mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.deimoney.com/4f6E6IcJ6K
Effective URL:
https://mbantul.my.id/
Submission: On August 11 via manual (August 11th 2023, 2:59:51 pm UTC) from ID — Scanned from SG

Summary HTTP 134 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 21 domains to perform 134 HTTP transactions. The main IP is 2606:4700:20::681a:6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is mbantul.my.id. The Cisco Umbrella rank of the primary domain is 962489.
TLS certificate: Issued by GTS CA 1P5 on July 5th 2023. Valid for: 3 months.

This is the only time mbantul.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:4780:3:c... 2a02:4780:3:c141::17	47583 (AS-HOSTINGER) (AS-HOSTINGER)
29	2606:4700:20:... 2606:4700:20::681a:6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
3	13.224.249.124 13.224.249.124	16509 (AMAZON-02) (AMAZON-02)
6	2404:6800:400... 2404:6800:4003:c04::69	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
4	2404:6800:400... 2404:6800:4003:c01::9c	15169 (GOOGLE) (GOOGLE)
2	2406:da12:fbe... 2406:da12:fbe:4200:bc16:21c4:c20c:caf1	16509 (AMAZON-02) (AMAZON-02)
8	2404:6800:400... 2404:6800:4003:c0f::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.249.77 13.224.249.77	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223b:f200:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	2404:6800:400... 2404:6800:4003:c06::84	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	52.220.12.162 52.220.12.162	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
10	2404:6800:400... 2404:6800:4003:c02::9d	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.43 124.146.215.43	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	13.224.249.76 13.224.249.76	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::13 2406:2600:4::13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
134	32

1 2a02:4780:3:c141::17 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

link.deimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)

mbantul.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.249.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-124.sin52.r.cloudfront.net

compass.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c04::69 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c01::9c (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da12:fbe:4200:bc16:21c4:c20c:caf1 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

data.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c0f::9c (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-77.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223b:f200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c06::84 (Singapore)

ASN15169 (GOOGLE, US)

0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.12.162 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-12-162.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c02::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.43 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.249.76 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-76.sin52.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	mbantul.my.id mbantul.my.id — Cisco Umbrella Rank: 962489	1014 KB
26	googlesyndication.com 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	118 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 617 csm.as.criteo.net — Cisco Umbrella Rank: 13101	187 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	703 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	330 KB
9	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2553 ads.as.criteo.com — Cisco Umbrella Rank: 12827 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 12678 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18385	49 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1497 google-bidout-d.openx.net — Cisco Umbrella Rank: 1496 us-u.openx.net — Cisco Umbrella Rank: 482 jp-u.openx.net — Cisco Umbrella Rank: 11580	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3	34 KB
5	adop.cc compass.adop.cc — Cisco Umbrella Rank: 60472 data.adop.cc — Cisco Umbrella Rank: 66360	10 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	169 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	17 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 20930	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 363	970 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 886	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1157	859 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1617	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1539	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	deimoney.com 1 redirects link.deimoney.com	502 B
134	21

	Domain	Requested by
29	mbantul.my.id	mbantul.my.id
13	static.criteo.net	securepubads.g.doubleclick.net ads.as.criteo.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net mbantul.my.id tpc.googlesyndication.com www.googletagservices.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	www.google.com	mbantul.my.id www.gstatic.com www.google.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.googletagservices.com	compass.adop.cc 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
3	csm.as.criteo.net	ads.as.criteo.com
3	cdn.jsdelivr.net	compass.adop.cc securepubads.g.doubleclick.net
3	compass.adop.cc	mbantul.my.id
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	rtb.jp2.as.criteo.com
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	cat.sg1.as.criteo.com	ads.as.criteo.com
2	ads.as.criteo.com	0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects mbantul.my.id
2	57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	data.adop.cc	mbantul.my.id
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	mbantul.my.id
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	mbantul.my.id
1	link.deimoney.com	1 redirects
134	38

This site contains no links.

Subject Issuer	Validity	Valid
mbantul.my.id GTS CA 1P5	`2023-07-05` - `2023-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
adop.cc Amazon RSA 2048 M01	`2023-02-28` - `2023-10-29`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-10` - `2023-10-07`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-14` - `2023-10-16`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.jp2.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-11`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://mbantul.my.id/
Frame ID: 309C70C9915ECED2325D7F36493C0333
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=ld0rb8gtbazq
Frame ID: 95B844B8F7752E71A915210CA84F7413
Requests: 8 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: D0046433099AA6B91DAD1BFF1D07E4F9
Requests: 12 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: 6670A0B9AF7234CB96282255FBAFEC4E
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW
Frame ID: 33F13C51201181F582DBD15D6E7B1DB5
Requests: 3 HTTP requests in this frame

Frame: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D7A023A8413AB3763F6483C62194F2AC
Requests: 1 HTTP requests in this frame

Frame: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F44CE0F8457F778A144B2069C1932A14
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Frame ID: D26AA56915C4B54CEF68A5C2D26DD6E2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73A1A011C1E919BE0CD35BE301CF2565
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D29F14C96C8E26DA0BDB5F6DAFC29E3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 934F6026BFD19E6C6E7D145DA738D257
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 015259586B42C5520DE3FBFDC061002C
Requests: 2 HTTP requests in this frame

Frame: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D107922D0AF6CD48182A3757E9F761C6
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZNZM4wAFXnYAtybYAATcfD4cJuc6W_vE5NkEng&u=%7Cfanwp6LWOW3zsYKnaPv50QSblF9va%2BMnFs7RRw656wM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ud5fiRU0UfH3Y36yURitqwRiXCszE4IMmA9llQ_Xes2qU2a4r4HNlkvtg--F4tRVoAXfYhIl94JM530Vj9L24BdDB9KKZu6VbilVQ5NWPZj1exteyAVpawXOB84MXRFURev9JGItvgJ4DbSAbp3TSteSuw8vOSJZvhkGQ3JvvE0J-RaCMXKERFSnlplllkcgQj4hDeSpJeL7RdrKFN91NfLXxSRcPaUK7J3YEIjRj0yVWMBX1KQkKBh44rbyclXWyyQJsGuGjX6G7khGKWYVejtjwVvE3Qd2PMLrmSclDCQ26Cui4S1MrCehJzWNfvRLrThgW1mbc3OO-iEaR5YLuu-2cuEqZXEGMB4xIFKpB7vAOqI2SedWus1BxiPp7I7bzqUrBpnaUnTDCVvpFFsFfzFP7e70ZLoJwk6xiziW0EKaM5318IEHP9ghievkd_Cgu9m_nf7K3GwGg2v1gS9wc4RyDd85HiWyhzhZUGGpa32sqmonl_x9StuLG0gJTueymdY_B8O_IwuCoiI8y7f_7shPAOLEkAU14uhfEvyaoPsad-byJSAI3p4SJrPvMmb_nWimC2Z7KJpRMUNJIzNnxZXFpEAalv29R&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR1_q40zWZPa8FdjN3LUP_LiT2AK91O6wXPCvxL59wI23ARABIABgnQGCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEsQJP0HW_aFnq_AqYFY4cS4utbwoNmMn50DgplAhGLVwikDRQr6w_Vdb0-VfxXe8gv4OepcH-pRuNZAjDLXf6_BHwKaHQIZMygBrXrJffsZ3f2LDUPPtdl4hyu69gafxHntogVV1DpKx2nevInprBipOQHBguYhXygaEY3Lo8TkNqNaJQkP8LftCKNy-C5iBDoLmZOxP--zYVcZLWJZTELiQirn415Z3_rLTBRpTY58C8U4OkD2pK1Ma-7wt4oTRx6fH02aQ6-r4LHXMN3Qw-R49jL5L7AJi-O4-m_dQY4je6xxfg8S6pVYKbGh75LGq7cbyO7jmNWqbXi2-ONfWf0nZkzz-7IJZISWEECZEH1mz2gkZMbszHZOY8QfwEWcfGrVUhj5nriqByRRPwIVWOPP5Az-AEAYAGtdGJ0_-d29AeoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rMQiWe3Xp9D-wuv4_p0SEM5vuQg%26client%3Dca-pub-5111137191506013%26adurl%3D
Frame ID: 56B22EF72F0760178FA08FE44FD6CBAB
Requests: 9 HTTP requests in this frame

Frame: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C757F4BD23E156F98CF724C39A1051B8
Requests: 11 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZNZM4wAF1UcCrJLEAAfF9CY8Sn_Cer5c1OqT3w&u=%7Cfanwp6LWOW1GeiGNS7IbWp2U%2FkxXRdei%2F7qYtd34CKo%3D%7C&c1=0n2XosTo5cliKCnvh9OE5qMihxmS30GoynTbqg7vybkYL3UpLSdlBjBZjGg_Kp79HT9amFzbVt6MuEexMytrr5b5FrhG7Tr4ez4AQ5_Sf_1p5Glcsg2EKMD418t3onzQqMjYFwRi4MLi0lslqATooV6iuwX0KH0vGVKKFBeoHo1zPK8DgaJ0DusQ1xihC2ueMSc0qhiHFtkw5pSXb0e29CYF7OksFdJuRo0_k2KkBd3oIMsQt1NiYtf9YJC3wG3qdrhi3BzrwY4L0EKh2yf9gw3l8Bt8jqSrsL9NVznUTg7NY0Z8rZh69dHROjijGWyr1TQeZEOrc8r8o2RiP1h-9s3jDDfWaMbndRbUOLc_D9qg8KAfXPBBam0nivEkHPoRgC8aVLfDc6A-CZX4SGwnUxmZzrbYRb0LqRI26xSHh3znDF0s3wtQJBEmy4vaPt1gKILw0rPZ0LyYMrpoEXFgBnQsUR0gk8b7TO-IVIY6Na-LOv52RAETf9ynoUvI_4ZJtFP0nlJWAhgGUdkqSP-8XhHnE70295MkmIQohlAIqvxa_5Z1C6f3dpxjp6HVaGmWsvMRLPWBzvoTNGcto6W1MRdfS4uLbg76JPPEd4YyJd0LkYOfQ2nCAW5Ahdh1_Xz_4KoxIinqj9Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkUw840zWZMeqF8SlssUP9IufiAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEpwJP0H7CKluPodEAREfhOIX515F_T1FhqJLe6q3Y2PdlqSzV2KRCeOJkNAACXJIDrW952u7H4-dQgAIxkuxKEbiTMJTJ18lP7WSq7FNWTGF5uFbvBBjNbTEckZk2roWlBlBbE4sqRNXFih-A1Fs_7Ty0Gin0HK4A3lwGHG0FQ1RH1XMH8YcwPoN0afLVdepSfb1xJXs1RRNSSiHgcdbIEG_e7FeWkAC-fri6SbTvUrMAHcWlPBJEVhnu1-OzcXy6IU9dhdh_D0OhxAsJDwTR2eG8BwbuN4HP_yPjI2bROHBuBia_OWVopsuhkRAJ3Odw-tRChYpnk_Bt0T9y-1d8Zx_yeOCB0ePwjtfMY3ASNaOQ6pCjlFxvUlbqcpeSSq5UzrHJSIVUDUKR4AQBgAa10YnT_53b0B6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nau0s0_QgDL6uvTyrZ6piNMwnEg%26client%3Dca-pub-5111137191506013%26adurl%3D
Frame ID: BF7CC4C09BFF26F0BC1B3095B6BB25FD
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 90049F8E9E70C7DC32FCAB02BC6B956B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mbantul – Travel Wanted

Page URL History Show full URLs

https://link.deimoney.com/4f6E6IcJ6K HTTP 302
https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo... Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

134
Requests

95 %
HTTPS

60 %
IPv6

21
Domains

38
Subdomains

32
IPs

5
Countries

2684 kB
Transfer

5443 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.deimoney.com/4f6E6IcJ6K HTTP 302
https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg== Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.deimoney.com/4f6E6IcJ6K HTTP 302
https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg==

Request Chain 70

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

Request Chain 74

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=iLrL1nwwOUhIdXp4LzFxVEdNWDRTTjJMbEZIazZBaDlSeXBYWGNDMDVobTZ1UUFBeE52TXNsSWlud0dKa2h2UStyTTJpQTVJeHJxUVRBMDEzL2cwZk11eGFaekYwSENqVHpVSzI4b2tRMi9BQXkreVA5YnE0empKNEhvK3pld09MTkhDbURHdlQzWUg5WlhjRnphTDlrbElxYXQyVEdka0g5TFg4MTllOGRnK0wzcWFleEhTR213WFhoNkdzTStrVzErcnJvUkZSYlB5QzNac0Flc3c2c2NZczMxNWc2cEdXOGhzZjRsQ0tLODNGTGdGYmdaMlpsdXlXb1ZoRHFJbHlGU0lPQklaREU2SDNud2hiNnc1ZnYvSUR5dz09fA&cppv=2

Request Chain 117

https://match.adsrvr.org/track/cmf/openx?oxid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a22999b-1252-47b9-93a3-5c9ce6b2eb7b&ttd_puid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0&gdpr_consent=

Request Chain 118

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNZM5MCo8XcAAOEY6kcAAAAA

Request Chain 119

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARk_HHDL6P2Mks8AD7Il-shFMs8AAAGJ5Rxa5g

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECmM9uUiHXgU75FwGU_nz_Q&google_cver=1

134 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
mbantul.my.id/
Redirect Chain

https://link.deimoney.com/4f6E6IcJ6K
https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg==

559 B
857 B

86ms
65ms

Document
text/html

2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7f5158243c489fbc-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 14:59:46 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY5Okk7lkEaK9NNJR1RMSN0SpM1CXJ3wA7lDj4NQUIcbbdJU4gHwDjsYIe0bGGbMyAezf0ayDcZS%2FEZB%2BpVHErWwg6wRMaqdrPbmMqvgfD92w%2B%2FP%2FvZO4UEbmlxuVdOWxp8aiP%2FRmcVUgzE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 14:59:45 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg==
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

POST
H2 200 /
mbantul.my.id/ 1 KB
1 KB 72ms
71ms Document
text/html 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7f515824cd059fbc-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 14:59:46 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tCNs8aql%2Fj64%2BYIbAt0R0lq6msRkvjoWzPCNLMpsei3ZbctwGsPX3wb28oJy4iHRHeSYJxMiDhz7H56Zt4P7wdq8tZ8GbpoojE%2FY%2BQrPZ7GjMkvd3BaRjDrJOrC7OxAWq9sCfXBpG51CQQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

POST
H2 200 Primary Request / Show response
mbantul.my.id/ 130 KB
39 KB 107ms
107ms Document
text/html 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

292ceb6fc2d717b1e985ed84dac053f0b3cbb59c8cc11ece2f2d3ff3256c93e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7f5158255dc89fbc-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 14:59:46 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6fJbUKilbday5cKpDa6HVU%2FK4jmcctpJfLChzz3j1IsYZ0k7Au03rOarDRFtNbFs36Iqw1FuP8msOWrmu4JJNmXoJ%2BZbLRr6%2FfxCRPjE1pwqxWtj%2FSpKNV4%2FczCIifCadFQL7zQ8XJKlao%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
mbantul.my.id/wp-includes/css/dist/block-library/ 102 KB
14 KB 25ms
23ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.3

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217561
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2023 02:33:40 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jtpwlsxm29j1DQxxLr70bKVfsUeA46RI88UBeJouiYZI4iPcj8CToXaNbVAy9%2BcW9bqWOIA%2BWbhxm%2F%2BZwPZNrRJaWaKtKCeyp%2FTmkJqbkooKze%2B8AUwNtaPo4%2BbXI6LMCMO3TnDQzBtQ4Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158260ee79fbc-SIN
expires: Wed, 16 Aug 2023 02:33:45 GMT

GET
H2 200 style.css
mbantul.my.id/wp-content/themes/gridmax/ 88 KB
14 KB 22ms
20ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/style.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447080
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aThJ9EBYRbJeSPzDXpL7ALB8w%2BQQeMBk2eLF1t4zsdCZR3SJPLA61wsw0bGoOd%2BIsSVyyeO8vcHDBZKguF%2BVXjZmdSBtQKMm%2BekFsZAccD%2F5Bx4BC11%2B6zyhgJgRy0a6rwsRJQWrSvODhU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158260eed9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:26 GMT

GET
H2 200 all.min.css
mbantul.my.id/wp-content/themes/gridmax/assets/css/ 56 KB
12 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447080
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FcF9erymAK6z7q8JQoNJnVAOg6D0QRudD9rD5nKLAorYGLySOsvZ2gMxDxqof%2BvRozy4hB7R%2FimC1Li%2BjbfVPUg5PosN8%2Ft2xN6d97oZ%2BEej6f6RQSmNZdZjPmqqZydhbfv%2Fe5cTO0%2FfqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158260eef9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 23ms
10ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 14:59:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Aug 2023 14:59:46 GMT

GET
H2 200 jquery.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 85 KB
31 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217561
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2023 02:33:42 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyOyhLeGoHjQ10dTJ0YLzbRCKaWbpQ9%2BLnUonVkRNU7rPgaT5o81rWRBdeGujep7jPYGjXLaXsMdlCHHtCN7LWMAuj8AL%2BTlOAHWEm60FYNfgkNSM6F1JGOtR%2FnY%2BT3uXKcMSVQD%2FfZ5lz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158260ef09fbc-SIN
expires: Wed, 16 Aug 2023 02:33:45 GMT

GET
H2 200 jquery-migrate.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 13 KB
5 KB 21ms
19ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217561
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2023 02:33:42 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UpXAHmyLk7oZd%2BSFnkQ6znO2ONSaOC%2F1YtSbHddCPEaCUcLaaEILg2yK3UiGYSbaIy3wczV2Vbx8rjqYmkOgkefh0UDBEXokLgattBgFMcWUmxZK4CMTmR7P2%2BqH4zNpgBlvPefCXZGMd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158260ef29fbc-SIN
expires: Wed, 16 Aug 2023 02:33:45 GMT

GET
H2 200 cropped-mbantul.png
mbantul.my.id/wp-content/uploads/2023/05/ 2 KB
3 KB 18ms
17ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/cropped-mbantul.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-length: 2489
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:36:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIsNqXwwsQUC6m%2FoZXIsn%2FKXUSqXHyveg%2FdQ%2B8oinDI%2FHyQRXITs%2F6Vq3EdiKW%2FewNGVz8QfTiAGYwogH0tkkEmd8P200OuXFottfNWcItCVbX6pE%2F7MniFZYORjJNWps%2BartAk%2BW59d4J0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158264fab9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ 3 KB
2 KB 37ms
8ms Script
application/javascript 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:57:50 GMT
content-encoding: gzip
via: 1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 116
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: RGOQzt9mgyeq64c8MIF-VZ9qSTjLZdws_6hh8YLb2hzeCuRgN3e5mA==
expires: Fri, 11 Aug 2023 15:07:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 853 B
879 B 57ms
40ms Script
text/javascript 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5d36bde5c88fa4187ecbcb56443426ddd97251e1026a7456a54180634a563f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 559
x-xss-protection: 1; mode=block
expires: Fri, 11 Aug 2023 14:59:46 GMT

GET
H2 200 output-onlinepngtools-5-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 9 KB
10 KB 89ms
88ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-5-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256899
x-powered-by: Niagahoster
content-length: 9505
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:00 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZcXBgKdKAb9b%2BorCZbPsbADsg%2F1K4dL4XRnuPRYR9iVb7JSuyHlKBK6hcO53wxfEYz3RmBckQ%2Fg9wxa0OdIW4dv7wzLd6t8o45eOVuOIY3HuDGBkl7EEp%2F%2BlxYMRAiuIPxyxaLeMNcvcLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158264fb09fbc-SIN
expires: Tue, 15 Aug 2023 15:38:07 GMT

GET
H2 200 htmlF_IMG_640d1a95251aa-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 73 KB
73 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d1a95251aa-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445903
x-powered-by: Niagahoster
content-length: 74563
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:47 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQevl62rob8aaj4zaE7c63T42Gz7kcGJVYUblsR%2BW0k5o87Eoc9CqQGg001uZZOHvAaN43AlGgSUwDCKoqSBxR4RfTRkT8Sb3Shgblc0Hc4tJezoAcD7t1%2BncW0QmFlf48ZaWwPixogC5%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158260ef59fbc-SIN
expires: Sun, 13 Aug 2023 11:08:03 GMT

GET
H2 200 htmlF_IMG_640d18f0dbf9e-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 84 KB
85 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d18f0dbf9e-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445903
x-powered-by: Niagahoster
content-length: 86224
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLWvCmdq%2FNyRBCFJBv99hu3ceItTcIIAJN0g%2BvCldbg%2FwLGkAT2CB9XdRQ8zyzQ%2Fm%2F8dHyzE6zWCjrGzpl4lbGah%2BWUpNkEYxObAd6a3gERKq3oy598g7U%2FXub4jbRi%2FHR8MnE3slgr2qUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158264fb59fbc-SIN
expires: Sun, 13 Aug 2023 11:08:03 GMT

GET
H2 200 htmlF_IMG_63b5aeca0fad0-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/01/ 107 KB
108 KB 25ms
24ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/01/htmlF_IMG_63b5aeca0fad0-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 220960
x-powered-by: Niagahoster
content-length: 109683
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yawuWFq0Ay1NIac8guiGrqdKeTmExrg4NP%2F93%2BoUZW%2F07A34VgKYTlW1dyAvKBS%2Fr89C6U3xynO5ybtTFSHivfCWOBSjtqQ1pWcp6tZ5YObA9UknfOpj%2BX31JaOFeVMhDcrybDQgXzfc0v4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158264fbc9fbc-SIN
expires: Wed, 16 Aug 2023 01:37:06 GMT

GET
H2 200 ezgif.com-gif-maker-4.gif
mbantul.my.id/wp-content/uploads/2023/05/ 14 KB
14 KB 30ms
29ms Image
image/gif 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/ezgif.com-gif-maker-4.gif

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-length: 14474
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zfhs1kOhoXIbvWVj0ymce%2Fk5TvPmuTNFV3XpyBT7z8zIx2QQk%2B0TX9S2Yz8kGs9QWQ9qJsnEOxlZD0l5IBQ5F28oQxeiQ0RemWYxY%2BAXixug%2FMhvKfdLCXpGPOlgLuRoepFd%2FlMm3IRCh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158264fbe9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 output-onlinepngtools-9-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 10 KB
10 KB 23ms
22ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-9-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-length: 9923
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:27 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBiNqHL6RGx6W%2BiU%2BR0%2BDIK%2Fn0lb2MX02wOiGbTZHLufiqtDb1fSnRSDXvGt4Tg9UBCC5ZjtBrBkbQoPjcCMwwwDgH1CVNVa4MqbeOUC9%2F9NYA1TB3q9zWni3NVc0Rsyi6p0njiBmRqGJo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f5158264fc09fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 jquery.fitvids.min.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 2 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eARNOcQUmAaqgygsZoKrdxpaK97ZUwiL1Aw1Tj%2FrpREbvDLoeTB3lViMRsm633kLnUcNIh5dj%2FusPkjnya6oxLf0udW%2FCKH7cwQLV2GktlFigSwwDOgSsFxiQ1%2FbDi4FvHIfxQik3dUVfL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7f5158263f5d9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 navigation.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 9 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/navigation.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn8At7bdW%2BlAw0N8f48QZAlrY4WuPrRYvRX1PowdMVelK%2BCROiLWbzoLleJOowf6wTvkGZ7mQ9NAXg96ci8RCV6us1gzc%2BNmrmOPPL5w1rugEErkPV227GcmBffyUcoDRtlo2Zc0KnPC%2BG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158264f9b9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 skip-link-focus-fix.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 834 B
686 B 17ms
15ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyUAMA0Q2UhclxyuKrH0SpIvLnKo1WoQHzuGbMnwOaYndI8RizI6qtovUUbHLbwX6wu8xu%2BU%2F%2FzThUPEJ1%2FJ3BeJWYm7XB6n4PL4ld4ifNjQ5dFFFaWPodDjJkYLNenjW2hc5gvx5KlxpuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158264fa19fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 custom.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 6 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/custom.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd6US3hgSs5P76QailgB4B7cN0092zMGnZjnhg%2Fa7jJ6yUgHmhTXl1CPcPgOqJsBAsboZK8iW5rYFRgamf%2BbGu%2BYQSLb0R92C3jqz%2FDVilyx03CM4ZYNo%2B6v53JZz6KrtoX95BBxo0N95fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158264fa49fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 html5shiv.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 10 KB
3 KB 16ms
14ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/html5shiv.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58c8IelVSJb9az3V4Ty%2Fq8uHgRq8cNYYNXlNbeGM74skDISct%2BcdfOxFNDlYkr1NDaUMaO98Az3H8oAoVRlSLSfYqQawjvc4%2FhWVSKfzia0iMWtDMYFNackf5kkmOTlL6p8p9fQ8gLyVrPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f5158264fa89fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
BLOB 200
OK 0a4687d4-a212-49d0-b940-a0935824d21b
https://mbantul.my.id/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mbantul.my.id/0a4687d4-a212-49d0-b940-a0935824d21b
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
21 KB 20ms
7ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 02:45:53 GMT
x-content-type-options: nosniff
age: 44033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 02:45:53 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 25ms
11ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 13:00:46 GMT
x-content-type-options: nosniff
age: 7140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 13:00:46 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2
fonts.gstatic.com/s/dmseriftext/v12/ 24 KB
24 KB 21ms
7ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v12/rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:30:04 GMT
x-content-type-options: nosniff
age: 37782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24520
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:30:04 GMT

GET
H2 200 fa-solid-900.woff2
mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/ 74 KB
74 KB 13ms
13ms Font
font/woff2 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447079
x-powered-by: Niagahoster
content-length: 75728
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2YMzLIKgNsm1FQ9zYA0M64OERHR0rcHv88ZyxbMPMwszKjPORfqmoqTGVmBKLJP6eg9d%2BNhRW%2BzKCsCVOlqT%2BdDKMiGmFPatUMEd7w%2FUaRTr2pfmv2%2F6%2FzVg2dZNuxdfhNujLOK6pdGAGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826880a9fbc-SIN
expires: Sun, 13 Aug 2023 10:48:27 GMT

GET
H2 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:54:44 GMT
x-content-type-options: nosniff
age: 101102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21560
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 10:54:44 GMT

GET
H2 200 htmlF_IMG_63a88155f0de6-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/12/ 87 KB
87 KB 18ms
14ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/12/htmlF_IMG_63a88155f0de6-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445903
x-powered-by: Niagahoster
content-length: 88613
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSfcvSUAID2yN2XcgW5BocAjv3j3nylv1onuk%2BfkC0%2BVQx4N2fojMnu7t9TMJIA6U8AhC99N%2F78869aQOYSv2By4D61LE68NFXNhA0HlaEsj2XaDQ%2Bar4q2LQbHs9DHoI91mVNn5usqZyUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a8229fbc-SIN
expires: Sun, 13 Aug 2023 11:08:03 GMT

GET
H2 200 htmlF_IMG_637a5df9ba5dc-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 14ms
10ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637a5df9ba5dc-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445903
x-powered-by: Niagahoster
content-length: 83210
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNTUlPBNNEdG6JfFpRiehBkc43seI7xbHYwt%2BlLWm7Nkn%2FFRg%2Fy76l5mWhAO6C2xh4zDiTQSB2bpur6OIht7hRdVnvTxR%2BFMUWQn6otsADjGGEO5EYcVqluQkv7t0D3gdCl7Raw%2B2ljYxV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a8259fbc-SIN
expires: Sun, 13 Aug 2023 11:08:03 GMT

GET
H2 200 htmlF_IMG_6377521dc4135-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 62 KB
63 KB 31ms
28ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377521dc4135-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244650
x-powered-by: Niagahoster
content-length: 63746
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOZwzP%2Bfa45Oqzc4prmCL%2F9kIheUYPEcE7v0qoORWvGZMg9ZMma7itDblgfNr28aWjZ%2Fm4nuCoSfW7H8O0K39n2TSTEnLjSUHIob32jMJgLsJvLAWjQeiO%2FxpAlx4Q%2B3i9bWdt5kh5zeBpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a8289fbc-SIN
expires: Tue, 15 Aug 2023 19:02:16 GMT

GET
H2 200 htmlF_IMG_637752093cd90-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 78 KB
78 KB 20ms
17ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637752093cd90-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445903
x-powered-by: Niagahoster
content-length: 79469
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzajNvnmhFr99UqTh5RUVEXOLEsO80xBhFBqVfVAnoFk7Nj6RivI%2Fs8N6%2BExerbdd3lw6jXPUanltFfUOl%2B2X5yU%2Bwbd1mM4lzSnIzSLb0MosMK0A3A5pMBatveKfybIFsBD29ol5HTMEFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a8299fbc-SIN
expires: Sun, 13 Aug 2023 11:08:03 GMT

GET
H2 200 pexels-photo-13593211.jpeg
mbantul.my.id/wp-content/uploads/2022/11/ 34 KB
34 KB 21ms
18ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/pexels-photo-13593211.jpeg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446775
x-powered-by: Niagahoster
content-length: 34306
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:55:01 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4q6Jbm8BqTb0VHvrov1TE08rvpjvBa6b7GUAITKFYL5PU4W6cukfAzzF0XS%2BGWe51vfVF0bjWQjvvbVzyMniJviDf57gdcZbGa%2BOis3kI1cz6GmqWtKqPWYy1aFVxF3snmHOezTHT2Rlwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a82a9fbc-SIN
expires: Sun, 13 Aug 2023 10:53:31 GMT

GET
H2 200 htmlF_IMG_6377514b6f45f-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 27ms
24ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377514b6f45f-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445890
x-powered-by: Niagahoster
content-length: 83351
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNvexx7tD0tBEMQFq9LhEaz7VqtpnixQnEEzowxML4GPPqTKCSQBjh6V0zYKzN7dwdevxoOuy%2BZf7PwkHPyKirBWgEVKgvQMF6VCHXPkpzH42jQ2sVTzXtB7QAdeXyeSkJvLTjRqUeYYwAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a82e9fbc-SIN
expires: Sun, 13 Aug 2023 11:08:16 GMT

GET
H2 200 htmlF_IMG_63775126768fd-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 80 KB
80 KB 24ms
21ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_63775126768fd-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445890
x-powered-by: Niagahoster
content-length: 81955
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szyn%2Fq0AflLHkOsgBLDhLOGAYIfh%2BU6sNAutqOA%2B3bnRBLkebzOD37NnIwEJGmtM%2FhFZY82eeT3lISmoElMS8UdQHt4IOjdlf7KNOa3FO6brLJio%2BJCRghkQZgNoCrwD7ed%2BTvbuFrJm8lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f515826a8349fbc-SIN
expires: Sun, 13 Aug 2023 11:08:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mbantul.my.id/wp-includes/js/ 18 KB
5 KB 25ms
22ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.3

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217497
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 23:23:26 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml8s3EHA8PWAWYKASHt9ivaSbuZt8DkGlyaajoFqedehXWDdw%2FB2kg14VvjxDUYLpnGGvfgFLa7M6QuimP5HANDLnIRY5PQU%2FOBY%2F4oIwZBD3VTLJtn1aOgFxJ0AKVDoLHi3m%2B7qUD8A7jw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7f515826a8359fbc-SIN
expires: Wed, 16 Aug 2023 02:34:49 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 448 KB
179 KB 24ms
5ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa7d777a46619674ed1127a215e4fd9602470172e2f4f38925bbd348ced1e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182763
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 10:51:09 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 95B8 55 KB
31 KB 22ms
22ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=ld0rb8gtbazq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ad7e6ef7af6bbc3b0c46fbff557f61e514e72a3ae03596a4c42a04f7ca033ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z5GPrxsJ61i7tXDDFi0cuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31478
content-security-policy: script-src 'report-sample' 'nonce-z5GPrxsJ61i7tXDDFi0cuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 95B8 55 KB
24 KB 15ms
7ms Stylesheet
text/css 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=ld0rb8gtbazq

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 10:50:19 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 95B8 448 KB
179 KB 14ms
6ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__zh_cn.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa7d777a46619674ed1127a215e4fd9602470172e2f4f38925bbd348ced1e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182763
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 10:51:09 GMT

GET
H2 200 8e606d93-713b-41ab-8a38-28505529c9a1 Show response
compass.adop.cc/RE/ Frame D004 9 KB
4 KB 101ms
98ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 318c34c8885f1ed615ba45b8de1c942ec9e31afa35529764ab28d66815c3fcaf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: gzip
via: 1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3019
x-amz-cf-id: AjHzqbzE29PpOdSLci7GcUOSNBnFR8IaRDk3TgryXiUCeHQle5vhug==

GET
H2 200 ee2791d8-e821-4cfc-aae3-2e1c82f20b9d Show response
compass.adop.cc/RE/ Frame 6670 9 KB
4 KB 98ms
98ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=UItfifFoshwApbsCadfEeFlgiHnikcGR2a3RLczNYZkhYelNKWUVxSnh4WmFVbWo2Zkh4aFVlSmJpUWlwNytaQnB1Z0dCa3RPVGNRcmxFcCtTNmZZWg==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: c53c5a4d720498bbea07932cc462185c707adb2193ca6f9213732adc96a4027f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: gzip
via: 1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3018
x-amz-cf-id: gnJ4a3ebMmCNhnp2Uy56ujAei3kMnJEFKBZPgdmFmG3z8s-cqO_-Ew==

GET
DATA 200
OK truncated
/ Frame 95B8 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 95B8 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 95B8 2 KB
2 KB 6ms
6ms Image
image/png 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:48:41 GMT
x-content-type-options: nosniff
age: 101465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 17 Aug 2023 10:48:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 95B8 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:26:35 GMT
x-content-type-options: nosniff
age: 37991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:26:35 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 95B8 105 B
137 B 9ms
8ms Other
text/javascript 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cadd428fe840895f57dbfbd27c821fb7e52596904c925fd7922743064a7f6da9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=ld0rb8gtbazq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 1; mode=block
expires: Fri, 11 Aug 2023 14:59:46 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 6670 18 KB
8 KB 536ms
175ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 11 Aug 2023 14:59:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11077
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-maa10227-MAA
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6670 84 KB
28 KB 31ms
16ms Script
text/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb75db321d87f452b1faf9656c5b44adf47add2c1eb65cdefb9f778cde5aa02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28363
x-xss-protection: 0
server: cafe
etag: 931 / 19580 / m202308030102 / config-hash: 12276432540543883836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 14:59:46 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame D004 18 KB
8 KB 535ms
175ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 11 Aug 2023 14:59:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11077
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-maa10227-MAA
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D004 84 KB
28 KB 37ms
23ms Script
text/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27e5cf95b8e43d8208d5e7853c6380ba1791383260ac1db64c40952f14effe93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28363
x-xss-protection: 0
server: cafe
etag: 689 / 19580 / m202308030102 / config-hash: 12276432540543883836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 14:59:46 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 33F1 7 KB
1 KB 9ms
8ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad1ce05c12fe035ca10b93e8db9cb2d4064d81d96c1d838d904a98899e90bb20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ud4-CqL1byuFZYj83FMw1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1161
content-security-policy: script-src 'report-sample' 'nonce-Ud4-CqL1byuFZYj83FMw1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 33F1 55 KB
24 KB 5ms
4ms Stylesheet
text/css 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 10:50:19 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 33F1 448 KB
179 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=3kTz7WGoZLQTivI-amNftGZO&k=6LcAN20nAAAAACwcLzyjXwhJeAT_BGTbh0Bh4gRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa7d777a46619674ed1127a215e4fd9602470172e2f4f38925bbd348ced1e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 10:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182763
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 10:51:09 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame 6670 0
140 B 295ms
89ms Image
text/html 2406:da12:fbe:4200:bc16:21c4:c20c:caf1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwODExMTQ1OTQ2IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDgxMTE0NTk0Ni0xNWI0ZGU1ZjlkMjY0NzNjIiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6ImVlMjc5MWQ4LWU4MjEtNGNmYy1hYWUzLTJlMWM4MmYyMGI5ZCIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNS4wLjU3OTAuMTcwIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjA3IiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA4MTExNDU5NDYiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=4ebca61b-8cf8-4b91-b33f-b5424c04a4e4&r=PHHim7O
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:bc16:21c4:c20c:caf1 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ Frame 6670 400 KB
127 KB 22ms
4ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15457
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 10 Aug 2024 10:42:10 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame D004 0
139 B 279ms
90ms Image
text/html 2406:da12:fbe:4200:bc16:21c4:c20c:caf1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwODExMTQ1OTQ2IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDgxMTE0NTk0Ni0xNWI0ZGU1ZjlkMjY0NzNjIiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6IjhlNjA2ZDkzLTcxM2ItNDFhYi04YTM4LTI4NTA1NTI5YzlhMSIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNS4wLjU3OTAuMTcwIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjA3IiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA4MTExNDU5NDYiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=cfaae875-89ad-4624-b24f-4c6727e1192d&r=Kj7QD87
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:bc16:21c4:c20c:caf1 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ Frame D004 400 KB
127 KB 16ms
14ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15457
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 10 Aug 2024 10:42:10 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 6670 732 B
557 B 178ms
174ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 11 Aug 2023 14:59:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13172
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-maa10227-MAA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame 6670 112 KB
26 KB 75ms
41ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: ZWQC73WE1HP8KS8Y
age: 1221
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f51582cdedd40cb-SIN
x-amz-id-2: /au77xSQii4FfSqCfLHHja+QKYU1UnNIONzAQ1bIZpS2kUKEl5S226Auu3SOiSmt6VnoGpIZnZGy6YXocE06hQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame 6670 1 KB
1 KB 319ms
303ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 8743aa8554bce6a53c6a6397d8a1a717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame 6670 38 KB
12 KB 63ms
6ms Script
text/javascript 13.224.249.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-77.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:15:11 GMT
content-encoding: gzip
via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 9877
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: cV0YfnCbtohh8Gri5vTOetpGXijXZSihHB0-5XHcpGhIZDCv7SUIaw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame 6670 2 KB
2 KB 47ms
4ms Script
text/javascript 2600:9000:223b:f200:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:f200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 11 Aug 2023 08:19:25 GMT
Via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 24024
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: yG45dq1OTp0oZ-hMl7KNIraBKml7ow3ZFce8fYRDm526bJYlHRTOQg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame 6670 24 KB
8 KB 23ms
5ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 19:10:18 GMT
content-encoding: gzip
age: 1453769
x-guploader-uploadid: ADPycdsvRflw_eqekxK8jzFhf2OULv6Ab4QZ0WY6fPfSdgSszVxcPPsD7JARej0YAwDQ8m3SRNEEe4vuOV79W9u44vxHtpDLQFO9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 24 Jul 2024 19:10:18 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame 6670 43 KB
13 KB 20ms
7ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Aug 2023 14:59:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6670 35 KB
14 KB 387ms
387ms XHR
text/plain 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2813662435063224&correlator=4233067708224641&eid=31076398%2C31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_300x250-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1691765987306&adxs=650&adys=2104&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=2hdu77hl0scx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=470903099.1691765987&ga_sid=1691765987&ga_hid=1729210271&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY36_xqJ4xSABSAghkEhkKCnB1YmNpZC5vcmcY36_xqJ4xSABSAghkEhcKCHJ0YmhvdXNlGN-v8aieMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjfr_GonjFIAFICCGQSGQoKdWlkYXBpLmNvbRjfr_GonjFIAFICCGQSFAoFb3BlbngY36_xqJ4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjfr_GonjFIAFICCGQ.&dlt=1691765986519&idt=760&adks=2500540231

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b58087423e46b2f214e91c304ae0d41854a27d56a1702227f033fcef16e5c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7A0 6 KB
3 KB 34ms
5ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Sat, 10 Aug 2024 14:59:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame D004 62 KB
23 KB 8ms
8ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2636cca6fd2ffd484e21ad5d3e1b9fab2d89378e756e8945574f8ed0def8131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1050
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23834
x-xss-protection: 0
server: cafe
etag: 8817035236017185747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 15:42:17 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D004 38 KB
15 KB 402ms
400ms XHR
text/plain 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=26414409724089&correlator=4316130773178960&eid=31076923%2C31075148%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1691765987340&adxs=632&adys=116&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=ysj4qmop2d9p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&rumc=26414409724089&rume=1&frm=23&vis=1&psz=336x0&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=689769865.1691765987&ga_sid=1691765987&ga_hid=312484334&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY36_xqJ4xSABSAghkEhkKCnB1YmNpZC5vcmcY36_xqJ4xSABSAghkEhcKCHJ0YmhvdXNlGN-v8aieMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjfr_GonjFIAFICCGQSGQoKdWlkYXBpLmNvbRjfr_GonjFIAFICCGQSFAoFb3BlbngY36_xqJ4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjfr_GonjFIAFICCGQ.&dlt=1691765986510&idt=815&adks=3298229207

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f41347b3d09e028c793b27dff37c6106839e039cd9e0c4a20cbaa07daeefc70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15239
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F44C 6 KB
3 KB 10ms
5ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Sat, 10 Aug 2024 14:59:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/ Frame 6670
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

85 B
202 B

209ms
209ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: d2248fabf061c440fa50bd2386724bcb12a10c1260eb32f89b8bd30f3d4e25ec

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-6aZMoX5WSX57tBZo74Yi/xMuC98"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mbantul.my.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 11 Aug 2023 14:59:47 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://mbantul.my.id
location: /esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D26A 15 KB
6 KB 20ms
7ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 421192
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 6670 235 B
694 B 37ms
22ms XHR
application/json 52.220.12.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.12.162 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-12-162.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e3e865006ba6a76d79b9eeb0886729b5f0a97005f943aa75859f6bf400e12ef8

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache
x-server: 10.42.10.198
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ Frame 6670 0
322 B 507ms
168ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mbantul.my.id
date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame D26A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=iLrL1nwwOUhIdXp4LzFxVEdNWDRTTjJMbEZIazZBaDlSeXBYWGNDMDVobTZ1UUFBeE52TXNsSWlud0dKa2h2UStyTTJpQTVJeHJxUVRBMDEzL2cwZk11eGFaekYwSENqVHpVSzI4b2tRMi9BQXkreVA5YnE0empKNEhvK3...

441 B
657 B

25ms
6ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iLrL1nwwOUhIdXp4LzFxVEdNWDRTTjJMbEZIazZBaDlSeXBYWGNDMDVobTZ1UUFBeE52TXNsSWlud0dKa2h2UStyTTJpQTVJeHJxUVRBMDEzL2cwZk11eGFaekYwSENqVHpVSzI4b2tRMi9BQXkreVA5YnE0empKNEhvK3pld09MTkhDbURHdlQzWUg5WlhjRnphTDlrbElxYXQyVEdka0g5TFg4MTllOGRnK0wzcWFleEhTR213WFhoNkdzTStrVzErcnJvUkZSYlB5QzNac0Flc3c2c2NZczMxNWc2cEdXOGhzZjRsQ0tLODNGTGdGYmdaMlpsdXlXb1ZoRHFJbHlGU0lPQklaREU2SDNud2hiNnc1ZnYvSUR5dz09fA&cppv=2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5525174941143614b9d0afa89bcdf897197eb31ede6d320b326e1ecb7b1b3aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2168280
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=iLrL1nwwOUhIdXp4LzFxVEdNWDRTTjJMbEZIazZBaDlSeXBYWGNDMDVobTZ1UUFBeE52TXNsSWlud0dKa2h2UStyTTJpQTVJeHJxUVRBMDEzL2cwZk11eGFaekYwSENqVHpVSzI4b2tRMi9BQXkreVA5YnE0empKNEhvK3pld09MTkhDbURHdlQzWUg5WlhjRnphTDlrbElxYXQyVEdka0g5TFg4MTllOGRnK0wzcWFleEhTR213WFhoNkdzTStrVzErcnJvUkZSYlB5QzNac0Flc3c2c2NZczMxNWc2cEdXOGhzZjRsQ0tLODNGTGdGYmdaMlpsdXlXb1ZoRHFJbHlGU0lPQklaREU2SDNud2hiNnc1ZnYvSUR5dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 415915
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D004 15 KB
12 KB 25ms
13ms XHR
application/json 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e94d0eac610d8c99cd0abdb21aae42740710dc3e2f2ec11b9d3e07d4d025ad93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11691
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D004 0
349 B 58ms
49ms Image
image/gif 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=mbantul.my.id&doc=complete&pg_h=280&pg_w=336&pg_hs=280&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D004 17 KB
7 KB 20ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 14:59:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73A1 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 101280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 10:51:47 GMT
expires: Fri, 09 Aug 2024 10:51:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D29 831 B
556 B 10ms
10ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3664655d94593fff8060cebdad412a5ca386f67c7ab61db60a0dc385ff9009b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PBcBHdi2QNXfWTZVIFTWVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-PBcBHdi2QNXfWTZVIFTWVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Fri, 11 Aug 2023 14:59:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D29 0
0 45ms
44ms Image
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=26414409724089&rc=null
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 73A1 38 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 02:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 02:42:27 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6670 15 KB
12 KB 14ms
12ms XHR
application/json 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d874d64c1f77a2cf9dc17a325ee07e77411faa03d3b7796d5fefc2e386f048c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11741
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6670 17 KB
6 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 14:59:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 934F 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 101280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 10:51:47 GMT
expires: Fri, 09 Aug 2024 10:51:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0152 831 B
555 B 8ms
7ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f128df111bf5ac205089665a278fa7bd2db5009c33af58d3d5514f7b9d0a4dd6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oZNd29YWU4otVD2rToKlRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-oZNd29YWU4otVD2rToKlRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Fri, 11 Aug 2023 14:59:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 73A1 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ub-74A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0152 0
0 53ms
53ms Image
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=2813662435063224&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 934F 38 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 02:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 02:42:27 GMT

GET
H2 200 container.html Show response
0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D107 6 KB
3 KB 5ms
5ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Sat, 10 Aug 2024 14:59:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 56B2 54 KB
21 KB 28ms
9ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZNZM4wAFXnYAtybYAATcfD4cJuc6W_vE5NkEng&u=%7Cfanwp6LWOW3zsYKnaPv50QSblF9va%2BMnFs7RRw656wM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ud5fiRU0UfH3Y36yURitqwRiXCszE4IMmA9llQ_Xes2qU2a4r4HNlkvtg--F4tRVoAXfYhIl94JM530Vj9L24BdDB9KKZu6VbilVQ5NWPZj1exteyAVpawXOB84MXRFURev9JGItvgJ4DbSAbp3TSteSuw8vOSJZvhkGQ3JvvE0J-RaCMXKERFSnlplllkcgQj4hDeSpJeL7RdrKFN91NfLXxSRcPaUK7J3YEIjRj0yVWMBX1KQkKBh44rbyclXWyyQJsGuGjX6G7khGKWYVejtjwVvE3Qd2PMLrmSclDCQ26Cui4S1MrCehJzWNfvRLrThgW1mbc3OO-iEaR5YLuu-2cuEqZXEGMB4xIFKpB7vAOqI2SedWus1BxiPp7I7bzqUrBpnaUnTDCVvpFFsFfzFP7e70ZLoJwk6xiziW0EKaM5318IEHP9ghievkd_Cgu9m_nf7K3GwGg2v1gS9wc4RyDd85HiWyhzhZUGGpa32sqmonl_x9StuLG0gJTueymdY_B8O_IwuCoiI8y7f_7shPAOLEkAU14uhfEvyaoPsad-byJSAI3p4SJrPvMmb_nWimC2Z7KJpRMUNJIzNnxZXFpEAalv29R&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR1_q40zWZPa8FdjN3LUP_LiT2AK91O6wXPCvxL59wI23ARABIABgnQGCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEsQJP0HW_aFnq_AqYFY4cS4utbwoNmMn50DgplAhGLVwikDRQr6w_Vdb0-VfxXe8gv4OepcH-pRuNZAjDLXf6_BHwKaHQIZMygBrXrJffsZ3f2LDUPPtdl4hyu69gafxHntogVV1DpKx2nevInprBipOQHBguYhXygaEY3Lo8TkNqNaJQkP8LftCKNy-C5iBDoLmZOxP--zYVcZLWJZTELiQirn415Z3_rLTBRpTY58C8U4OkD2pK1Ma-7wt4oTRx6fH02aQ6-r4LHXMN3Qw-R49jL5L7AJi-O4-m_dQY4je6xxfg8S6pVYKbGh75LGq7cbyO7jmNWqbXi2-ONfWf0nZkzz-7IJZISWEECZEH1mz2gkZMbszHZOY8QfwEWcfGrVUhj5nriqByRRPwIVWOPP5Az-AEAYAGtdGJ0_-d29AeoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rMQiWe3Xp9D-wuv4_p0SEM5vuQg%26client%3Dca-pub-5111137191506013%26adurl%3D

Requested by

Host: 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com
URL: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

fcaccc2480a08f03bdb012a64e5149acb0ecb817e9b5e4c9ea728f8b9c0bb71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=y-hFzweez5UzMrRau6xQnbnExr87ZBUUffWjyNPlTrNkRrDvu1o9W6N4qKF0xx8xBJASptf3FO9lOnai1j2I6mX2g9WMbvopm35txLa68kN-SYXqRiWqErhZN1a-fbz4uY5jse_ZoAjCZyMPILddMwDyYHjVDXVdMfzEIies3iAmYU6ehxzC5vuF4joECnz8-8ISeE2GL48g7MQt7PiP8KToxM7EYQRjDh73u_xMqqEpKJgmdR8J3gMvRqW8jjmRQ_GbrA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4715619
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D107 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com
URL: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 10:59:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D107 20 KB
8 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com
URL: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:57:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 10:57:11 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D107 24 KB
6 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com
URL: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Aug 2024 07:22:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D107 179 KB
57 KB 154ms
152ms Script
text/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com
URL: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 14:59:47 GMT

GET
H3 200 container.html Show response
57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C757 6 KB
3 KB 5ms
5ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Sat, 10 Aug 2024 14:59:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 56B2 2 KB
1 KB 5ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZNZM4wAFXnYAtybYAATcfD4cJuc6W_vE5NkEng&u=%7Cfanwp6LWOW3zsYKnaPv50QSblF9va%2BMnFs7RRw656wM%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ud5fiRU0UfH3Y36yURitqwRiXCszE4IMmA9llQ_Xes2qU2a4r4HNlkvtg--F4tRVoAXfYhIl94JM530Vj9L24BdDB9KKZu6VbilVQ5NWPZj1exteyAVpawXOB84MXRFURev9JGItvgJ4DbSAbp3TSteSuw8vOSJZvhkGQ3JvvE0J-RaCMXKERFSnlplllkcgQj4hDeSpJeL7RdrKFN91NfLXxSRcPaUK7J3YEIjRj0yVWMBX1KQkKBh44rbyclXWyyQJsGuGjX6G7khGKWYVejtjwVvE3Qd2PMLrmSclDCQ26Cui4S1MrCehJzWNfvRLrThgW1mbc3OO-iEaR5YLuu-2cuEqZXEGMB4xIFKpB7vAOqI2SedWus1BxiPp7I7bzqUrBpnaUnTDCVvpFFsFfzFP7e70ZLoJwk6xiziW0EKaM5318IEHP9ghievkd_Cgu9m_nf7K3GwGg2v1gS9wc4RyDd85HiWyhzhZUGGpa32sqmonl_x9StuLG0gJTueymdY_B8O_IwuCoiI8y7f_7shPAOLEkAU14uhfEvyaoPsad-byJSAI3p4SJrPvMmb_nWimC2Z7KJpRMUNJIzNnxZXFpEAalv29R&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR1_q40zWZPa8FdjN3LUP_LiT2AK91O6wXPCvxL59wI23ARABIABgnQGCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEsQJP0HW_aFnq_AqYFY4cS4utbwoNmMn50DgplAhGLVwikDRQr6w_Vdb0-VfxXe8gv4OepcH-pRuNZAjDLXf6_BHwKaHQIZMygBrXrJffsZ3f2LDUPPtdl4hyu69gafxHntogVV1DpKx2nevInprBipOQHBguYhXygaEY3Lo8TkNqNaJQkP8LftCKNy-C5iBDoLmZOxP--zYVcZLWJZTELiQirn415Z3_rLTBRpTY58C8U4OkD2pK1Ma-7wt4oTRx6fH02aQ6-r4LHXMN3Qw-R49jL5L7AJi-O4-m_dQY4je6xxfg8S6pVYKbGh75LGq7cbyO7jmNWqbXi2-ONfWf0nZkzz-7IJZISWEECZEH1mz2gkZMbszHZOY8QfwEWcfGrVUhj5nriqByRRPwIVWOPP5Az-AEAYAGtdGJ0_-d29AeoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rMQiWe3Xp9D-wuv4_p0SEM5vuQg%26client%3Dca-pub-5111137191506013%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 56B2 2 KB
1 KB 4ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 56B2 308 B
636 B 12ms
11ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 56B2 293 B
621 B 13ms
12ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 56B2 43 B
348 B 22ms
6ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=hCVsIdfFtb2RhbTUppcwNzUd8_mcVRq2JRILDlPWJi7h9VPBXnC81dua45Pi7uVaVJdq2EG-KDSMJpUoOmPHH8cKqr8AerEcqtzlZ5hBJpKgxVpryu8Ld-b0Yqa5V80QabLdT44tKGK-9n5E4lxt5EBu2CKIdbeK6y3_NRN2jh015t0aZmwpb1fhQh-59JrbIYxtH6fpAIBYoEYamut_HA7hLwKCuzHsxOdHieKK88bh0zmWCzqo9E3zoAC4geQPDP5C3ewRGFSDZ5VpSwXFvSBHS6Q_10iI_EzVWWnEYBhUry0ic9fUIBOXr0Pu9JIF4DcqkH62g-CY_jP_qx_fsbDGQ-iNPtwvd97hfUs0G2dmdYbMksdUnojlw8AFkzTCa0EUsXnz7RCbSEjoaqIWr2ndYndB56p5-YHhB01k4d82r9k9VikMDJ1q3J4Wk18oYRoRes1I0R89iFdZdq4-3qfO0YQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2276566
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 d43baa8f15f54cacbddaa737b616a700_image_ad_300x250.png
static.criteo.net/design/dt/87969/230228/ Frame 56B2 72 KB
72 KB 7ms
6ms Image
image/png 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/87969/230228/d43baa8f15f54cacbddaa737b616a700_image_ad_300x250.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e6ee9369b125c6e19411797a037a7d86423b868e818bb11228f0c34b5597a94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 28 Feb 2023 07:50:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63fdb25e-1203f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 73791
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame BF7C 52 KB
20 KB 11ms
10ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZNZM4wAF1UcCrJLEAAfF9CY8Sn_Cer5c1OqT3w&u=%7Cfanwp6LWOW1GeiGNS7IbWp2U%2FkxXRdei%2F7qYtd34CKo%3D%7C&c1=0n2XosTo5cliKCnvh9OE5qMihxmS30GoynTbqg7vybkYL3UpLSdlBjBZjGg_Kp79HT9amFzbVt6MuEexMytrr5b5FrhG7Tr4ez4AQ5_Sf_1p5Glcsg2EKMD418t3onzQqMjYFwRi4MLi0lslqATooV6iuwX0KH0vGVKKFBeoHo1zPK8DgaJ0DusQ1xihC2ueMSc0qhiHFtkw5pSXb0e29CYF7OksFdJuRo0_k2KkBd3oIMsQt1NiYtf9YJC3wG3qdrhi3BzrwY4L0EKh2yf9gw3l8Bt8jqSrsL9NVznUTg7NY0Z8rZh69dHROjijGWyr1TQeZEOrc8r8o2RiP1h-9s3jDDfWaMbndRbUOLc_D9qg8KAfXPBBam0nivEkHPoRgC8aVLfDc6A-CZX4SGwnUxmZzrbYRb0LqRI26xSHh3znDF0s3wtQJBEmy4vaPt1gKILw0rPZ0LyYMrpoEXFgBnQsUR0gk8b7TO-IVIY6Na-LOv52RAETf9ynoUvI_4ZJtFP0nlJWAhgGUdkqSP-8XhHnE70295MkmIQohlAIqvxa_5Z1C6f3dpxjp6HVaGmWsvMRLPWBzvoTNGcto6W1MRdfS4uLbg76JPPEd4YyJd0LkYOfQ2nCAW5Ahdh1_Xz_4KoxIinqj9Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkUw840zWZMeqF8SlssUP9IufiAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEpwJP0H7CKluPodEAREfhOIX515F_T1FhqJLe6q3Y2PdlqSzV2KRCeOJkNAACXJIDrW952u7H4-dQgAIxkuxKEbiTMJTJ18lP7WSq7FNWTGF5uFbvBBjNbTEckZk2roWlBlBbE4sqRNXFih-A1Fs_7Ty0Gin0HK4A3lwGHG0FQ1RH1XMH8YcwPoN0afLVdepSfb1xJXs1RRNSSiHgcdbIEG_e7FeWkAC-fri6SbTvUrMAHcWlPBJEVhnu1-OzcXy6IU9dhdh_D0OhxAsJDwTR2eG8BwbuN4HP_yPjI2bROHBuBia_OWVopsuhkRAJ3Odw-tRChYpnk_Bt0T9y-1d8Zx_yeOCB0ePwjtfMY3ASNaOQ6pCjlFxvUlbqcpeSSq5UzrHJSIVUDUKR4AQBgAa10YnT_53b0B6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nau0s0_QgDL6uvTyrZ6piNMwnEg%26client%3Dca-pub-5111137191506013%26adurl%3D

Requested by

Host: 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
URL: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

be02ce4a0bce594fd274376adff6dcae5cca7d913c51e1b9615f89b7ad0136de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 14:59:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=NXxGfAeez5UzMrRaTrR9gC3CeH7J1Og6E12moMlqVob6pC7IQMNBLcxHVT41fiuOYThItgHgucPCV6l0o1vvrqyWTL68d-e4bKEfXe17Px5Imnuf69rsl9W6VWdHPo6QGNC8PWjCLz5Umop5oSoKcX0xGqF7KLT0yOoxXoX_NgjaKHD2sT73ClXP9xIffEEr8l1SU55TdCk5i7ui4O7AYUutcvrfvdqaZpqqGeXp_7pNcPitFlF-J_EAapTFhH_r4uprNA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3668111
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame C757 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
URL: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 10:59:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame C757 20 KB
8 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
URL: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:57:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 10:57:11 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C757 24 KB
6 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
URL: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Aug 2024 07:22:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C757 179 KB
56 KB 51ms
51ms Script
text/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
URL: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 14:59:47 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 56B2 0
128 B 21ms
3ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=y-hFzweez5UzMrRau6xQnbnExr87ZBUUffWjyNPlTrNkRrDvu1o9W6N4qKF0xx8xBJASptf3FO9lOnai1j2I6mX2g9WMbvopm35txLa68kN-SYXqRiWqErhZN1a-fbz4uY5jse_ZoAjCZyMPILddMwDyYHjVDXVdMfzEIies3iAmYU6ehxzC5vuF4joECnz8-8ISeE2GL48g7MQt7PiP8KToxM7EYQRjDh73u_xMqqEpKJgmdR8J3gMvRqW8jjmRQ_GbrA&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 14:59:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 56B2 2 KB
1 KB 4ms
2ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9004 484 B
726 B 23ms
9ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 34a46ee71ff3fb9c16ea37cd9ac75f20b8d3a4c54afcc94e607322c53cc26e1c

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Fri, 11 Aug 2023 14:59:47 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BF7C 2 KB
1 KB 6ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZNZM4wAF1UcCrJLEAAfF9CY8Sn_Cer5c1OqT3w&u=%7Cfanwp6LWOW1GeiGNS7IbWp2U%2FkxXRdei%2F7qYtd34CKo%3D%7C&c1=0n2XosTo5cliKCnvh9OE5qMihxmS30GoynTbqg7vybkYL3UpLSdlBjBZjGg_Kp79HT9amFzbVt6MuEexMytrr5b5FrhG7Tr4ez4AQ5_Sf_1p5Glcsg2EKMD418t3onzQqMjYFwRi4MLi0lslqATooV6iuwX0KH0vGVKKFBeoHo1zPK8DgaJ0DusQ1xihC2ueMSc0qhiHFtkw5pSXb0e29CYF7OksFdJuRo0_k2KkBd3oIMsQt1NiYtf9YJC3wG3qdrhi3BzrwY4L0EKh2yf9gw3l8Bt8jqSrsL9NVznUTg7NY0Z8rZh69dHROjijGWyr1TQeZEOrc8r8o2RiP1h-9s3jDDfWaMbndRbUOLc_D9qg8KAfXPBBam0nivEkHPoRgC8aVLfDc6A-CZX4SGwnUxmZzrbYRb0LqRI26xSHh3znDF0s3wtQJBEmy4vaPt1gKILw0rPZ0LyYMrpoEXFgBnQsUR0gk8b7TO-IVIY6Na-LOv52RAETf9ynoUvI_4ZJtFP0nlJWAhgGUdkqSP-8XhHnE70295MkmIQohlAIqvxa_5Z1C6f3dpxjp6HVaGmWsvMRLPWBzvoTNGcto6W1MRdfS4uLbg76JPPEd4YyJd0LkYOfQ2nCAW5Ahdh1_Xz_4KoxIinqj9Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkUw840zWZMeqF8SlssUP9IufiAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEpwJP0H7CKluPodEAREfhOIX515F_T1FhqJLe6q3Y2PdlqSzV2KRCeOJkNAACXJIDrW952u7H4-dQgAIxkuxKEbiTMJTJ18lP7WSq7FNWTGF5uFbvBBjNbTEckZk2roWlBlBbE4sqRNXFih-A1Fs_7Ty0Gin0HK4A3lwGHG0FQ1RH1XMH8YcwPoN0afLVdepSfb1xJXs1RRNSSiHgcdbIEG_e7FeWkAC-fri6SbTvUrMAHcWlPBJEVhnu1-OzcXy6IU9dhdh_D0OhxAsJDwTR2eG8BwbuN4HP_yPjI2bROHBuBia_OWVopsuhkRAJ3Odw-tRChYpnk_Bt0T9y-1d8Zx_yeOCB0ePwjtfMY3ASNaOQ6pCjlFxvUlbqcpeSSq5UzrHJSIVUDUKR4AQBgAa10YnT_53b0B6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nau0s0_QgDL6uvTyrZ6piNMwnEg%26client%3Dca-pub-5111137191506013%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame BF7C 2 KB
1 KB 6ms
6ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BF7C 308 B
636 B 4ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BF7C 293 B
621 B 8ms
8ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame BF7C 43 B
347 B 9ms
8ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=K5KDV2vKUi5pEmDDHis5012H40PSqaqkbWytwkE6qQcn_ph02RHou2orSeMpNU9Y8w9v_Buc1rCgDxXywjju-WId-oHTJ1Wmz-YFSg3Low7Xhqp1zDIRJYKk2GXxz8IndBlHPp76ZEPKBTwnGSjPZnGzeSdUyIRzFU0lNIeLbBMrUBZE0AyEowDarF2aAoA2WRbcsUXFTuxbZF7MNuvUniUNyqsFMzwMr8sqv0RIvfA_3bjdOTihW5X4eaqijeiTevuRnu4fRONHlM5iVo9N9zwpHbhFJvKNt2x8SMHIeEN6fIUPbQDr4TNz7QsY_3Ep0Jlxp5Qg_Bv47Cm9Ova5lAYgXq62q16FWQHkkElGyIoYOXe1_hm_L6MlDYzdFTMuHvqClO_gdeQkf9Mx0_F-3A1-SP-blEiq4jMSiZUDbHaU4t-OrNuIB6xyrc67g_tfS3decLDd-t84tpBPSFhQMKPs2nA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3311244
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 824975ebcc4a4cb095f2bcae798bcb78_image_ad_336x280.png
static.criteo.net/design/dt/87969/230228/ Frame BF7C 91 KB
91 KB 5ms
5ms Image
image/png 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/87969/230228/824975ebcc4a4cb095f2bcae798bcb78_image_ad_336x280.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8f9093e7e9fd452b0e872e01c404ffdf2721f59fc1ec3da3a8ac083950499e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 28 Feb 2023 07:50:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63fdb25e-16a2b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 92715
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
DATA 200
OK truncated
/ Frame D107 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecc8d5005896fbdc5671b7733527690cf89616fd0f0b96f61b8f47abd29a8fe9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9004
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a22999b-1252-47b9-93a3-5c9ce6b2eb7b&ttd_puid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0&gdpr_consent=

43 B
240 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a22999b-1252-47b9-93a3-5c9ce6b2eb7b&ttd_puid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a22999b-1252-47b9-93a3-5c9ce6b2eb7b&ttd_puid=5e0878f4-a303-7c0e-d967-e30c9f0cd166&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 9004
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNZM5MCo8XcAAOEY6kcAAAAA

43 B
97 B

8ms
8ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNZM5MCo8XcAAOEY6kcAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 11 Aug 2023 14:59:48 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.207","key":"ZNZM5MCo8XcAAOEY6kcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40288"}
X-SO-Key: ZNZM5MCo8XcAAOEY6kcAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40288
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNZM5MCo8XcAAOEY6kcAAAAA
Cache-Control: private
X-SO-HostName: a-ad40288.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp
X-SO-IP: 103.254.153.207

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 9004
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARk_HHDL6P2Mks8AD7Il-shFMs8AAAGJ5Rxa5g

43 B
97 B

10ms
7ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARk_HHDL6P2Mks8AD7Il-shFMs8AAAGJ5Rxa5g
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
via: 1.1 2e4ea5ed710a1104b183ead6b210a514.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARk_HHDL6P2Mks8AD7Il-shFMs8AAAGJ5Rxa5g
cache-control: no-cache
content-length: 0
x-amz-cf-id: G-OsS8DomZMVzWvcKieyLGAWFjL-T4KEO9qR0xdO31BIOe-Om7A1zg==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9004 170 B
409 B 23ms
8ms Image
image/png 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzI2N2FiM2UtNmE3NC0yMmFhLWNjODctYjliNTU1ZWUxZjA2

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9004
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECmM9uUiHXgU75FwGU_nz_Q&google_cver=1

43 B
171 B

9ms
7ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECmM9uUiHXgU75FwGU_nz_Q&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECmM9uUiHXgU75FwGU_nz_Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame BF7C 0
127 B 14ms
14ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=NXxGfAeez5UzMrRaTrR9gC3CeH7J1Og6E12moMlqVob6pC7IQMNBLcxHVT41fiuOYThItgHgucPCV6l0o1vvrqyWTL68d-e4bKEfXe17Px5Imnuf69rsl9W6VWdHPo6QGNC8PWjCLz5Umop5oSoKcX0xGqF7KLT0yOoxXoX_NgjaKHD2sT73ClXP9xIffEEr8l1SU55TdCk5i7ui4O7AYUutcvrfvdqaZpqqGeXp_7pNcPitFlF-J_EAapTFhH_r4uprNA&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 14:59:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BF7C 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 14:59:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 934F 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_oF5Lw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame C757 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb5b1d6c45addb5c6c67144219f2a687183b8a72649556ccfc03e25b83f56891

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D107 0
0 65ms
64ms Image
text/html 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CV0fd40zWZPa8FdjN3LUP_LiT2AK91O6wXPCvxL59wI23ARABIABgnQGCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoErgJP0HW_aFnq_AqYFY4cS4utbwoNmMn50DgplAhGLVwikDRQr6w_Vdb0-VfxXe8gv4OepcH-pRuNZAjDLXf6_BHwKaHQIZMygBrXrJffsZ3f2LDUPPtdl4hyu69gafxHntogVV1DpKx2nevInprBipOQHBguYhXygaEY3Lo8TkNqNaJQkP8LftCKNy-C5iBDoLmZOxP--zYVcZLWJZTELiQirn415Z3_rLTBRpTY58C8U4OkD2pK1Ma-7wt4oTRx6fH02aQ6-r4LHXMN3Qw-R49jL5L7AJi-O4-m_dQY4je6xxfg8S6pVYKbGh75LGq7cbyO7jmNWqbXi2-ONfWf0nZkzz-7IJZISWFGC7CVV6db7LzhE30XS1PEC-sOrM7otcWGR7ZeeB9saQtzz-DgxuAEAYAGtdGJ0_-d29AeoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01MTExMTM3MTkxNTA2MDEzGNHUIg&sigh=0bkQp7axqHk&uach_m=[UACH]&cid=CAQSTABpAlJWY3O0_QRicYmV-IicSKPgqkjygk7dSg9kfdJ0pGnAR48FsBVwB-BgEOYFyrvoQLvBIi36M4RQooxuy-jOTuWlaexSbixxNZsYAQ&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame D107 0
126 B 520ms
171ms Image
text/plain 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kN7HFdj-BqwC-gHgvNldAgAAAIXwaQj0k2FkEOJM1mQS3I3p1zu8Dpg6AAASAAAKCkFRVUJEUUVCRFE&wp=ZNZM4wAFXnYAtybYAATcfD4cJuc6W_vE5NkEng&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:48 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158999
server: Kestrel
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C757 0
0 63ms
63ms Image
text/html 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvXRg40zWZMeqF8SlssUP9IufiAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAcgDAqoEpAJP0H7CKluPodEAREfhOIX515F_T1FhqJLe6q3Y2PdlqSzV2KRCeOJkNAACXJIDrW952u7H4-dQgAIxkuxKEbiTMJTJ18lP7WSq7FNWTGF5uFbvBBjNbTEckZk2roWlBlBbE4sqRNXFih-A1Fs_7Ty0Gin0HK4A3lwGHG0FQ1RH1XMH8YcwPoN0afLVdepSfb1xJXs1RRNSSiHgcdbIEG_e7FeWkAC-fri6SbTvUrMAHcWlPBJEVhnu1-OzcXy6IU9dhdh_D0OhxAsJDwTR2eG8BwbuN4HP_yPjI2bROHBuBia_OWVopsuhkRAJ3Odw-tRChYpnk_Bt0T9y-1d8Z13wWXIAGk6edHqx0qA9gFva_ZpWnXJ3wvEiXSJg9bB41jIn_euu4AQBgAa10YnT_53b0B6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxMTExMzcxOTE1MDYwMTMY0dQi&sigh=XkVA8NFu8hQ&uach_m=[UACH]&cid=CAQSSwBpAlJWreuGMFuaNltivxJEhCu97wXWv0Mxu1fRToqDuTVj30y-Xqm4o_97iJJYyFt4DQE7xmr6hL3eUlRgfJ6gJ9t5MXhg2OW_0RgB&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame C757 0
125 B 575ms
228ms Image
text/plain 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kN7HFYjIC9ACmALgvNldAgAAAIXwaQj0k2FkEOJM1mRf6v2ry-RGzi0qAAASAAAKCkFRVUJEUUVCRFE&wp=ZNZM4wAF1UcCrJLEAAfF9CY8Sn_Cer5c1OqT3w&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:59:48 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 117040
server: Kestrel
content-length: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame C757 62 KB
23 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
URL: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2636cca6fd2ffd484e21ad5d3e1b9fab2d89378e756e8945574f8ed0def8131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23834
x-xss-protection: 0
server: cafe
etag: 8817035236017185747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 15:42:17 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C757 0
234 B 60ms
49ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ll6pserg&chm=1&c=26414409724089&ctx=2&qqid=CIeo4rXv1IADFcSSrAId9MUHQQ&met.4=fb.1o~lb.3z~ol.6n~idt.ai~dt.-c5&met.3=492.1q_1~492.1r~733.59~748.5k~749.5l~742.59_g~736.62~735.6c_1~740.6l~739.6m~738.6m~113.70_3~112.70_4&met.1=1.ll6psekh~6.0~7.0~8.0~9.0~10.0~11.0~12.1~13.6~14.6~15.u~16.6l~17.6l~18.6m~19.6m~20.6m~21.6n~22.5c~23.5c&met.7=CBsQCBgBMAc47wFoAXAGeIkXgAHdFIgBkjCwAQG4AQM~CBsQBSA_OI4B~CB4QChgBIEEoQTBGOAVoQXBFeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIEEoQTBIOAdoQ3BGePJCgAHGQIgBvZwBsAEBuAED~CBEQChgBIEIoQjBJOAdoQ3BIeK40gAGCMogBi70BsAEBuAED~CE0QChgBIEIoQjB7ODloQ3B2eKrDA4AB_sADiAGdmwuwAQG4AQM~CCgQChgBIPEBKPEBMPcBOAZo8QFw9QF4xrwBgAGaugGIAe_yA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D004 0
0 53ms
53ms Image
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=26414409724089&bg=!BAelB1PNAAaiGN5Pghg7ADkAdvg8WkVrU2wMbEs6lgFTzFfkF21wbId_x7PrZyzwZb8wYl4kzv-hzLRjUSl-ep3qAm5GzC_TV2ACAAAAVFIAAAAHaAEHmQLVXZhpOSw_5rRhWfY1QhhWNjPAUDGKEb_Fawer727TOH8M1oeymzjebyGKCLsOHGOLzgyULfE-K_sN14F6l4aEjG4qV2A-HaiCNv0XINUsAgKIygMuph2X_jpTjDcsyyQ9pI2OrIDuolNmoZFPEF586aqrP1ZRdmqacHMkkK9R8Z2DH36ylJV6hVFPtmhd3gLyrGSLjwMZjwdwhXNWLyI7O25dyGd1zTJdyyYXFGvKF345v1b9ayWESpGjQE7bc1bn-dxoHDOeTFJCQT2XTKrqSRhGbpqiylj-RjWE69o6lQV1AEzwMnYRnJiNJOzwYFRZ0Kzs-kaIoTUb8_I93otDrDTc2LGn7KEqCnPPsfANtWzYoUMgdHjTw-l0f329FJcv75wp9YByWc79rLQI8X7umZrDgM5BWNMot9YiYkZIatHoO8WarcJLJNGARCeiUlvMfBFcITrrLTA5NHY4c-9hnsNIiNaKKGQgmF391IffTXnlQo2_UcS0oFAPF3T0qnAR9lRkZl9MvcW5gRb8EcZvt3JVkX0U8zb8DPqqV-M3If6rpo8jujbvYrUT0RlVvStkDMJwmNrYlEeM7EqWcijk_yCiFiOUtvWO0xW0-ZZ4shEpbiMOibEgCD3zroUP3gOWS6nSCI2-w4jF1KX-GxXXQfWlN-WWACK_-BXMr33jXYSNvml5M2e9mbz4V8klKobDCKl03UF36VAZ85mQs_NmNaKEJ9lf_4vFpVZQoArBmutt1U4WCWOI5apMkrN5Iwg4jt4DbnLBCf0PxP19uFUAglivr3po0zogd0RPY06nwkfRH2HY5IVC6Rcs6zIDFVgDgji15EI4PBktGFU0JA7Y-oaw9xlzsNlqOtOPHwBibPyeKOCNpnooT3Be6eiBPKhMMq3Q_58lD8H7O1n_OeW2p03V6GkbBIxqKOCp0K-DywM5sAnt1PvpnoKPeGGheNydooCI8UA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6670 0
0 52ms
51ms Image
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=2813662435063224&bg=!g4ClgNTNAAaiGN5Pghg7ADkAdvg8Wi_9t8YiOErvLyMCN8nIPu_rk-hWs_xatzLaW_xYfKhLAcalGC9Q8eLgF4Jm5UzIHdJACsUCAAABCFIAAAAGaAEHCgB_TlHBIFp_eo8-prNt8qT4jeieWh-DHKsudAtbalD9_HW4Qr4a-dkevxAhvrNbFUL-EnjS8KcOKWuVas8mMqb4R0QxayJvSt5pOeRhJt7gI6K660TgIYSYaFQ-kCCwiZJK1M6bI1zdLfwNrFx-Ow7LgfRxqBnkV0xg2LdFq4D8NZkC330HwJgzb7x9q1bzWInw5_pORxs1YJ7_Xkg0llyyyncOTzyvFV8ItbmZLscJXJn7HY1qB3ntq3hhvG1drirKcD40U9MhF6kjmuB109Pt-En4KmalXvifhkucHKDq8ea0961X_NhkYwmSMbZX5AAlemb3Ko1l6lwtd1_S2TfDWJlQu1El6bIzRJLfUJRIYWgZVUU6izQpnU7Z0QC9a-MgeeNYHeyTUqQnmzQPSKkRy4xQiXfUinRoJwOYjhwWPzaV2pGWfMw16gWe443XUixhbE4I5O5c89z40-coDbioSlKlwkJbIFsUJu6QRzkIvFtZ_ymPBaBEWtJn6ZsHLCpFK34oQMjDYyTHp4vtlMMEvW_kAEcVkw6j9MAt80i850kOpy48ynOTaIcNNjW6lyoPbBt93A8_8GtgMudwowdy4vJc4wrRE8e0X5cN0olcDtpetVUaI31NT7aRKUxTdawBz9xH61zutm3xX1ayq9gd75WNSjDk5ZBEj2bWTC2VT1cWC01d-07bwRCIWslK_6Z40Ev1n99cxCkodbQddfTXqSR9ygdT_TGFamajsKt-OAaf24Y9EoKIDx1C3E7UZ7NFRApleuo9Z--Fxqmsy1pryOyq4ruc1uGPUgONgvBpO9Y2EvyV_f4i06msg8fvskuRrXRpSFiVaLod0xP9r1E-c_s_ltLDd7tp8NV5gnTdKZPF9n-1SuU7NgFadXufw1Va23cW7RYq77VnUHhovzDL4IbFRxWKc4Tkak_S0ysezYN6f3z0f46X26f8Kd6WCRiUyejjytJewZ4_XW4sIQ1Z77JwJKNIDd-ycnx3CCT_oMLX9Ojjl23pSqbBzDeGO3YGZTzneW29yBd0oKda2wiQqZcurksy0Xekhy_26a9Ma0IODRybMCDZM77OEqOX2DyIavoX6b3U65SfHfjT8YsL4iN7Q6brZXBytV4AhOc9agJV_wqyW7lawMcFLbbNDexzMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame D004 0
54 B 54ms
53ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ll6pse8z&c=26414409724089&e=31076923%2C31061691%2C31061692&ctx=1&met.9=1.kg~2.mn~9.0~3_1.n6~7_1.0~4_1.yo~5_1.z4~6_1.15v&met.10=1_1.CAAQABiAmHUgxQYoAQ&met.3=112.np_1~113.s2_2~416.13g~413.15j~415.15u&met.1=1.ll6psdla~14.0~15.0~16.0~17.0~18.0~19.1~20.1~21.1&qqid.1=CIeo4rXv1IADFcSSrAId9MUHQQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame BF7C 0
127 B 4ms
3ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 14:59:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C757 42 B
64 B 52ms
52ms Fetch
image/gif 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTI3iqsFJgW6YG7XWMQxezu1AwrKcLBcD-vTrF-wOwLnzomu56kx2v_QUYOK5QwaLDQeFDmAAj2lgxTrtTCjA2ouBeNoimFBRRa2E&sig=Cg0ArKJSzIOS5f8V7MswEAE&id=lidar2&mcvt=1000&p=116,632,396,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3298229207&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691765987777&rpt=201&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 14:59:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
compass.adop.cc/	1970-01-20 13:56:38	Name: ADOP_P_U Value: https%3A%2F%2Fmbantul.my.id%2F
compass.adop.cc/	1970-01-20 16:05:41	Name: ADOP_CID Value: SG-230811145946-15b4de5f9d26473c
.mbantul.my.id/	1970-01-20 13:56:05	Name: lotame_domain_check Value: mbantul.my.id
.criteo.com/	1970-01-20 23:17:41	Name: uid Value: 5b88ce51-9a9c-47cf-8b02-01dd3656fc33
.crwdcntrl.net/	1970-01-20 20:24:50	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 20:24:50	Name: _cc_id Value: d7306991a9f4c0389ae5692b09c79875
.mbantul.my.id/	1970-01-20 20:24:53	Name: _cc_id Value: d7306991a9f4c0389ae5692b09c79875
.mbantul.my.id/	1970-01-20 14:06:10	Name: panoramaId_expiry Value: 1692370787405
.mbantul.my.id/	1970-01-20 14:06:10	Name: panoramaId Value: 50dbddf6026292e9c88e4fc07b9916d5393838bd32a9d6c86c3b6bc8895f014d
.mbantul.my.id/	1970-01-20 14:06:10	Name: panoramaIdType Value: panoIndiv
.mbantul.my.id/	1970-01-20 23:17:41	Name: cto_bundle Value: J_3VJV9yaW9FJTJGQ2Fxb0x6akp1NllxelFVb3lHU3A3UGs5TFJrb1JXY0dUJTJGR1pmTDRUb1MwckZmbE5YeEIlMkZ2VEpTMVNrQWNlRSUyRnlPa2k1RGJCM3ZUbTVYTUQxN1B4NWhwVlV1cWtKdDNDQmI3R0pXeTdzT3Vtalg5VmRtUWglMkY2bjFaMEsxTjElMkJWOGMxdlBzbU1wVlBlQWVkUVElM0QlM0Q
.openx.net/	1970-01-20 22:41:41	Name: i Value: 8da447ad-0a84-43f9-83b1-2be4fb2be29b\|1691765987
.mbantul.my.id/	1970-01-20 23:17:41	Name: __gads Value: ID=3ee5fec9c0ee0256:T=1691765987:RT=1691765987:S=ALNI_MaV7OM80U9rWwwz66BJE9B-nE383w
.mbantul.my.id/	1970-01-20 23:17:41	Name: __gpi Value: UID=00000c2af9c0140d:T=1691765987:RT=1691765987:S=ALNI_MbofLLUHxofj1HwYQBjE2NEj7vovA
.openx.net/	1970-01-20 14:17:41	Name: pd Value: v2\|1691765987\|jElYiuvOhI
.adsrvr.org/	1970-01-20 22:43:08	Name: TDID Value: 0a22999b-1252-47b9-93a3-5c9ce6b2eb7b
.doubleclick.net/	1970-01-20 23:32:05	Name: IDE Value: AHWqTUmCd06TwHvNf-BWLUz8ptZMDSMC_1qxj3hO1DF78oOXm91uLQre6DlQQAGIwCY
.adsrvr.org/	1970-01-20 22:43:08	Name: TDCPM Value: CAEYBSABKAIyCwj-p8XlyqGNPBAFOAE.
.openx.net/	1970-01-20 14:17:41	Name: univ_id Value: 537072971\|0a22999b-1252-47b9-93a3-5c9ce6b2eb7b\|1691765988012338
.ladsp.com/	1970-01-20 13:56:09	Name: cr Value: 1
.ladsp.com/	1970-01-20 23:32:05	Name: smn_uid Value: d3UnJIk11JIf123qhO24WA-yJfrIRTI
.ladsp.com/	1970-01-20 23:32:05	Name: lum Value: COa18aieMRIFCAMQ0AU
.socdm.com/	1970-01-20 23:32:05	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjkxNzY1OTg4fQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0692510338f2d979fbb95252e5f225c4.safeframe.googlesyndication.com
57e4fe3f96eae183f0535813db025a1a.safeframe.googlesyndication.com
ads.as.criteo.com
bcp.crwdcntrl.net
cat.sg1.as.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
compass.adop.cc
cr-p3.ladsp.com
csi.gstatic.com
csm.as.criteo.net
data.adop.cc
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
jp-u.openx.net
link.deimoney.com
match.adsrvr.org
mbantul.my.id
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
124.146.215.43
13.224.249.124
13.224.249.76
13.224.249.77
15.197.193.217
162.19.138.83
172.217.194.156
182.161.73.132
182.161.73.136
2001:4860:4802:32::3
2404:6800:4003:c01::9c
2404:6800:4003:c02::5e
2404:6800:4003:c02::9d
2404:6800:4003:c03::84
2404:6800:4003:c04::5f
2404:6800:4003:c04::69
2404:6800:4003:c06::84
2404:6800:4003:c0f::9c
2404:6800:4003:c11::5e
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::9
2406:2600:7:100::f
2406:da12:fbe:4200:bc16:21c4:c20c:caf1
2600:9000:223b:f200:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:20::681a:6d
2a02:4780:3:c141::17
2a04:4e42:600::485
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
52.220.12.162
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
27e5cf95b8e43d8208d5e7853c6380ba1791383260ac1db64c40952f14effe93
292ceb6fc2d717b1e985ed84dac053f0b3cbb59c8cc11ece2f2d3ff3256c93e2
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318c34c8885f1ed615ba45b8de1c942ec9e31afa35529764ab28d66815c3fcaf
34a46ee71ff3fb9c16ea37cd9ac75f20b8d3a4c54afcc94e607322c53cc26e1c
3ad7e6ef7af6bbc3b0c46fbff557f61e514e72a3ae03596a4c42a04f7ca033ad
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d874d64c1f77a2cf9dc17a325ee07e77411faa03d3b7796d5fefc2e386f048c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5525174941143614b9d0afa89bcdf897197eb31ede6d320b326e1ecb7b1b3aea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
5f41347b3d09e028c793b27dff37c6106839e039cd9e0c4a20cbaa07daeefc70
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7b58087423e46b2f214e91c304ae0d41854a27d56a1702227f033fcef16e5c17
7fa7d777a46619674ed1127a215e4fd9602470172e2f4f38925bbd348ced1e74
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9093e7e9fd452b0e872e01c404ffdf2721f59fc1ec3da3a8ac083950499e38
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
ad1ce05c12fe035ca10b93e8db9cb2d4064d81d96c1d838d904a98899e90bb20
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
b3664655d94593fff8060cebdad412a5ca386f67c7ab61db60a0dc385ff9009b
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
be02ce4a0bce594fd274376adff6dcae5cca7d913c51e1b9615f89b7ad0136de
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c53c5a4d720498bbea07932cc462185c707adb2193ca6f9213732adc96a4027f
c5d36bde5c88fa4187ecbcb56443426ddd97251e1026a7456a54180634a563f7
cadd428fe840895f57dbfbd27c821fb7e52596904c925fd7922743064a7f6da9
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
d2248fabf061c440fa50bd2386724bcb12a10c1260eb32f89b8bd30f3d4e25ec
d2636cca6fd2ffd484e21ad5d3e1b9fab2d89378e756e8945574f8ed0def8131
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e865006ba6a76d79b9eeb0886729b5f0a97005f943aa75859f6bf400e12ef8
e6ee9369b125c6e19411797a037a7d86423b868e818bb11228f0c34b5597a94e
e94d0eac610d8c99cd0abdb21aae42740710dc3e2f2ec11b9d3e07d4d025ad93
eb5b1d6c45addb5c6c67144219f2a687183b8a72649556ccfc03e25b83f56891
eb75db321d87f452b1faf9656c5b44adf47add2c1eb65cdefb9f778cde5aa02f
ecc8d5005896fbdc5671b7733527690cf89616fd0f0b96f61b8f47abd29a8fe9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45
f128df111bf5ac205089665a278fa7bd2db5009c33af58d3d5514f7b9d0a4dd6
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
fcaccc2480a08f03bdb012a64e5149acb0ecb817e9b5e4c9ea728f8b9c0bb71f

mbantul.my.id Open in urlscan Pro 2606:4700:20::681a:6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

95 %HTTPS

60 %IPv6

21 Domains

38 Subdomains

32 IPs

5 Countries

2684 kBTransfer

5443 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:6d Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

95 %
HTTPS

60 %
IPv6

21
Domains

38
Subdomains

32
IPs

5
Countries

2684 kB
Transfer

5443 kB
Size

23
Cookies

134 HTTP transactions
4 data transactions