOaEi9OUOFxv7U4v4wf9dY5FfduIIStxn2ub9K4jJ0y4a_bMABNiIr-whaVWkkbtHZjMKfvk8KE2hVMchPrbwpERA7w-38Ew8sdbrfx4aNRXEa89fJDH8e3RXJDUuBlILLMD_zrTkIaj4Nz6wAGUlkvQ-SxvaLK-YQHzlQfwjaBXK9Q4IJpRG-eWsSk03Muql6h_DiQbE4v-NTs8ou3NXmOD4xZsRjBTmIiq2Lj12BIfos1D4gGYFtpFBorjYt695fRtVIC_R4FtV6FFgw9SuCtUjN-OlHMwTTzCfLsGs_HUdrbbsimO_4i&sai=AMfl-YRHL6OHWKsCRVpQcm8wBnFNRqQD1Osn8bnzCyyvuvS4MVfOevYXubvAED4wIaXrwbuBJMLMhXImIj4mcUPJQbneurXUgjIpYDzL2ta-BXRDR8QiNabIPWTUNPJNlO1YoLXjDpxo1ASBAm7A_YuDoKqQ0ARIow&sig=Cg0ArKJSzPITuGYfTPBFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=597&vt=11&dtpt=539&dett=3&cstd=55&cisv=r20211013.06289&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F8B 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 09:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 09:47:24 GMT

GET
H2 200 Gordita_Medium.woff
s0.2mdn.net/creatives/assets/4222634/ Frame 943C 57 KB
57 KB 11ms
10ms Font
font/woff 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4222634/Gordita_Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a998fa67909f2455e06ae31863167225ca4544e5fe05bdeba0d0de40c92eb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:11:29 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58300
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 07:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 15:26:29 GMT

GET
H2 200 CASans-Regular.woff2
s0.2mdn.net/sadbundle/1753477455059412092/ Frame 5642 22 KB
22 KB 9ms
9ms Font
application/octet-stream 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1753477455059412092/CASans-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641527a5cf4838c96126427f0451507debed6fcabe8f01403e8ce00aa6975422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:10:29 GMT
x-content-type-options: nosniff
age: 345695
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22424
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 10:59:47 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 15:10:29 GMT

GET
H2 200 CASans-Bold.woff2
s0.2mdn.net/sadbundle/1753477455059412092/ Frame 5642 22 KB
22 KB 11ms
11ms Font
application/octet-stream 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1753477455059412092/CASans-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

942eb33e5f9459667b4fcdb7ddfad2cea5180f44d5e1836782a539639cb740a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 10:52:28 GMT
x-content-type-options: nosniff
age: 447576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22700
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 10:59:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Oct 2022 10:52:28 GMT

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B29 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 09:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 09:47:24 GMT

GET
H2 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 98CD 33 KB
33 KB 11ms
11ms Font
font/woff 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:05:43 GMT
x-content-type-options: nosniff
age: 381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 15:20:43 GMT

GET
H2 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 98CD 27 KB
27 KB 8ms
8ms Font
font/woff 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:57:08 GMT
x-content-type-options: nosniff
age: 896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 15:12:08 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 98CD 6 KB
5 KB 47ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0807ebf229c5b694ea8260b110ebbc18f3f6f9073f113f66127f1fa0fe6a22ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4579
x-xss-protection: 0

GET
H2 200 skyLogo_300x250_2020.png_1621952972643_skyLogo_300x250_2020.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 98CD 9 KB
9 KB 11ms
10ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/skyLogo_300x250_2020.png_1621952972643_skyLogo_300x250_2020.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2544f04aed16a754b4c8198ae0cf980587519e858da56360dac423739b4bc504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:08:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 14:29:40 GMT
server: sffe
age: 345823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9410
x-xss-protection: 0
expires: Tue, 11 Oct 2022 15:08:21 GMT

GET
H2 200 blank.png_1621952972643_blank.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 98CD 95 B
367 B 11ms
10ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952972643_blank.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:14:57 GMT
x-content-type-options: nosniff
age: 334627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 18:14:57 GMT

GET
H2 200 DCO_Residential_300x250_WW84_1.jpg_1627307050136_DCO_Residential_300x250_WW84_1.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 98CD 54 KB
54 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x250_WW84_1.jpg_1627307050136_DCO_Residential_300x250_WW84_1.jpg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee78c792f3017fd9c54a5182c91273db443a5c07b9cd4232c33d9627a81a77c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 08:57:39 GMT
x-content-type-options: nosniff
age: 22465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55645
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 13:44:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 08:57:39 GMT

GET
H2 200 DCO_Residential_300x250_WW84_2.jpg_1627307050136_DCO_Residential_300x250_WW84_2.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 98CD 67 KB
67 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x250_WW84_2.jpg_1627307050136_DCO_Residential_300x250_WW84_2.jpg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4140952397d12af4dc5a2b85e212cdd09cb159c14f15a82bd2dceee9ba173e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:33:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Jul 2021 13:44:25 GMT
server: sffe
age: 373144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68204
x-xss-protection: 0
expires: Tue, 11 Oct 2022 07:33:00 GMT

GET
H2 200 DCO_Residential_300x250_WW84_3.jpg_1627307428545_DCO_Residential_300x250_WW84_3.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 98CD 15 KB
15 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x250_WW84_3.jpg_1627307428545_DCO_Residential_300x250_WW84_3.jpg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67605ae85f47f96b5d88ea87931d05b6719fa10970505dc4809811e189633423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=ubhVkuKPO8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 08:57:39 GMT
x-content-type-options: nosniff
age: 22465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15540
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 13:50:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 08:57:39 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E279 0
23 B 44ms
43ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux-4HlMRaxVqdnDO1J4O-kR5rDp9cm3uBlIZicvsYR549dnvulFVJF5cvselIQppHP0OgJIXTAhqXIy-oMcv47Yk7gk1YqmFGqUr1nNaHj5wGrWfpOjdixIkHTzCZ7pn6A_d71EoG03Hb4K_FLZdiTo2ILinRodgY65xmHbN04pGfPO9plZtdW4f4UI9iIGXf3AxQUGGbt_bArEl3fuN6vGo8tH2pVH5u3Cbni2ROtOGuhKFVmcAPJyZMnfAyouydfqAwYQZzOomjwlvSw_UAi6D73vp4CEIW1m0N6w8epI7_pbsiU6ULoNeP6Ow4-1XlWwl9d3IN_Ntk04EeoUQmNfbYknK3pvUDm9bukX__FsmkSfmzx_HePM2MlP-BCLhFBFvLBm9mfI1ZemDf34fkqO1ITIHDNYR17fkF78fUx8T3jvcBi7gCfs5dWcSolwWwavoYogmcNMcw01yu2IzjrT5tkJhqIMFjI31Xk44I_vbKOvzWwDuifC3W5C-xUJ9omqKRdEscc33OfhHGGhlXA-Gk3IJ3U76KxHc7L8ad8APf4qu8DR0IGnC6psefcTyGxN8BM58PrAHeH9E1U0g54HOff5_dVNXNI5iPLZI6yUqB47vTu8pJcSQW4zrO_427pZ3_hDWQHQ0cPLj-h9ZyNY2E3nyF91AIUNeN1RoRUnyV0qqKAc5wx-tanAtSW9e40Pk2uatajgpmGIaTATbiMjiIPvRGEgYEq8AmqQikVJeOhRf8rsz22puihQnSN6oexDX-MdCfwQMz99rsnbnxIOJQuWPkbH_y6ZPqEK2NrBfgzqYaNbBTyDPL4nObD4SZXCRMUz7xIm741D5dMU9W0NsbZCWkh6p2NBriMQmyzH_44PEGIH_cQXTqe9dADpz6ocqPVyQa1-v35DOw57y0K5VTd2zXRH0sGyCByobSHmVXAvJV62R9gCmyFwI_ttrUhx8iqkEY2s3ROIolDpWNrYOlbBnvhHXNBzpbBA4yVuekX6dK5uwgPZgZ1IP3TywZbA2FMx7E3c3y1TFZZIulg-sqBQkjMbaVNasPeDx8zV0u_eueibWDe2hJqbdlwa2M4FTY35NrJvr44uYuKaxT490rwp2dGb_gLDxEVCUgFeZcpj9WGTFy1RVjGz9YLR4OTUuM2VVZPHeIjMUNR2bo&sai=AMfl-YREsvSSjwvzjfoeTcXtW88dwd7dw1vQUqwUowIP06iPrrr9C8V_XlMFY83VhuzcYVJn2WHNnaK5hO6suW_D5djs0RNKitiLlsEag5jUXEbn_f-CggpNZtb0y-aGjgerVFOCObt0oZD65vTYTRlhJJyrRyFnWQ&sig=Cg0ArKJSzK-2Axp4qdhDEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1035&vt=11&dtpt=766&dett=3&cstd=264&cisv=r20211013.17251&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 201 events
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 0
0 1440ms
1440ms Ping
application/json 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/events?uid=kcckddnc.tcx0cxd5o
Requested by: Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3CE8 0
23 B 45ms
44ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue-AkIk427azjRZHwzpG6ixLRUGbCp0ALBBD7dLod3-pCemjd4KefCoUc1vD1bktYaZOUWBMt29ukGuUKuihjDigsz3p3lEtJcwTzDOBWKALWZqlVM_hOFzJGsetL30ApCsVjtx17GoEZoo3TAatR3UxYEdcK5F-BgNCaffVoB2w0r09d6jt1iWuLXJBWGr2Ys7Uj3AqvNJ8gaE7pVGSx9yLyZhFAxgmRVZUsYrjJABtTQBKdY8rnKF6ng6AvFo_W3E13IydXnCg4Cs7LavK5efP0C1kU4uePdgpxYwy1DBwzACIC0rJ5mOChJ2nFOBdKk3GLu51po6mZ2MrX03X3KkTtvBAdSCpluLPHzGIaFDQY6mxyaoO3sOg2xmjtEVw1n_v6sziEBPzMAtty56FuIVhpGZf4-qBwpeYj3AhSVOtD0PKZFmO4qwvGdxz4P0ZWPboszTLc7TwobjL4yadR_IJ1ojn3PxLE_00eZAGljhjHrZBLSjejxZfTl8cFetYjQN0COAK7GQCauDB5pm-4HgylhfpiTv_kB_olnyN7UZn2EFRGiRGAFZ86KstSFfWvub1YeIaemL8CgIBzjFMRmQ7oEaM-LmsaY1P_0GYOCz1QAzXJrt6_snXoLWnfl0ElqRryCeeBZvv3XUY2yyRZ5szXYH5eWGwtuYttTdf9WpjXMG1qJfRPfQF3YbWuLWr5Yn0UU3ZUmtoGMM8QtciqI2fH71A3k17Y_HA-iDvshgGG7ly5ZhZ1TKvXIgeMbRhqYtYH2UrT2vmUKfPQEufpfQerXuQYkGBv38RsFGib7BxZeoQrDsJh8PJWJvWaKlel8I55YRk2llXLeY9h5OFuZl3Jzis6K6ng8uIZj6FMVX_1CyFS_LVpRcY6NsPX0gR6D1ZDHO2TfT5YbUlKSLpufGPn46elxuCc1VjiQlIAVXUOJFznmwThBjP-5tYfUsTOF45N-cfTJdfk3eINukam71-iCt9ktV7oEUkdG9c4NOZP1g_F--InZZxZ-N0AKQtUuFSpiap25bnK_vssxCglkE1_DrDu0NjskbMz4miDCOR1jHPoNQLvyDNUe9Enle98AYXypAlNwifmN3VKir4bzECNWh126ie6D6-BnyowYcY5aqsn97Hgb4SEEUz0tO6jN-K96WvWtA35V9O5J1s2c4uVmpm27SbLwOyxQH4e9t11sdCtTG6w9g1ZZiP8JAjg0K_yhsl8iJQtLzDryVXNp9u1aJGWFcQ&sai=AMfl-YTQ-gzUTuESfAmKF_4AeQzkjTG4PAUNlvgzDt5arJFj6sHagLGOiosq_gfeUhkPNeF4o48o6reRBK8u_s9RM3SSwaY3orWzBUWqD--F19lxAVFdJ-nDr-SDoAun5WXo3bDXdliKnCWROlLXGFMu1LfW8oXP8A&sig=Cg0ArKJSzAcGTJhVixXWEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1071&vt=11&dtpt=783&dett=3&cstd=285&cisv=r20211013.90024&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 texthash Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 39 B
110 B 44ms
43ms XHR
application/json 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/texthash

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df2b5affcac0081f7de54d4b0e5e3d32ff23df3d1185c2cf5ced3048ba2a623

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69e9fbcc0bf24401-FRA
content-length: 39

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 98CD 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 15 Oct 2021 15:12:04 GMT

PUT
H2 200 homepage Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 2 B
88 B 247ms
246ms XHR
text/plain 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=kcckddnc.tcx0cxd5o

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 69e9fbccedaa4401-FRA
content-length: 2

OPTIONS
H2 204 homepage
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ Frame 0
0 48ms
48ms Preflight 2606:4700::6810:5c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=kcckddnc.tcx0cxd5o

Protocol

Server

2606:4700::6810:5c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://www.haibunda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 600
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69e9fbcc9d224401-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 943C 6 KB
4 KB 26ms
26ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd2ab09f5924d1506ffc801dc7e81fa191967d502f7eff33916a1d77d3690647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5642 6 KB
4 KB 23ms
23ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be1e8341bc62bd9b5f0977eebe762f4aec98f0d45ac6a1fac04fd10dfb3a4df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4481
x-xss-protection: 0

GET
H2 200 prod_studio_01_245_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 5642 30 KB
10 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_245_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d8ebd3fb98721f56f81064a3b6c8d9e34b9e679f5badd844f05ce9090f245a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 23:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10470
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 23:20:05 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CE8 42 B
174 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunW8ckiLTRkAcv1Wd5PftvJC5i-gTe4T_PaeztqKBkJjQDrV_7QxWgOjeOYdj7zmWbbySeUeyDqSS0GTjIRg9Z-GWcGgA0IdMfhGo3DH8v0h88oGc_dA&sai=AMfl-YQspXXt1b6t2D1x2mF-fx5gDn8Sj_6TEnWvMoR4ZBc6DFLW5yTqtoGzTaq_uNeinS9laOpTvbKaGepsRATpMWua0sMNtn_2QDUPaL2Zx6CwLEkWDbQI7-rHAikA&sig=Cg0ArKJSzJ85jTMVmAhTEAE&cid=CAASEuRoKN4NPy2kSWn3HrntV_Yk2Q&id=lidar2&mcvt=1061&p=0,0,90,728&asp=1110,436,1200,1164&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=528661791&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634310722996&rpt=447&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow_dot.png
s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/ Frame 943C 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/arrow_dot.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb45d69231ca469a089d1e02e19a97fad1f67ab39793555df6e3b620b4d017cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:03:10 GMT
x-content-type-options: nosniff
age: 534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 08:07:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 15:03:10 GMT

GET
H2 200 logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/ Frame 943C 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/logo.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96acd68777c8df7495a38a36f7636256e969c874bd4ce17c92c371435345d676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:03:10 GMT
x-content-type-options: nosniff
age: 534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3283
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 08:07:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 15:03:10 GMT

GET
H2 200 60024664_20210719184830904_Sports_970x250_A.jpg
s0.2mdn.net/ads/richmedia/studio/60024664/ Frame 943C 51 KB
51 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60024664/60024664_20210719184830904_Sports_970x250_A.jpg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba530d1554c0a6de2ca25e044119aac432a2a8be1f4e4a5586b664f5d4cf458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61882027/20210908010705184/index.html?e=69&leftOffset=0&topOffset=0&c=wihlIvvNoY&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:08:20 GMT
x-content-type-options: nosniff
age: 83024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52530
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 01:48:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 16:08:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 943C 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 15 Oct 2021 15:12:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5642 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 15 Oct 2021 15:12:04 GMT

GET
H2 200 opensans-italic.ttf
cdn.haibunda.com/fonts/ 38 KB
38 KB 207ms
206ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-italic.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static8 /

Resource Hash

bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.3
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-960c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 38412
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 banner Show response
www.haibunda.com/api/ 222 B
236 B 216ms
215ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: newsfeed2
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: newsfeed2
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 69e9fbcd5d2a4e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 30 B
106 B 198ms
197ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: parallax1
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: parallax1
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 69e9fbcd5d2c4e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
88 B 243ms
242ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: promobox
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: promobox
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 69e9fbcd5d2e4e8c-FRA
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 132 B
182 B 241ms
240ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
accept-action: newsfeed3
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
content-length: 2
:path: /api/banner
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept-Action: newsfeed3
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 69e9fbcd5d304e8c-FRA
x-xss-protection: '1;mode=block'

GET
H2 200 icon_video.png
www.haibunda.com/images/ 231 B
437 B 18ms
18ms Image
image/png 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/images/icon_video.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

740ff21657f6ff1e389ad1fa52c059213e55297d1653888f767c043dfc2da1d5

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:path: /images/icon_video.png
pragma: no-cache
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66590
strict-transport-security: "max-age=31536000; includeSubDomains" always max-age=31536000; includeSubDomains
content-length: 231
x-xss-protection: '1;mode=block'
last-modified: Thu, 09 Apr 2020 03:41:37 GMT
server: cloudflare
etag: "5e8e9971-e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
s: fe-publish4
accept-ranges: bytes
cf-ray: 69e9fbcd5d374e8c-FRA
expires: Sat, 15 Oct 2022 15:12:04 GMT

GET
H2 200 image-icon.png
www.haibunda.com/images/ 716 B
823 B 19ms
18ms Image
image/png 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/images/image-icon.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a033d8f85ef60fc0f1b2b6dbd87fbdd2ffedbd29749937de47ee533071f63c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

:path: /images/image-icon.png
pragma: no-cache
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59763
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 716
x-xss-protection: '1;mode=block'
last-modified: Tue, 07 May 2019 04:15:02 GMT
server: cloudflare
etag: "5cd10646-2cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
s: fe-publish4
accept-ranges: bytes
cf-ray: 69e9fbcd5d394e8c-FRA
expires: Sat, 15 Oct 2022 15:12:04 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E279 42 B
108 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvTAieV0mosc7l_N1qVKyNHoWYxn0R9IecJSrOIDFX85iCZ8EJJ2dlc22r_ln3ggFFm3UCBycDOKvFaUobpsPMa1E8_ANg82F0m3iQ7mzeeBU8jNA16A&sai=AMfl-YRdlvEcVhV7B2-tfj6iaSpOVuiDqU16-Aaz7FOBLtzY3ytR9RahFrs9wF0BeU-KIWEu2cFqV1_eCg3NZzFtvQPRmSovlwlLaxA8xw7hgCyKKOEt5d4jIVjq9c_t&sig=Cg0ArKJSzDm7e66LYBt9EAE&cid=CAASEuRokbPvWMlElKHPtGQmJ_ZWmg&id=lidar2&mcvt=1066&p=0,0,250,970&asp=268,315,518,1285&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3438090239&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634310723163&rpt=466&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5077 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B7B 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FBD 0
56 B 49ms
48ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSsPaQ5ppYZClFcmQ3gOF4qawDQAAAAA4AeAEAg&bg=!sbKlsvbNAAao6lBpqOo7ACkAdvg8WmNSEon0vcVF9wU5IAhBX_qj8cgvFKPOj5W-_nQwtlgKlR9RjgIAAAHfUgAAAFloAQcKAAp0RnDQGCkLQtIgmQMDuHOO4-Xr048nJC7oKC0oA1ACh3SlZ1stRANIn9Kd7ItktBg80zShdfT-JV2Lsy9DpW3C8ZbS0rxY_LbNBHnN6Xz8Yzpnt6fzOpA7IgjpV4UUk-WtdMhS0RvPSCWyewa03nDva9bp52brVejao4DG_83-lyDF_K8nXCxFCjW_9eH2FrG10hkQ52mHiB2HkwMhcDGHvvDyzI16w4VxFc1eMtx3AbPyMUA8N5WeC2GC5hPjstIi6YivTMSVVWqw49KVi0fRgQ0KK8RgUhHflS9H-OhZUoEy4Tq2ZyifQxZpvVmPWLdFFRSoMDrlpxr5fqp8ma6WA9mcs9795Jid4hKtKAjkMzgHEubZW66zRiMF18PFl5QlCoxxjjs67GjKlH9hpMJjdIEcxK7Nxo5A1pwc2Et8jUrngMEjsLTsattmLlSUNG9cLk_n1vu_6lkz1wfwkrxT8k55lBB1duKIsAzf_Bqp9RHUWzcKI5PTZJZ-r5GxtzVjFazhBKdLqXkcq3k1VeqQEKgsK-bObg3UhNbbtT4jlp3jkjubY7w7uiiO9dumHqOFw4NEbs1r6R2wt0sSm-bxs5jLxASrE8b0ni3EBA7iF6cXBVEyt_gfZVlZC1yWGonGc_r31CtQ6xOL_oE_WZAgEz2ueUze_YE_OwDVsrw5u91_AJshgnNiDgfrVoW2qaHQq_6CT55zHvROzHMNsXbPTiQPNVWG1hD4m-EOxUDMzRikIrRKtwrBB2udfTyj8eu24spzYK71UcOfwGeq-ID5JXM6mNluIEukiiv7rk0bCCq0hMobLyORfZSVNR5XBpgwEgP7aKdrvNw5yVf597mm-7oAonjciWEo93AyOqCm800Z5l1sfJPXB0YhV_mnoAHKMllqkKLMkR1h3aFwEw6_PRm51Nc20fyY25PYsLkrBe3XwQwYm8v4XeT5U5qQqAFpfCga0P6HECddM7YkKRO0TM0vTt5g4Z2bumjK6RFB1fotaiDiO86ldpYlYvG9gwlfv347NVP6sxuhszov6bib

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E6B 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3o4RQ5ppYdf2FJip3gOjoLDADwAAAAA4AeAEAg&bg=!gIOlg8fNAAao6lBpqOo7ACkAdvg8Wl7gD3-BKUsqz9rTOqyvJHzg7EgACDPWAYgUi2-1ZWYkfNSfNwIAAAHkUgAAADRoAQeZAwOcZX6Je77sMAlseS9k0NPyE52JXZu74E0Pnbcjoc0cSnkuJ3J4D_wtVttYFroLJNK12RqrB6RnmAReL-7B7jTzHSUAxV073Fqybc-entLcoWb70S7Unm07k9qAtc-FCjXm4pRHVPPub63sJNzGRInvSA_y86E4j_Mt2WiIBFC3tUBAfO4LQWlXD_X9rC_mWoyTwkQS1v91Qs5wrNWcJi46iOMRJuM2PduT02rMNHdKZnHV_yJmEkSK13rA4HqYHhLNaRsUJoFPJwwJCV8bV4lFo7QAnhs5CSWZ-JL-eh0fAE7Zh_ygQyne02MREi9P90NOtde9I0a3J2Jr9hppbl8zxTd5z_0KMC0f6Xhl66kWh-lQkUjNTR45mlkWkCM9AYq0vNG2MJs7xl5JvroZIygEpOVTJAm0K5th0IDP_3gIR9uJEoVWzID-U12Khyk8HGGLeeMLNCzLAB9kiAaD7q822kRRX_YOOuev2V5hoDafm7Ck4kcc9EVjj_HFMRn2ZjlnqvNJqdewuVsPkkqo1QqHXEFWLXQB2Qz4n28M_-nRdZXnIlbq8ost2QfotcmNxclpdFQAHtUk42zZ7laA7epz8Co5bQuOihpiNQs0udk2LnDv86_zD1YFOJCGw6zHoDrtvqphR6P2l-HXj8SF_Q9FlY-R-6JGkYZpGZQor2bh2iIbl-j8exjJezlRLlSeUoe-YZxti3rh96SR39ZXgglVb6tiXVzU86eNv6pp021cv0ZsWmhdS8Q1aFMaVL_AAbonvwNWa-y10qh1gEfrXIJG9z_NGMvIvSGpTJvV3NcYAU3pXAcB1A4gIH8GzpI1vp8TJJuKVIcoxfI2h94ljmo9yOX1tyXM9KMzQloHrjiE3lb1jWsiA9YUTVfxGlDYMz9WKeeRREz4QJAPye_gGYjCqWob1OhzXv4VZh9mE6nnJZPBlhJJiUtPznpvtCtDS9yrJHJKXuN5rGhtYVtDmTD7-W02Jn4wLAkwAJTA4A8LJVzuUwkUwxXFNTK1iSaN3HMPbpA

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame FAD3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H2 200 1899249190206554857
s0.2mdn.net/simgad/ Frame 5642 16 KB
16 KB 11ms
9ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1899249190206554857

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 22:00:02 GMT
x-content-type-options: nosniff
age: 148322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16398
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 22:02:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Oct 2022 22:00:02 GMT

GET
H2 200 1949322470887641419
s0.2mdn.net/simgad/ Frame 5642 68 KB
69 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1949322470887641419

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1aea2261aa8e610ebd3af70fd71329e3a4a87e3324a69fbaa7ed1b6e0f0f8e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 22:00:02 GMT
x-content-type-options: nosniff
age: 148322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70066
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 16:19:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Oct 2022 22:00:02 GMT

GET
H2 200 5231756504737337938
s0.2mdn.net/simgad/ Frame 5642 69 KB
69 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5231756504737337938

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3d6a8f0f8a8692a7b97eaa4229ba2b8175f32afd45f9cd56fb17731bea2cd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1753477455059412092/index.html?e=69&leftOffset=0&topOffset=0&c=3u3Rza0AF1&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 22:00:02 GMT
x-content-type-options: nosniff
age: 148322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70277
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 16:19:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Oct 2022 22:00:02 GMT

GET
H2 200 a9089fbf-e1cf-4386-8c47-e6cd401c8e7f_169.jpeg
akcdn.detik.net.id/visual/2019/09/03/ 16 KB
17 KB 299ms
298ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2019/09/03/a9089fbf-e1cf-4386-8c47-e6cd401c8e7f_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

288ce353b2e760bebe9cac46c6b6d5f121e128ccffdc42517544fc594d58e843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"198a471e828975e217f045e7b7af2134b489af37"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pangeran-harry-dan-meghan-markle-di-new-york-city-3_169.jpeg
akcdn.detik.net.id/visual/2021/09/24/ 11 KB
12 KB 300ms
299ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/09/24/pangeran-harry-dan-meghan-markle-di-new-york-city-3_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

d3e3f2b49eb8ef7c08c3d597ec1516eafd811c08740da2a2760f9a0b163e7c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"f62f0bd19aea44b834fcf9d3848dd837a1b91556"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumbnail-vod_169.jpeg
akcdn.detik.net.id/visual/2021/10/15/ 15 KB
15 KB 300ms
300ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/15/thumbnail-vod_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

6ca060e32aa33e615d3f02f8d264b0257fcbf955ec5b4560f04509b1cc5a4441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static10
cache-status: HIT
etag: W/"a06b874921c83858e02cedd9b5178952dcfc07bf"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1217463785_169.jpeg
akcdn.detik.net.id/visual/2021/05/25/ 13 KB
13 KB 292ms
292ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/05/25/1217463785_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

7d353030f1ff812e11420485a87281e357bfc039400698c516cdac19d638db65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"9ce371f94818739c6532252332019e408e52eac3"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-anak-takut-tidur_169.jpeg
akcdn.detik.net.id/visual/2020/07/30/ 14 KB
14 KB 320ms
319ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/07/30/ilustrasi-anak-takut-tidur_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

ec60609c64c5ea246e9b5e117da1b1bc3f5e69e7fd22027125d699829349fd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"3ce966e45e726a3dc0cc570fcd5fe0dde978c854"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aliva-aulia-suud-2_169.jpeg
akcdn.detik.net.id/visual/2021/10/15/ 23 KB
24 KB 321ms
320ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/15/aliva-aulia-suud-2_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

47fb8567d20dfbbeb1d53940062ccd9cc8d35764e5df6a969d7a588ff5bb0e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"6a93118a37b0eac51708a62600ef8976850c706a"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blackpink_169.jpeg
akcdn.detik.net.id/visual/2021/10/15/ 26 KB
27 KB 321ms
320ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/15/blackpink_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

7ff69eeabed7aa65e543148adafafec8db46c5ca279389dc399cafa298969843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"bd7b9c24edecee581e9c44d667fd5bd70f61cf3a"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pepes-tahu_169.jpeg
akcdn.detik.net.id/visual/2021/04/29/ 21 KB
21 KB 321ms
320ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/04/29/pepes-tahu_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

624dab20f9449ca4b4726fbf6964156cdc5addfb87f767e22a1a4cbbf8db2dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"deb4aa278b74495935d136998e20294670b219bf"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sheila-marcia_169.jpeg
akcdn.detik.net.id/visual/2021/10/14/ 90 KB
90 KB 321ms
320ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/14/sheila-marcia_169.jpeg?w=750&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

39b8971bfd7ad817fd5f71bab5ac0217849ffc26f2f1533ce17c9bc405f776a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"2cbf6578066d25056204ae214dde8a2105456e8c"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sirih-gading-1_169.jpeg
akcdn.detik.net.id/visual/2020/07/28/ 13 KB
13 KB 485ms
484ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/07/28/sirih-gading-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

f6773be178253a9418a76082a5fd8e79252ab16f9d9c0b7e1725dc2d16879f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static10
cache-status: HIT
etag: W/"ed28ef74bfb1839b717de05f5fbddd5f97886b58"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-pramugari_169.jpeg
akcdn.detik.net.id/visual/2021/09/01/ 12 KB
12 KB 485ms
484ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/09/01/ilustrasi-pramugari_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

c6939b309064e38097d82b51a5dbd4ac356bb92f0d6400c6246f9f5d447a3da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"45860eabd7f2f758da2f20e0800e58eb1c13a8f8"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ibu-hamil-2_169.jpeg
akcdn.detik.net.id/visual/2021/05/10/ 15 KB
15 KB 485ms
484ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/05/10/ibu-hamil-2_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

9d0171051206a1f1d1d85cbf764906d926f49da4b2710ced06091f893912fa75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"921cb0dd428da4acd22ee11ce0766e1d83db272b"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sunrise-cantik-bromo-3_169.jpeg
akcdn.detik.net.id/visual/2021/06/28/ 11 KB
11 KB 485ms
484ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/06/28/sunrise-cantik-bromo-3_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

086b8f230fe7a6517936d1784b86487fa45b1a78b514a42903751e1ecc95d9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"d25b12128aae83fef8b26b83b088cbb7386e2f59"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ratu-bhutan-jetsun-pema-3_169.jpeg
akcdn.detik.net.id/visual/2020/12/04/ 14 KB
15 KB 485ms
484ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/12/04/ratu-bhutan-jetsun-pema-3_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

ce9a7fef432295abbcf415fc6737343fa5cbc01bdcc98da7015e4ba392c74f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"fd96242b52eb7f708e1604775ca205083727ea25"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jisoo-blackpink_169.jpeg
akcdn.detik.net.id/visual/2021/10/15/ 19 KB
19 KB 485ms
485ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/15/jisoo-blackpink_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

8532244b8ad8255bc8159aa5fede61d926557b37c85c784cbfa2d503a212fa6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"7e384eae6dd905e22fde4bd09dee9dd0117d3b85"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4E3C 0
54 B 583ms
282ms Ping
image/gif 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kusiep3b&c=7611358700786&slotId=3805679350393&qqid=CKWb7PDZzPMCFdQz4AodKHMIdg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adele-dan-rich-paul_169.jpeg
akcdn.detik.net.id/visual/2021/09/20/ 8 KB
9 KB 456ms
455ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/09/20/adele-dan-rich-paul_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

98949b74668c8969eb095b18ab51ca9053cf777832e41ce7f76fc4c53160742b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static10
cache-status: MISS
etag: W/"37e08fdfe32e1f4e551ed2237241d2652be4e3fb"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-10-contoh-pantun-nasehat_169.png
akcdn.detik.net.id/visual/2021/10/03/ 12 KB
12 KB 455ms
455ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/03/ilustrasi-10-contoh-pantun-nasehat_169.png?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

2eff60b49fa897328b17d98e2c3542883ceec41facbfaba3ac49be705e67a903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"dad1fb64a8c535258e33c31c68741a43d2d753b4"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mendongeng-1_169.jpeg
akcdn.detik.net.id/visual/2020/12/22/ 17 KB
17 KB 455ms
455ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/12/22/mendongeng-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static1 /

Resource Hash

94b0a3b00491339e35e706725e0fd1cd8762507c4786e23a8c9125fdb0eaf472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"d2434feb3e7d8c59140274aaec38cdadb017ec44"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 1 KB
759 B 343ms
343ms XHR
application/json 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=3717%7C3718%7C1514&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

0b541cee55ca8bad3bff9c73619984dd6f30811d7d699b37837e79a805171440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive5
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 318ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
167 B 47ms
46ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2406292379296579&correlator=419879268906803&output=ldjh&impl=fif&eid=31062524&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=4905536%2CHaiBunda_desktop%2Cnewsfeed2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3Dnewsfeed2&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie=ID%3Dbfa217d499b9a667%3AT%3D1634310722%3AS%3DALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg&bc=31&abxe=1&lmt=1634310725&dt=1634310725067&dlt=1634310721153&idt=1560&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=2701&adks=3865697788&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x4905&msz=750x61&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1171546119.1634310723&ga_sid=1634310723&ga_hid=1766909678&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d96d8ed62062e9265f3eab8fc6da2b7f244a218f14867e15c3fc2637d6e41358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 401 B
702 B 622ms
622ms XHR
application/json 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=%7C%7C%7C2679&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4a99fe06bbde09b456cfa94ec2b5eeac2cbfa87d562f81326338d820c9d1b187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive5
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B29 0
56 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B7mbIQ5ppYarrMJqwzAapi73YDAAAAAA4AeAEAg&bg=!sLOls_fNAAao6lBpqOo7ACkAdvg8WhaX64rjXMw31_3AE5Y3Wh1ccbNOwld1YCIt0nKaFNmW5jrqHAIAAAIaUgAAACtoAQeZAxuJVQqTHoXHQtcIYhh-VvA1z8vC4hsIzt6YFzJJYswtqQyNDnZf5hwHaAFTdx0_d9_-AtFupUOCWyNiZyr0N_a9RqMnBz_w4RlFgV3fNMk_43SECnjWDNkOZv1hCNyE4IU2SI4w4vHU38czl0ojqiY3tGPpd1fFcqtDFWKDlufJyJ6cubnMeFTTyp2vw43TfDsLntpBX62j9LPVnvYUMCSPCBJRyiLpPP1W2s6qYpP2z38wIHKAq1lrpNqCPioKxZenumcxar-y-b531SQJ-qpIdNA2oMcjHUvrjBIV-BFNSOVYQE5Nv4mWbN4LWWBwYl24dkD8fRmNji0VtW_lCBwcvulHs6LhH4vpENusqjMZ_xBd92TUz7SgphdKDPJP3Uh_MFpDTNdR-esc_J81XunFPNaP_XhbNsqMdsHi_qR-YFxfDQdphKEpA6dKbwDwNylNKuBvnfsWEcWSGPjfqGXAxNnrJ7T8BE7dfOWVH5jICB5xmIFSUnWwdTQ84MyuT2bZ0Rt2oexfcp-j3eoArHSCh6IRAxwW0R2JsPD_x6CjStUXsZpCYTKWbHKglqJ-1F-xeB5TpiLXjfg9mdZIeFzm8PDJbFJmBACz1FLz1n13E6dgfs85mfvZR5yiyPb7KpjYkWi0yeDPqekSveOBa6DBkjT_hqgUzNyjjWxIeb3HTfDuoXucDDO6-W0zAQhTh_8q86OLlloRIdbH5Dq1yhIs8KamttlhfkSKdCzqxE_iFaU4TSYLKZy1WBoUg81Qp3cs83Qh6cGveUlii1l1cpFfBrSWSLEoTCm3ItJpfCN3hKTH4lBv7OCB7DJOKWHGWHLCYvm34M-uir0Ep_XNCMY1Zsw9zgBwAsxSK7Y8WE1ZcE9_7lfphzpbhPRTtE34ebQbyg3OaUoS_CIzItfP6fUrnieVVQLN5lKq_h9tqNuNBwhBgU2ju9iOXVVSjiUpgXdXVnwIE3y8AZ6NO2kisVQn9-kbKBbHxJLscofM5bTnC-UEM1BZbYPNIIhHjGW9n2PPHLm9bAsuS65CZRe92RY4bece1h9AbsERGcs

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F8B 0
56 B 47ms
47ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaIHzQ5ppYdv5KpmgrATzppM4AAAAADgB4AQC&bg=!QkGlQQXNAAao6lBpqOo7ACkAdvg8WhxaDmFT5hioySeS4Xucl1P_87kq8kujQw5usXrrYjbjPKCT0AIAAAJYUgAAACZoAQeZAwjQJ5Gsge5y5CwCWtN2O4OBC60yLqqgu54Uk_5BNRz_nodSMbAUifPKjbHZyQYnVypcFsx7gVYMlw1vXzMnylipS3wyQYHfR3he0CEN2Nal13S8PAeiNXk-m5fNZ6zN2A0TQb8gBSlq9m9XpjuM-0vApJuy-XymlE8x-leCVBuWyYfwJPWQ7GFPryWtcx3ozpICN1pah6V5GiGvEbcGK7-GkuUkWuzulPdY-k0-xWKJ3BPIIU6p2tny4zsu4GZEmgKQEj20SVQmI9-BKFtdR9wAX1hcd76Sh7UgnqKvgvHZphVLIuFJ35ESXntOowr_5c4PSTf_NzYrih2SQt8z6GblJCYXrugjlnjbQRrRlCj0MFYlt9166GpNuF7pWWRTQg1QQeaYk0sGAMMtUVVT4c8zioo4M_oY0gu-OO1WkxTJH6uR-VMyHItvCeFW3HiH05M2REtA8n8ER84tfyYRHFPghUTEnYY84NXejsEJIBbROjh36JIDNAPaH0K6zLNiaV4CV3Ez5hKwVO-SQ-xYXBUtb0vo8fdTX0aQa21Da4aiH4E_fuI_LAqOB_ixDbjoVUe4yk4ZD-mfOtrWqLrSbv0Njzrt-bnAqYP7-eb0vS0nzYompjLqGDQh-qkwHf8uT39knqi036VG4ReHKzkKpa6DtVnehylBBqp7GyJO6zFKNNm06jh8TqyG1Fk1CiDBwxHsdBkJ1RLzFrqSzGLZrglinEPDxGt2KXMz3WBqbvplJJ4sZPTyu7-ip5JzVqCXfWG_e79oR-kDQKVD3tO5MbmJir0OQqYyF2EbbhU6WDhb92oTwe0zwIj0W-AyDByj8xH0TmzoKC37XmNbDWI1X5svcIMIUYDxDoSpCCa7YqtDwm6Hg3zUg6UCp27q6IrhEUasqKL-CGZfNYkOeRyhZ6fi5ccfHrNyBMrXYhCU2BaOzPQ7QXn3uQWDZHp4QiJ2ElBKEm_sNgEwFg5fBanknMIkf7e1XsZ2VRLrmvacG42CrzHmyLGr_4Cn2lGKeq1yuBqPoErlc5crwg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 217ms
216ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3717&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=6d526d41fa

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 217ms
217ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3718&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=d6f3c85bf6

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 218ms
217ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=1514&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=4be2841548

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:04 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 214ms
214ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2679&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=18d7717413

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Bekasi, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 23ms
23ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd9c2929d951a8a4db7bc91af8268dc467cb6ad39322f0a6445b62a96a3a6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8621
x-xss-protection: 0

POST
H2 200 rum Show response
www.haibunda.com/cdn-cgi/ 0
231 B 26ms
25ms XHR
text/plain 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.haibunda.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _ga_LW7SH9Y4G8=GS1.1.1634310722.1.0.1634310722.60; __asc=c0cc3bba17c84829416b7d5e34b; __auc=c0cc3bba17c84829416b7d5e34b; _ga=GA1.2.1171546119.1634310723; _gid=GA1.2.369648495.1634310723; _gat_UA-891770-244=1; _fbp=fb.1.1634310722948.1623296331; FCNEC=[["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1634310723300]]; __gads=ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg; __dtmids=undefined; dtklucx=gen_8b8db941-4299-c974-6254-ad251197d1ff
content-length: 57808
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.haibunda.com
referer: https://www.haibunda.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 69e9fbd52bcd4e8c-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 15 Oct 2021 15:12:05 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4F70 12 KB
5 KB 9ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 15 Oct 2021 14:32:02 GMT
expires: Sat, 15 Oct 2022 14:32:02 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 650F 783 B
996 B 20ms
20ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1c781f5af8edb34057876061badd812abc6a5dbcce3c7babcd48055b9c69fd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wDP4LLZfprACDj2jQhIrhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haibunda.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 15 Oct 2021 15:12:05 GMT
date: Fri, 15 Oct 2021 15:12:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-wDP4LLZfprACDj2jQhIrhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F70 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13341
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 11:58:51 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 650F 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2406292379296579&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2406292379296579&bg=!BAelB0PNAAao6lBpqOo7ACkAdvg8Wv6Bvalzkbb8SprRWc1TKQNReaohucC9wMliGuMPjxEWDDW26AIAAABmUgAAAAxoAQcKAIsZTrtwDOp0BPa69h_0cme1eAB6yVZdxb0U5bbfD2E23CrLA76B7eo1hzO0YVHRF25dFeUSTz-_z6rQslI5YV403rahsyytCL-EMyTrQ3_eb9yqv4avw2YkjSstgYgo2O56NCqwZFweMq0hZfOl7T2-KOkD41l-VHnt4DSwPGCLmaEz7wJOn2yrgVSpmQKsjM4ouOz_Z3LEBWSCSR9G3O0_G4BoCD4vsmqTPqxkeCJzCrYONjUrSGEwiJAvJReJhEwqPSOOl1NG6Zobmlvjq_-89QVmXtWU5zmP6f1hNmr5oO-O-JhOl4uFklbAvsdigO-IztolUEEKiNUHbayK2gvxHwAD5tu5ir8UxDeR42xUZO82cxDh7ox8uGycvDrmZyHoFKp3m64q_r2PTV1euqVU4y-tBbokb4awUvX4QYiwCR5AzTdevC0DOhxryz7vHxQ2jVxaUZgoKOKAiRuKzF2pHhVPbahVN9Uc2cGKTl3UwboRYuVu5UPO_5Vyai9dqmi33KksN1W4zdTRyunn4hr00v4PuyABdplqQ1_4OpwKoq_XPDcPriQJTVbfgsg8Raxo07yr-DNdLAoLi7JfO2vqg6rWPV1-N6JDaGDKOZnFj0DoJxUpb4UUeQ4yBqRqT1sbVhoLod6jRzjXubQ6PPsobbQfxHxowAsRrc8ExCVKyyaeoMC3E002PAuIbKoEx6WzLVUjvI6hydU5OzsBV6nsOy-1YW7ONWAxc--AOv0q4amwm3-X4Hv13E06tofmhQKs3J4FASeLommH4Tf25g_1tmY2Pmyz8NiuwcyWCpUEBHOuUCr1NQRO9u2InzpHmRA2u5ISdM4ekiVUsROVRoHF-9erJsGPVghO7ExfzMD8OwtJIwpXGOXQhaFyPmB2UP6bGln6XV7SVmIOWT7w8gW-a2ua5jZmjq7l0kWYmMRvjgAxeP8gP3rA8hvTMNxFfS3WQvqMtg4gXUnYK0c_7Ln2UACT5r2vc1z5qBocw4BwJlpYc2Xo2PvhtkSyTksApc22c9W2-6C6keTbiX5l3oqx8PdFpilKolSCPpuI_5l333YldGB_ZvTNyRe07Kwv7WRdFgs8UU6MfiNN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 1 KB
2 KB 10ms
10ms Script
application/javascript 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?e_rc=1&pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by: Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d124f4c180a2826806d5f8d0b6f65ebae27888fddb7fe582416eeea1d19301b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:07 GMT
Content-Type: application/javascript
Content-Length: 1239
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync.1rx.io/usersync/eyeota/0?dspret=1&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/eyeota/0?zcc=1&dspret=1&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3D%5BRX_UUID%5D&cb=1634310727600
https://sync.targeting.unrulymedia.com/csync/RX-f2557d63-e967-45fe-8402-adf67f41b058-003?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dd6m4omv%26uid%3DRX-f2557d63-e967-45fe-8402-adf67f41b058-003
https://ps.eyeota.net/match?bid=d6m4omv&uid=RX-f2557d63-e967-45fe-8402-adf67f41b058-003
https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D1%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26
https://ps.eyeota.net/match?bid=9sn4omv&uid=QToUzVaO1MBoSn5&newuser=1&dc_rc=1&dc_mr=5&dc_orig=d6m4omv&
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2XZ8kjDdrPPk13TAnAQttd7-6K3QVtxL-O-ou5R4Y0F4&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26dc_rc%3D2%...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&dc_rc=2&dc_mr=5&dc_orig=d6m4omv&
https://aa.agkn.com/adscores/g.pixel?sid=9202273308&_puid=2VksjrwI_lxFwElNGwFyU1ObW4-ouVqKMUYSAXE19S_A&_redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dc9gd69u%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3...
https://d.agkn.com/pixel/1716/?che=1634310728&sk=164900403940000254243&puid=2VksjrwI_lxFwElNGwFyU1ObW4-ouVqKMUYSAXE19S_A&as2=&l1=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dc9gd69u%26dc_rc%3D3%26dc...
https://ps.eyeota.net/match?bid=c9gd69u&dc_rc=3&dc_mr=5&dc_orig=d6m4omv&&uid=164900403940000254243
https://ads.avocet.io/getuid?url=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Db2c3gb0%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D%7B%7BUUID%7D%7D%0A
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Db2c3gb0%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D%7B%7BUUID%7D%7D%0A
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Db2c3gb0%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Dd6m4omv%26%26uid%3D%7B%7BUUID%7D%7D%0A
https://ps.eyeota.net/match?bid=b2c3gb0&dc_rc=4&dc_mr=5&dc_orig=d6m4omv&&uid=880d9bb8-e1cd-4f31-a07d-566a001bb47a
https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559721307838183&bid=omt9pi0

70 B
440 B

52ms
52ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559721307838183&bid=omt9pi0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:08 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559721307838183&bid=omt9pi0
Date: Fri, 15 Oct 2021 15:12:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=17c8482939c-7770000010f5fec&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dmli4m40
https://ps.eyeota.net/match?bid=6j5b2cv&uid=80840318566997199644075030411070147123&referrer_pid=mli4m40

70 B
440 B

14ms
13ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=6j5b2cv&uid=80840318566997199644075030411070147123&referrer_pid=mli4m40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:07 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

DCS: dcs-prod-irl1-1-v019-003e67e75.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4cFxP91CT6Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ps.eyeota.net/match?bid=6j5b2cv&uid=80840318566997199644075030411070147123&referrer_pid=mli4m40
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dmli4m40&_test=YWmaRwAJUh2-WwAT
https://ps.eyeota.net/match?uid=YWmaRwAJUh2-WwAT&bid=0rijhbu&referrer_pid=mli4m40&_test=YWmaRwAJUh2-WwAT

70 B
440 B

18ms
18ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=YWmaRwAJUh2-WwAT&bid=0rijhbu&referrer_pid=mli4m40&_test=YWmaRwAJUh2-WwAT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:07 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:12:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634310728.801295,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://ps.eyeota.net/match?uid=YWmaRwAJUh2-WwAT&bid=0rijhbu&referrer_pid=mli4m40&_test=YWmaRwAJUh2-WwAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/123/ 43 B
1 KB 47ms
9ms Image
image/gif 54.36.109.47
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/123/9.gif?puid=17c8482939c-7770000010f5fec&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.47 , France, ASN16276 (OVH, FR),

Reverse DNS

p02.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:07 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dmli4m40
https://ps.eyeota.net/match?uid=1762185249949940899&bid=2cr76e1&referrer_pid=mli4m40

70 B
440 B

17ms
17ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1762185249949940899&bid=2cr76e1&referrer_pid=mli4m40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:12:07 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:12:07 GMT
X-Proxy-Origin: 168.119.25.195; 168.119.25.195; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 69aa2be6-8936-404e-b7f0-dbcd71408359
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ps.eyeota.net/match?uid=1762185249949940899&bid=2cr76e1&referrer_pid=mli4m40
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kayumanis.detik.com
URL: https://kayumanis.detik.com/api/validation/

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eyeota.net/	1970-01-20 06:44:06	Name: mako_uid Value: 17c8482939c-7770000010f5fec
.eyeota.net/	1970-01-19 21:58:31	Name: SERVERID Value: 24556~DM
.scorecardresearch.com/	1970-01-20 15:15:18	Name: UID Value: 1HXKCEJ4EL1CXYYCKTONXZg1634310722
.haibunda.com/	1970-01-20 15:29:42	Name: _ga_LW7SH9Y4G8 Value: GS1.1.1634310722.1.0.1634310722.60
.haibunda.com/	1970-01-19 21:58:32	Name: __asc Value: c0cc3bba17c84829416b7d5e34b
.haibunda.com/	1970-01-20 06:45:33	Name: __auc Value: c0cc3bba17c84829416b7d5e34b
.haibunda.com/	1970-01-20 15:29:42	Name: _ga Value: GA1.2.1171546119.1634310723
.haibunda.com/	1970-01-19 21:59:57	Name: _gid Value: GA1.2.369648495.1634310723
.haibunda.com/	1970-01-19 21:58:30	Name: _gat_UA-891770-244 Value: 1
.mathtag.com/	1970-01-20 07:24:25	Name: uuid Value: a42c6169-9a42-4e00-a2ba-f5a7ea6de5c5
.spotxchange.com/	1970-01-20 06:44:10	Name: audience Value: 403c0ad0-2dca-11ec-8af7-16821cb20506
.doubleclick.net/	1970-01-20 07:20:06	Name: IDE Value: AHWqTUlLVLW7H1vJ8ZhVXpAfFDKUrCR3I5VQus9-j61EIwZPan6abchsrG7BNLZXHz4
.turn.com/	1970-01-20 02:17:42	Name: uid Value: 4162784312116736838
.adsrvr.org/	1970-01-20 06:44:06	Name: TDID Value: 28c9cb88-e2cb-462d-a28c-3a071602ac5c
.yahoo.com/	1970-01-20 06:44:28	Name: A3 Value: d=AQABBEKaaWECEBZSl1PQrsXSGnZaa64Vom0&S=AQAAAlFSoY83ql1Srt-wgqMB1k8
.adsrvr.org/	1970-01-20 06:44:06	Name: TDCPM Value: CAEYBSABKAIyCwiak5H5m_6HOhAFOAE.
.haibunda.com/	1970-01-20 00:08:06	Name: _fbp Value: fb.1.1634310722948.1623296331
.haibunda.com/	1970-01-20 06:44:06	Name: FCNEC Value: [["AKsRol8JiPl7FwBS_pksfn2MVSvkMARKyQIo2Iivq2M4uGlytvcTEN8dvZXpvhi9arwY8gUu3UwSHEp48pSRe4GAiidEYB4lVYCv2D9yye3BsXs99o5Q6B1dRfYz0yINMN8EAME01TV3jKT3630dQhZ0kSGADoRnEA=="]]
.haibunda.com/	1970-01-20 07:20:06	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1634310723300]]
.casalemedia.com/	1970-01-20 00:08:06	Name: CMPS Value: 5207
.adnxs.com/	1970-01-20 00:08:06	Name: uuid2 Value: 1762185249949940899
.casalemedia.com/	1970-01-20 06:44:06	Name: CMID Value: YWmaQ.1.luq5nznXE4guJwAA
.adnxs.com/	1970-01-20 00:08:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc%t$wu6!@wnfH8K6pQK`!5=E<*L5?%M/h+Nt@j3Gd>f6TyW9tUiBk^ko<>zPn2Edm2<%nugO%v4VB%nmT7)q-iP
.casalemedia.com/	1970-01-20 00:08:06	Name: CMPRO Value: 1198
.casalemedia.com/	1970-01-19 21:59:57	Name: CMST Value: YWmaQ2FpmkMA
.casalemedia.com/	1970-01-20 06:44:06	Name: CMRUM3 Value: 2d61699a432760CAESEGirAPIDRM3CvUcC0XdW4bk
.haibunda.com/	1970-01-20 07:20:06	Name: __gads Value: ID=bfa217d499b9a667:T=1634310722:S=ALNI_MZT-QG-ZvbNuHa8oRft7Pk-9CdKBg
.mathtag.com/	1970-01-19 22:41:42	Name: mt_mop Value: 4:1634310723
.quantserve.com/	1970-01-20 00:08:06	Name: d Value: EAIBCQG-JIEA
.quantserve.com/	1970-01-20 07:28:45	Name: mc Value: 61699a43-b1b6f-1f646-77468
.adfarm1.adition.com/	1970-01-20 00:08:06	Name: UserID1 Value: 7019311106805528728
.pubmatic.com/	1970-01-19 21:59:57	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-20 06:44:06	Name: i Value: fdb44514-a6a0-488b-a069-d9310f986d9b\|1634310723
.w55c.net/	1970-01-20 07:28:45	Name: wfivefivec Value: QToUzVaO1MBoSn5
.pubmatic.com/	1970-01-20 00:08:06	Name: KADUSERCOOKIE Value: BE529A94-0315-4B63-B2F9-5B9BD2DE6368
.adform.net/	1970-01-19 22:43:09	Name: C Value: 1
.w55c.net/	1970-01-19 22:41:42	Name: matchgoogle Value: 5
.adform.net/	1970-01-19 23:24:54	Name: uid Value: 4319690237306891084
.haibunda.com/	1970-01-19 21:59:57	Name: __dtmids Value: undefined
.e.dlx.addthis.com/	1970-01-20 07:28:45	Name: na_tc Value: Y
m.exactag.com/	1970-01-20 00:08:06	Name: exactag_new_gk Value: 8a0b239569b3491582d29b833332cb82%7c14.12.2021+15%3a12%3a03
m.exactag.com/	1970-01-20 02:17:42	Name: exactag_new_uk Value: 51ce067a83d544e8b351283ac766e93f%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 159338f9f8794bce9c22aef0
.demdex.net/	1970-01-20 02:17:42	Name: demdex Value: 80840318566997199644075030411070147123
.addthis.com/	1970-01-20 07:28:45	Name: na_id Value: 2021101515120300085569424449
.addthis.com/	1970-01-20 07:28:45	Name: na_tc Value: Y
.addthis.com/	1970-01-20 07:28:45	Name: uid Value: 61699a43109bdd65
.addthis.com/	1970-01-20 07:28:45	Name: ouid Value: 61699a430001719c06280a5288d87ad41cef7266b937d7293569
.dlx.addthis.com/	1970-01-19 22:41:42	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 22:41:42	Name: na_sr Value: 20211015
.dlx.addthis.com/	1970-01-19 21:58:30	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 22:41:42	Name: na_sc_e Value: 0
.skydeutschland.demdex.net/	1970-01-20 02:17:42	Name: skydeutschland Value: 80840318566997199644075030411070147123
newrevive.detik.com/	1969-12-31 23:59:59	Name: OAGEO Value: US%7CKS%7C%7C%7C37.751%7C-97.822%7C%7C%7C%7C%7C
.haibunda.com/	1970-01-20 06:44:06	Name: dtklucx Value: gen_8b8db941-4299-c974-6254-ad251197d1ff
newrevive.detik.com/	1970-01-20 06:44:06	Name: OAID Value: 7cd6fcff3189f3418e39443321e924e8
.id5-sync.com/	1970-01-19 21:58:31	Name: cf Value:
.id5-sync.com/	1970-01-19 21:58:31	Name: cip Value:
.id5-sync.com/	1970-01-19 21:58:31	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:58:31	Name: car Value:
.id5-sync.com/	1970-01-19 21:58:31	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:58:31	Name: callback Value:
.1rx.io/	1970-01-20 06:44:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f2557d63-e967-45fe-8402-adf67f41b058-003%22%7D
.dpm.demdex.net/	1970-01-20 02:17:42	Name: dpm Value: 80840318566997199644075030411070147123
.everesttech.net/	1970-01-20 06:44:06	Name: everest_g_v2 Value: g_surferid~YWmaRwAJUh2-WwAT
.targeting.unrulymedia.com/	1970-01-20 06:44:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f2557d63-e967-45fe-8402-adf67f41b058-003%22%7D
.w55c.net/	1970-01-19 22:41:42	Name: matcheyeota Value: 5
.agkn.com/	1970-01-20 06:44:06	Name: ab Value: 0001%3AZ%2BrZfYXXbyhfZ5KkJ5xvpZ5TUF%2BiRdQV
.agkn.com/	1970-01-20 06:44:06	Name: u Value: C\|0CAAAAAAAKPxWyAAAAAAAAgEWAAAAAAbtAAAAAA
ads.avct.cloud/	1970-01-20 06:44:06	Name: uuid Value: 880d9bb8-e1cd-4f31-a07d-566a001bb47a
.rfihub.com/	1970-01-20 07:20:06	Name: rud Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjQ2MLcwtjC0MBbiM9TNjvCrrMwsL0su9POT4jU0MzYxNjQwN7IwNTIEALtrAvg0AAAA
.rfihub.com/	1970-01-20 07:20:06	Name: eud Value: H4sIAAAAAAAAALvFwmtoZmxibGhgbmRhamQIAOsc9t8QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjQ2MLcwtjC0MBbiM9TNjvCrrMwsL0su9PMDABt30hwlAAAA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.haibunda.com/ Message: Access to XMLHttpRequest at 'https://kayumanis.detik.com/api/validation/' from origin 'https://www.haibunda.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://kayumanis.detik.com/api/validation/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211011_RC00/outstream.min.js(Line 344) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cdn.haibunda.com/css/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWmaQ-1-luq5nznXE4guJwAABK4AAAAB&google_cver=1&google_push=AYg5qPIPtRE4RlLcNC6FT_pZ2x7qIEeQblGN9-L1Jt728IBip4Yfh_PD8AGqFycyPoJMNXOEuOxhKB6SuWw-1Si4orLet8XjtpYm&google_gid=CAESENx9ATyijjSf0v50CmYl3ZU Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3fcb5f68ff21abe8fd08f4b50c6f5b7.safeframe.googlesyndication.com
aa.agkn.com
ads.avct.cloud
ads.avocet.io
adservice.google.com
adservice.google.de
akcdn.detik.net.id
analytics.google.com
api.vidy.com
bid.g.doubleclick.net
c1.adform.net
cdn.detik.net.id
cdn.haibunda.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cdnstatic.detik.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.detik.com
connect.facebook.net
csi.gstatic.com
d.agkn.com
d.turn.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i.w55c.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.detik.com
imasdk.googleapis.com
kayumanis.detik.com
m.exactag.com
match.adsrvr.org
ml314.com
newrevive.detik.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
r1---sn-4g5lzne6.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
static.adsafeprotected.com
static.cloudflareinsights.com
static.vidy.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haibunda.com
cm.g.doubleclick.net
kayumanis.detik.com
103.49.221.102
103.49.221.173
104.111.215.191
13.225.87.8
13.32.99.104
142.250.185.98
151.101.130.49
151.101.65.44
18.159.85.44
18.168.102.56
18.192.155.173
18.197.87.177
18.66.97.58
185.29.134.244
185.64.189.115
185.94.180.125
193.0.160.129
2.21.141.232
2001:678:cb4:bbbb::13
203.190.242.102
203.190.242.172
203.190.242.244
212.82.100.182
213.19.147.45
216.58.212.162
2404:6800:400a:80e::2003
2600:9000:223f:f600:1b:5138:8a40:93a1
2600:9000:224a:c800:8:48e:53c0:93a1
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:5c12
2606:4700::6810:5f41
2606:4700::6812:154
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:12::6
2a00:1450:4001:802::2006
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.210.90
34.250.206.93
35.227.252.103
37.157.2.238
37.252.173.22
52.17.151.21
52.208.138.90
54.148.74.183
54.36.109.47
54.77.217.29
64.233.167.155
69.173.144.165
76.223.111.131
79.137.69.120
85.114.159.93
85.14.248.72
00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089
0356c516f36efead47f3474b418ff234ec7fa9a714947e955d4916dc43a1d4d2
05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8
062991d895f715aad3e5d0726af0963f895d6458e329f33bc5c446191950ca37
0807ebf229c5b694ea8260b110ebbc18f3f6f9073f113f66127f1fa0fe6a22ae
086b8f230fe7a6517936d1784b86487fa45b1a78b514a42903751e1ecc95d9fa
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
0b541cee55ca8bad3bff9c73619984dd6f30811d7d699b37837e79a805171440
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124017361ed67d5b1147382fbf5b09de152ecd217bb1626fea96c384640eb2d8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea
19d8ebd3fb98721f56f81064a3b6c8d9e34b9e679f5badd844f05ce9090f245a
1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4
1cf1d72365bef7e9729783b8f5623427c2f6c231989900f30f46da593eaf3690
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0d978a09a9776d2cc6602d706e880504e526634b88ed33497bcde232fcc7d6
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20607a9c8488626397e8fe2ecd43ed0bc55c0fd9506a21fd79d21dd85eadb7fc
2300d0340b4099a5708c37b443923f46881ce5d39c851a3b3778730300bb962d
2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f
24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315
2544f04aed16a754b4c8198ae0cf980587519e858da56360dac423739b4bc504
283b069e9ffec726e1b1132f6c8a2395d298305db72af2a0a4256779acdcd111
288ce353b2e760bebe9cac46c6b6d5f121e128ccffdc42517544fc594d58e843
29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f
2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd
2eff60b49fa897328b17d98e2c3542883ceec41facbfaba3ac49be705e67a903
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17
38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff
39b8971bfd7ad817fd5f71bab5ac0217849ffc26f2f1533ce17c9bc405f776a0
3ad71be8ffbed2d121467ef9331648a8558e56998f133292caf8aac872c6ea72
3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7
3d5d092b38d34c852f80e0993d25839cda55f201c5abbc75d1f3f1f57e272498
3df2b5affcac0081f7de54d4b0e5e3d32ff23df3d1185c2cf5ced3048ba2a623
3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080
4140952397d12af4dc5a2b85e212cdd09cb159c14f15a82bd2dceee9ba173e9c
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e
466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781
47fb8567d20dfbbeb1d53940062ccd9cc8d35764e5df6a969d7a588ff5bb0e2f
4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632
4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a99fe06bbde09b456cfa94ec2b5eeac2cbfa87d562f81326338d820c9d1b187
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640
4ea4bc5c4ef75dc66dda955e8126f9b5603f5b1d573b28f667e174d4dcd3db90
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
4f687bfa66911f5c2f4a199ad3f2c244700fe6d73f6e84ccf928834a9b3c270f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9
591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02
598e372cf0cdaaa088941b12bafe5cf9c317001c58e9696e27b44d3176763f6c
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
621ecfa8e99a39b4446b12466869dd1f7203d803b8a11b88fb588e0bddfeb0a4
624dab20f9449ca4b4726fbf6964156cdc5addfb87f767e22a1a4cbbf8db2dcf
62b57202462584e34407a29526c1a8c61d2b70d40c46f2dc4b805e057622195d
641527a5cf4838c96126427f0451507debed6fcabe8f01403e8ce00aa6975422
67605ae85f47f96b5d88ea87931d05b6719fa10970505dc4809811e189633423
67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6b7f9c63a4512492b1b6be19fe6db3cdb6d6c7ebb6236a5e889cf3c8bec48209
6ba530d1554c0a6de2ca25e044119aac432a2a8be1f4e4a5586b664f5d4cf458
6ca060e32aa33e615d3f02f8d264b0257fcbf955ec5b4560f04509b1cc5a4441
6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039
7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8
73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0
740ff21657f6ff1e389ad1fa52c059213e55297d1653888f767c043dfc2da1d5
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f
7a407233040aae63b18079d8e270ac73987427ac068a3ebadee3f176b73bebb0
7a998fa67909f2455e06ae31863167225ca4544e5fe05bdeba0d0de40c92eb1e
7acd4df7eb73b971b6bae57cbfd5a4521618b0434de11cd049372461c61a2037
7d353030f1ff812e11420485a87281e357bfc039400698c516cdac19d638db65
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
7ff69eeabed7aa65e543148adafafec8db46c5ca279389dc399cafa298969843
8222c0abfdeba53481fa3b2d61887bd1bfee871ba0deb41482d48f78bfe1cdea
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22
8532244b8ad8255bc8159aa5fede61d926557b37c85c784cbfa2d503a212fa6b
864370df7e2d2646b46e5bbb72bc1fa6cb549a5963b9e1286088b68c4c4ea4f5
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a033d8f85ef60fc0f1b2b6dbd87fbdd2ffedbd29749937de47ee533071f63c6
8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e
8e28ee83958f79c4b7b82921b30801ee1e53747e1165ab461d28439d1b6bb21e
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d
92feaf41bee72e49e88787ed8c590f21a995008039e704b9ef561a1d954df686
9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818
942eb33e5f9459667b4fcdb7ddfad2cea5180f44d5e1836782a539639cb740a2
94b0a3b00491339e35e706725e0fd1cd8762507c4786e23a8c9125fdb0eaf472
95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16
96acd68777c8df7495a38a36f7636256e969c874bd4ce17c92c371435345d676
988273bd97fdc73e5cd6519a6225d4bb129e10484b65cfbd23388b150a9ce46d
98949b74668c8969eb095b18ab51ca9053cf777832e41ce7f76fc4c53160742b
98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4
9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af2a8ce32fd1a1765ee52d154940f56c2388ff1927226dc71570584202d8e60
9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0
9d0171051206a1f1d1d85cbf764906d926f49da4b2710ced06091f893912fa75
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432
a1702de4a100c75fb4add23d0c95cc35c3c8c27fde6341fabdc35ca8b05aed69
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a3d6a8f0f8a8692a7b97eaa4229ba2b8175f32afd45f9cd56fb17731bea2cd2c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50d16fb94114f97b8afe54fe017441606825bce1a6cb8fd2390ebd8130d64e3
a5403de584447c64021ad774ebc8fb49a14783e66afc4d41bbe83aa4ae6a181b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9
ab591f0b282a3acf736c98459eda8f7da29315936bfdb8e7aeeb3eec3222c113
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
adca85fd7dc2eb5a22f1120e931a46d26a4e526ad2c5f25e2301343db62d873d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff5d67c1c48053e7d3e22251e77dcdfce14265e5109bd870e463069acce4d61
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe
ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19
be1e8341bc62bd9b5f0977eebe762f4aec98f0d45ac6a1fac04fd10dfb3a4df2
bfd9c2929d951a8a4db7bc91af8268dc467cb6ad39322f0a6445b62a96a3a6cf
c1a901425348ee77fb5a02d0bbd73b1731e5f074c8929a7ed652cadc25e71476
c1aea2261aa8e610ebd3af70fd71329e3a4a87e3324a69fbaa7ed1b6e0f0f8e5
c1c781f5af8edb34057876061badd812abc6a5dbcce3c7babcd48055b9c69fd5
c6939b309064e38097d82b51a5dbd4ac356bb92f0d6400c6246f9f5d447a3da9
c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d
c6eb3e3a54eee9d5f76e4c3cecd4af01a3179af01c8c6c8588dc910cccc13406
c8543802859880c5f3873d40991a29efabf298485f14f8168b75145cd218e16b
caf8b3154c881006e3fff68f85302af4749a87a093b4694a303d1cc493ffecda
cb22aa4df5bc50c9504a6d0138dc990da569f3a95906fc2d68b80f7715177b16
cb45d69231ca469a089d1e02e19a97fad1f67ab39793555df6e3b620b4d017cf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e
ce9a7fef432295abbcf415fc6737343fa5cbc01bdcc98da7015e4ba392c74f95
cfe3d8a127cc58c12430d097689951143872bd51b3af429e5d68699d86eb13ba
d0380143580595e4b3207fec88e571c2b607221931fcc86b925cd3da706f1001
d124f4c180a2826806d5f8d0b6f65ebae27888fddb7fe582416eeea1d19301b0
d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72
d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7
d3e3f2b49eb8ef7c08c3d597ec1516eafd811c08740da2a2760f9a0b163e7c43
d5651f8d6acec8fc8b6c54a58c71800dd618912b5b813d489dd8b6f3e3749294
d7f6d88f14a3ac268f45a5105809ce350496af91174dbeb66b0eec6a5b7c929c
d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6
d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f
d8c45ed2c0e279ad57acc40a24b9a249027d7341f436fc16d17f308e76fa2295
d8ecff3ac07eba5a37def47444f611be657e5a2b1fbc2a0a8c81934e8b859c46
d96d8ed62062e9265f3eab8fc6da2b7f244a218f14867e15c3fc2637d6e41358
db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427
dd2ab09f5924d1506ffc801dc7e81fa191967d502f7eff33916a1d77d3690647
ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df324cf99cbc625fa43f78407ff343a898086a912141da1396ba334a42d2774c
e00dbc7b40e47ff722a89c0eb223876375b5d0688131847429eceb6d836e1fa8
e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7e935045ff1fd6e534adb15d982efbd2d59d09e262df3c6faf40d44676c741e
e80e7f2beeedba5ae1a4c4d58e4b91da3cc034766af2011dc9d4c17cdfda424c
e873d8ce31311b2b1606bd9a7960e2ce0e57b0c5f68bdfb0cd7215f540c4482e
eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555
eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472
ec60609c64c5ea246e9b5e117da1b1bc3f5e69e7fd22027125d699829349fd6a
ed77a2bd3ea133fd5e1078b0d91684562475ee49fdbb647e1873fa56a73d69a7
ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784
ee78c792f3017fd9c54a5182c91273db443a5c07b9cd4232c33d9627a81a77c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef26d7d9512775cbf75eadf994f976b42a2a5d3d39f8f16c28a9f31533a374eb
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf
f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f
f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350
f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16
f6773be178253a9418a76082a5fd8e79252ab16f9d9c0b7e1725dc2d16879f1b
f6d38b55a0497e898fdc88995ffcc99b37997b718e39daee1bc0eb0c6e887da6
f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b
fa6911a00b48044521877fff379fe9491a8760f6f42bb81b13ba5c3bb01032e7
fba494ebb85f77289961ba57473465b23151e76c2cb2081fbc80d5c7f7db6613
fcd1f72b518acb623ff3ec4d96baae7e8c32ee68d45a9f198e1c054f1e1468c9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.haibunda.com Open in urlscan Pro 2606:4700::6812:154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

345 Requests

99 %HTTPS

44 %IPv6

53 Domains

81 Subdomains

49 IPs

10 Countries

5671 kBTransfer

12147 kBSize

73 Cookies

20 Outgoing links

Redirected requests

345 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.haibunda.com Open in urlscan Pro
2606:4700::6812:154 Public Scan

Screenshot
Live screenshot

Full Image

345
Requests

99 %
HTTPS

44 %
IPv6

53
Domains

81
Subdomains

49
IPs

10
Countries

5671 kB
Transfer

12147 kB
Size

73
Cookies

345 HTTP transactions
4 data transactions