ntt.inews.id Open in urlscan Pro
2600:9000:214f:4a00:1:b1a4:2f40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://inewsntt.id/
Effective URL:
https://ntt.inews.id/?utm_source=inewsntt
Submission: On October 28 via api (October 28th 2022, 7:41:43 pm UTC) from US — Scanned from NL

Summary HTTP 344 Redirects Links 204 Behaviour Indicators

Summary

This website contacted 67 IPs in 10 countries across 45 domains to perform 344 HTTP transactions. The main IP is 2600:9000:214f:4a00:1:b1a4:2f40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ntt.inews.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.

This is the only time ntt.inews.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:214... 2600:9000:214f:4a00:1:b1a4:2f40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
30	2600:9000:214... 2600:9000:214f:a00:c:4bf0:5680:93a1	16509 (AMAZON-02) (AMAZON-02)
43	2600:9000:205... 2600:9000:2057:d200:c:5e3e:d280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2a03:2880:f24... 2a03:2880:f245:e0:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1 5	99.86.4.2 99.86.4.2	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	216.139.248.131 216.139.248.131	32400 (HWSERVICE...) (HWSERVICES-32400)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
13	2600:9000:211... 2600:9000:211e:2800:f:e29d:1c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	64.185.181.185 64.185.181.185	40009 (BITGRAVITY) (BITGRAVITY)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:4400:9:965a:8240:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	63.32.244.82 63.32.244.82	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
14	2600:9000:206... 2600:9000:206f:600:11:320f:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1d64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:a400:15:c3e:78c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:a400:e:c3de:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:e00:1c:7874:a680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:7800:1f:824e:58c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:5400:1f:4c6b:cc00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:b80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	202.147.193.153 202.147.193.153	17670 (MNCKABELM...) (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom)
1	79.133.177.230 79.133.177.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
7	79.133.177.231 79.133.177.231	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	13.32.27.65 13.32.27.65	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.123 99.86.4.123	16509 (AMAZON-02) (AMAZON-02)
3	35.85.87.192 35.85.87.192	16509 (AMAZON-02) (AMAZON-02)
6	79.133.177.229 79.133.177.229	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
344	67

2 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

inewsntt.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
radiox.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:4a00:1:b1a4:2f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ntt.inews.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:214f:a00:c:4bf0:5680:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.inews.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2600:9000:2057:d200:c:5e3e:d280:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.inews.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f245:e0:face:b00c:0:4420 (Amsterdam, Netherlands) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.4.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-2.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.139.248.131 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-131.aus.us.siteprotect.com

hbs.ph.affinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:211e:2800:f:e29d:1c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

sindikasi.inews.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.185.181.185 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b-d.bitgravity.com

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:4400:9:965a:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)

sindikasi.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.249 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.244.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-244-82.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:206f:600:11:320f:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d64 (United States)

ASN13335 (CLOUDFLARENET, US)

img.celebrities.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a400:15:c3e:78c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.idxchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a400:e:c3de:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.mnctrijaya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e00:1c:7874:a680:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.buddyku.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7800:1f:824e:58c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5400:1f:4c6b:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)

pict.sindonews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b80 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sportstars.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 202.147.193.153 (Jakarta, Indonesia)

ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID)
PTR: ip-193-153.mncplaymedia.com

www.visionplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cluster-images.visionplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.230 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 79.133.177.231 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.rctiplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
radiox.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-123.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.85.87.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-87-192.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 79.133.177.229 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.mncnow.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	inews.co.id static.inews.co.id — Cisco Umbrella Rank: 434494 img.inews.co.id — Cisco Umbrella Rank: 126613	958 KB
51	googlesyndication.com 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135 5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com	312 KB
30	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 295	389 KB
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 658 csm.eu.criteo.net — Cisco Umbrella Rank: 8826 pix.eu.criteo.net — Cisco Umbrella Rank: 8729	359 KB
18	okezone.com sindikasi.okezone.com — Cisco Umbrella Rank: 157871 cdn.okezone.com — Cisco Umbrella Rank: 152333 img.okezone.com — Cisco Umbrella Rank: 113046	466 KB
17	inews.id ntt.inews.id sindikasi.inews.id — Cisco Umbrella Rank: 549902	72 KB
13	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2835	124 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 71 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 408 mug.criteo.com — Cisco Umbrella Rank: 3300 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 16655 ads.eu.criteo.com — Cisco Umbrella Rank: 8689 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10726	72 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	467 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	382 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 516	6 KB
7	rctiplus.id static.rctiplus.id — Cisco Umbrella Rank: 163210	115 KB
7	visionplus.id www.visionplus.id — Cisco Umbrella Rank: 166871 cluster-images.visionplus.id — Cisco Umbrella Rank: 205443	88 KB
6	mncnow.id static.mncnow.id — Cisco Umbrella Rank: 183958	228 KB
6	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 11001 certify.alexametrics.com — Cisco Umbrella Rank: 6007	8 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	6 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	262 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 150	5 KB
4	rctiplus.com www.rctiplus.com — Cisco Umbrella Rank: 144558 analytics.rctiplus.com — Cisco Umbrella Rank: 205233 radiox.rctiplus.com	9 KB
4	google.nl adservice.google.nl — Cisco Umbrella Rank: 15036 www.google.nl — Cisco Umbrella Rank: 9384	1 KB
3	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	142 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 759 syndication.twitter.com — Cisco Umbrella Rank: 1109	133 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 763	40 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1396	125 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 ajax.googleapis.com — Cisco Umbrella Rank: 293	32 KB
2	affinitymatrix.com cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 42324	121 KB
2	affinity.com hbs.ph.affinity.com — Cisco Umbrella Rank: 45601	20 KB
2	instagram.com 1 redirects www.instagram.com — Cisco Umbrella Rank: 1239	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 967	6 KB
1	sportstars.id img.sportstars.id — Cisco Umbrella Rank: 182733	104 KB
1	sindonews.net pict.sindonews.net — Cisco Umbrella Rank: 36604	22 KB
1	buddyku.id i.buddyku.id — Cisco Umbrella Rank: 255837	42 KB
1	mnctrijaya.com www.mnctrijaya.com — Cisco Umbrella Rank: 244441	105 KB
1	idxchannel.com img.idxchannel.com — Cisco Umbrella Rank: 176272	11 KB
1	celebrities.id img.celebrities.id — Cisco Umbrella Rank: 181671	17 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	388 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1463	335 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 484	622 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 387	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	5 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463	97 KB
1	inewsntt.id 1 redirects inewsntt.id	716 B
0	rlcdn.com Failed api.rlcdn.com Failed
344	45

	Domain	Requested by
43	img.inews.co.id	ntt.inews.id static.inews.co.id
30	static.inews.co.id	ntt.inews.id static.inews.co.id
23	tpc.googlesyndication.com	948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
22	pagead2.googlesyndication.com	948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
14	cdn.okezone.com	sindikasi.okezone.com cdn.okezone.com
13	sindikasi.inews.id	static.inews.co.id
12	static.criteo.net	ads.eu.criteo.com
12	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	pix.eu.criteo.net	ads.eu.criteo.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ntt.inews.id www.visionplus.id
9	www.google.com	ntt.inews.id 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
9	www.googletagmanager.com	ntt.inews.id www.googletagmanager.com www.rctiplus.com www.visionplus.id radiox.rctiplus.com
8	s0.2mdn.net	ntt.inews.id s0.2mdn.net 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	static.rctiplus.id	www.rctiplus.com
6	static.mncnow.id	www.visionplus.id
6	www.visionplus.id	static.inews.co.id www.visionplus.id
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	ntt.inews.id 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects ntt.inews.id www.visionplus.id
4	googleads4.g.doubleclick.net	ntt.inews.id
4	csm.eu.criteo.net	ads.eu.criteo.com
4	googleads.g.doubleclick.net	948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com ntt.inews.id
4	stats.g.doubleclick.net	www.google-analytics.com
4	ntt.inews.id	static.inews.co.id
3	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.rctiplus.com certify-js.alexametrics.com radiox.rctiplus.com
3	certify.alexametrics.com	www.rctiplus.com www.visionplus.id radiox.rctiplus.com
3	certify-js.alexametrics.com	ntt.inews.id www.visionplus.id
3	sindikasi.okezone.com	static.inews.co.id
2	radiox.rctiplus.com	ntt.inews.id static.cloudflareinsights.com
2	unpkg.com	1 redirects sindikasi.okezone.com
2	code.createjs.com	s0.2mdn.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
2	rtb.fr.eu.criteo.com	ntt.inews.id
2	www.google.nl	ntt.inews.id
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	cdn4-hbs.affinitymatrix.com	hbs.ph.affinity.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	hbs.ph.affinity.com	ntt.inews.id cdn4-hbs.affinitymatrix.com
2	www.instagram.com	1 redirects ntt.inews.id
2	platform.twitter.com	ntt.inews.id platform.twitter.com
1	static.cloudflareinsights.com	radiox.rctiplus.com
1	5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cluster-images.visionplus.id	www.visionplus.id
1	ajax.googleapis.com	www.visionplus.id
1	analytics.rctiplus.com	www.rctiplus.com
1	www.rctiplus.com	static.inews.co.id
1	img.sportstars.id	sindikasi.okezone.com
1	pict.sindonews.net	sindikasi.okezone.com
1	img.okezone.com	sindikasi.okezone.com
1	i.buddyku.id	sindikasi.okezone.com
1	www.mnctrijaya.com	sindikasi.okezone.com
1	img.idxchannel.com	sindikasi.okezone.com
1	img.celebrities.id	sindikasi.okezone.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	cdn.jsdelivr.net	cdn4-hbs.affinitymatrix.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ads.pubmatic.com	ntt.inews.id
1	syndication.twitter.com	platform.twitter.com
1	inewsntt.id	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
344	71

This site contains links to these domains. Also see Links.

Domain
www.inews.id
aceh.inews.id
sumut.inews.id
sumsel.inews.id
jabar.inews.id
jateng.inews.id
yogya.inews.id
jatim.inews.id
bali.inews.id
kalbar.inews.id
sulsel.inews.id
babel.inews.id
regional.inews.id
lampung.inews.id
maluku.inews.id
papua.inews.id
sumbar.inews.id
ntb.inews.id
sulut.inews.id
kalteng.inews.id
kalsel.inews.id
kaltim.inews.id
tv.inews.id
www.okezone.com
www.idxchannel.com
www.celebrities.id
www.buddyku.com
www.sindonews.com
www.sportstars.id
koran-sindo.com
www.rctiplus.com
motionpay.id
aladinmall.misteraladin.com
www.roov.id
emshop.id
www.visionplus.id
www.mnc-insurance.com
www.motiontrade.id
motionbanking.id
www.misteraladin.com
acehutara.inews.id
asahanraya.inews.id
batam.inews.id
bengkuluutara.inews.id
deliraya.inews.id
dumai.inews.id
jambi.inews.id
kutaraja.inews.id
lamsel.inews.id
lintasbabel.inews.id
lhokseumawe.inews.id
madina.inews.id
medan.inews.id
palembang.inews.id
pekanbaru.inews.id
portalaceh.inews.id
pringsewu.inews.id
riau.inews.id
siantar.inews.id
waykanan.inews.id
badung.inews.id
bandungraya.inews.id
banten.inews.id
batu.inews.id
bekasi.inews.id
blitar.inews.id
bogor.inews.id
bojonegoro.inews.id
bondowoso.inews.id
boyolali.inews.id
brebes.inews.id
ciamisraya.inews.id
cianjur.inews.id
cilacap.inews.id
cilegon.inews.id
cirebon.inews.id
demak.inews.id
depok.inews.id
garut.inews.id
gresik.inews.id
indramayu.inews.id
jatenginfo.inews.id
jember.inews.id
joglosemar.inews.id
karanganyar.inews.id
karawang.inews.id
kediri.inews.id
kuningan.inews.id
lamongan.inews.id
madiun.inews.id
malang.inews.id
mojokerto.inews.id
muria.inews.id
ngawi.inews.id
pandeglang.inews.id
pangandaran.inews.id
pantura.inews.id
pasuruan.inews.id
pemalang.inews.id
ponorogo.inews.id
probolinggo.inews.id
purwakarta.inews.id
purwokerto.inews.id
salatiga.inews.id
semarang.inews.id
serpong.inews.id
sidoarjo.inews.id
soloraya.inews.id
sragen.inews.id
subang.inews.id
sukabumi.inews.id
surabaya.inews.id
tangsel.inews.id
tasikmalaya.inews.id
tegal.inews.id
temanggung.inews.id
tuban.inews.id
tulungagung.inews.id
baritoinfo.inews.id
balikpapan.inews.id
kobar.inews.id
kutai.inews.id
samarinda.inews.id
celebes.inews.id
kendari.inews.id
lutra.inews.id
manado.inews.id
palopo.inews.id
palu.inews.id
parepare.inews.id
polman.inews.id
toraja.inews.id
sorongraya.inews.id
alor.inews.id
belu.inews.id
bima.inews.id
flores.inews.id
lombok.inews.id
mataram.inews.id
sumba.inews.id
ternate.inews.id
ttu.inews.id
kemkes.go.id
www.jobsmnc.co.id
www.mncgroup.com
www.mncpeduli.org
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
*.inews.id Sectigo RSA Domain Validation Secure Server CA	`2021-12-22` - `2022-12-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.inews.co.id Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-06-28`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ph.affinity.com Go Daddy Secure Certificate Authority - G2	`2022-04-08` - `2023-05-10`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.google.nl GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.okezone.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-30` - `2023-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.celebrities.id Sectigo RSA Domain Validation Secure Server CA	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.idxchannel.com AlphaSSL CA - SHA256 - G2	`2022-06-08` - `2023-07-10`	a year	crt.sh
mnctrijaya.com Amazon	`2022-10-11` - `2023-11-10`	a year	crt.sh
*.buddyku.id Sectigo RSA Domain Validation Secure Server CA	`2022-08-22` - `2023-09-02`	a year	crt.sh
*.sindonews.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-27` - `2023-03-30`	a year	crt.sh
*.sportstars.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-28` - `2023-04-28`	a year	crt.sh
*.visionplus.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-30` - `2022-11-29`	a year	crt.sh
*.rctiplus.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-24` - `2023-08-24`	a year	crt.sh
*.rctiplus.id RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-29` - `2023-08-29`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2022-05-30` - `2023-06-27`	a year	crt.sh
certify.alexametrics.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2022-09-13` - `2023-10-12`	a year	crt.sh
*.mncnow.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-19` - `2022-11-18`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://ntt.inews.id/?utm_source=inewsntt
Frame ID: 72F8D25C859FFB7AD26469FB6E88AB38
Requests: 129 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Frame ID: 4B33AC1A2FE7716E0AA263F9F5C75FA3
Requests: 2 HTTP requests in this frame

Frame: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3967C8F7F1602186F472986E048BA61D
Requests: 1 HTTP requests in this frame

Frame: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0017CB33F09E8A465EB96D3AD7FF2F28
Requests: 10 HTTP requests in this frame

Frame: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F988B78AB3AEF06AB0E8F4FF0DC69D4B
Requests: 10 HTTP requests in this frame

Frame: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E82BC79419A2A72EE15F4F6AE84FC8F
Requests: 15 HTTP requests in this frame

Frame: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB63A91A4F7360DFAD0803F04CEAFDC8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNUS95kojb41EbV7HVWm2qDDUZPVppb4m57etSJRwRYwhJ9NHtHfvRrqFDzUEQFzN87irYkRvTi9IJUkGGGblhM6jLdUzm_1L_MqEgJVqFRliufkxSLpi-XV4b6l91-RJno82RuPAjv5Fub2c4Lh2KRSuIk0VxmaBg6QZ_Rr0ZsCSeqvWTw
Frame ID: 84AF5051C4A93868969CE0B610A33BCB
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1wwbwAIX4YEpGocAAibb6kJjXd8tVEwHPWpIQ&u=%7CKtJnaTr726srVDjJCnRxLuqnLoky%2FIPE5gDEtO8hVkk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2SzSLlBB7lsytc1YurNbrpdJp3ws0ThrWozfRpw92iCj4Yd9XKPyQeMjtoUArMiBW2Z8lwEqI8CplMXlKtBK09669YbR6wBFD0KQhsuOXFz2NwBYFyECB9SilVXHfygETUVLbiEb_LmPbScpk7gEYid3fL82DjvRdiVb-ETZvMKLQlj4LfZavLVFV5KL5liNuYBnH-PZJTi3tQ8R-j5oqzN4eu4_VJr-nTyPG2z7KdL-55F_eAQKmc5YAoH_nUEVV4olJqbHcCoo8fPrUKCc-7Nv4EgGl8_t3oU_-M71Ay-UFNP6BF-uluCrralsHWy7yLDvmJLTPioZ3TytzIozZC0dwMNqrZ0dpvdPWQqtaCj1mjQr3SmQ8ib4n_mRvhz1uGMYiEf5QrUqC3JfpPgcYBn4x_hG03o15atdRPcdO6-9OS8w3e1ku9O9Tl_BvfeX_IATbhPOVZRLUstw6Ch95TwSxb2_fSAV9uJY-saB09W8FQjBdL6INSXU4g7Hlpxxy66TUNPl7AJ7FrCp5ln5mK0jt124PG40_M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM4owbzBcY4a_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgThAU_QyQjFeUeskVxDuvzJKhAAtmLGbnwk1aqa1ZouG1bFdX09nIqXr-x_vCO5XUxY-aYKWlX1zra4qiBt_bC1wEk5EHp8VcNr08HC5iMIyO37USpLylasVMK_dxQkpR4a1-rKs1vXcmYhb_0dZkh1pKuANMagIzUc0jHbGv4bUbz93uqCJTYxkG4_7yHBtwP6M0p8BTw_iSWLsx1kjG0V85Jac__PH-PMKemszeYydQ_PBb_Fn4e0KlJNuJrwSV5xZ_WSn-KMAJoiR_u2nP8tdX6UczTpGgHO7DK0Iu44EI0SUeAEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sZF8U3lNqYFc1Bkmu3oik8Pxc2A%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: CECFB79DADE0F5D52AFF36E61B6AA3BF
Requests: 25 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1wwbwAIX4UEpGocAAibb3t1Rd7667nrC4YmHw&u=%7CKtJnaTr726vgWOKjIMcHQH4F%2Bhxx2aszIjDOP85D%2Fkg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmcCv0AOFezvAr6tW1v5O9KJ8Az8v0Mw07aR9f3-gqfU-mO6Kn09kHndez44dea1wqf0GLQsNfOv1U0f52Mkl-qKsfFTc5Yomn-mzwJMXRrMutluuqUcGsn__2WE74h1Ye6Gg2w0xbqYSN4fIFjb97LBMPEiXJxZzQeZuRFgABH6jfqJkEfZcJ7KwMvIzy5VoHnAUQa62HMSeesbwc2PfzL7OO6-nEu2Qc91VMm1b8Hb0ItCsXs7_F-g9DCY_Eawc0ZG_Fz1IT0TSg9YeFP0u7yHsAuV8Eg4b_QwDVbLMH2hJsAm2--7T90Z4zwexr31t_7Lt3_0Z0Plx2hEacz1yE_wpe-JUWWm2NtPBgRA-s64X2oRm_aCzNl-8BD3TrmzbUONAOjfYRBfKrg8h5JQ4wvo48W_PexBgf8ywlI5wdjoHNbAqpv-huLj3ukL-tURcICSP4fYvaiqxfWIg7jN1lZUrBgSLYW62G8JNnmwB6q1DornhtcVUVgddYzSCxDmuggdMVLZaTwGGppTk8Mgl7PbWvbtACL714M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV6kPbzBcY4W_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgTeAU_QalW4IGb5R7R1rL6C1d_fAbeq6PM948hreiV1GqwS04-FSUGazRNd-aT1mLFQqpEygjCMinmOgRvBjsw2UprD4f1lwkTibWueXk8G_uahbBs17XqGw8-hQ5cuFYw7h3u-bbcbQWU9ByG-qKI16cTtg5jgsTUCXM69rj-nbxci72tnihO2KzKqRCNqTWHgUUJqQJ1stQY-vhZhFW9KF8RAMKqKMmpr6cxQaexd6T-pbMhB76ewe1vMMNxAyaFZDkm1MpT4EqjLovxyFN4r38HDixlnPTkAwAPyckdjYeAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1TLS46dJYRG2ebQH7YLXPtFCWDSQ%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: FEDC1F0CC09747524CD738D45D0F499E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWRsreNSVyx94lboTpKiwPjPyGkWA9XmNVD3-SHczw6R0DEwC4tksohkUJiF8-KxQJyOJn-WA_JTQc5s47NS5wt4BNk3_k_byLSXce3b7oXQ4GEx_QOM-qpzHs92ZFju7KS02kE6MI371tbF5NlXWIzI59Vpg2jEdX_bufFJXJ_yCVElcM
Frame ID: 48143F15CE3DD21EBA01D55CA3246FD3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.html
Frame ID: 96831826D3E177C6FD63C0D12D7E29CE
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.html
Frame ID: DB61228C08C4BB939B423B4148EAD6FF
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0456428E712C54231B4E8E5476FD3B4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0A44A4FB597590F2CD6A61E95F3DD97
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3493519AC54A2D8BB585F2824063160C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37E03220938EAC861F5A430B66B6BF5D
Requests: 2 HTTP requests in this frame

Frame: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Frame ID: E690D0D790C7719DB57D7ED0AC922839
Requests: 23 HTTP requests in this frame

Frame: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Frame ID: 2E698E70CD6F6077183EFD77A5BD5095
Requests: 40 HTTP requests in this frame

Frame: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215
Frame ID: AAA60B4B1F7419517CCC7A03FF184A8D
Requests: 15 HTTP requests in this frame

Frame: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718
Frame ID: 3C32DD83BBC6DC6B8565868955CCEC44
Requests: 9 HTTP requests in this frame

Frame: https://5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1D82B524FA5BADA298A3DEABC0C4B1B7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzR260CRy5YNT3BY9a6fUGlsydPhkfuQzZmT0Sn8aT-dHdWyWwozl81g3bC-Y69JvvM0we0Jg3Kno14kYlbsaEyKYZvWjn_TSE6UCvluQTcohA57qSXSj7ck1AkmA0SZcNt-zqmdNpVj6CDsisG4g4ITHOKknLeO_SupksY7jhNDP9q9_y-0i73w3AVAtycKvK0yCHiWSD8T2gFnRYrxKYQ7DFkUpM9UcMn3kYF6GOEgmJuCfbv-xdc6wm9esIF6J5NmJSJrUNxPHeq9uvE2koSgMRSSTUh49jwoCN21ubiYTdUXqT8_Uiy-qjZCSjZOvkvATZBPEjq-SkaGD5NA&sai=AMfl-YRdBs99oCpC0qU0LF92s7qatGHy-SKm2yFiJQ9Ds87nVT5RPB_Piihf3J8rM0nLZ1wsyAQeEX3Mxi7t2iKPCOiO3yy0tBeRCFdpgIcn&sig=Cg0ArKJSzGqYT_5sFNSTEAE&uach_m=[UACH]&adurl=
Frame ID: 8D9C09674FCD363820D432A8B43A27EA
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2361CE2318E936C057FD04F374049E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 640C789A7D67627AB69EE177E43000AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berita NTT Terbaru Terkini - iNews Portal

Page URL History Show full URLs

http://inewsntt.id/ HTTP 301
https://ntt.inews.id/?utm_source=inewsntt Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

344
Requests

96 %
HTTPS

68 %
IPv6

45
Domains

71
Subdomains

67
IPs

10
Countries

5237 kB
Transfer

10466 kB
Size

35
Cookies

204 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inews.id/

Search URL Search Domain Scan URL

URL: https://aceh.inews.id/
Title: Aceh

Search URL Search Domain Scan URL

URL: https://sumut.inews.id/
Title: Sumut

Search URL Search Domain Scan URL

URL: https://sumsel.inews.id/
Title: Sumsel

Search URL Search Domain Scan URL

URL: https://jabar.inews.id/
Title: Jabar

Search URL Search Domain Scan URL

URL: https://jateng.inews.id/
Title: Jateng

Search URL Search Domain Scan URL

URL: https://yogya.inews.id/
Title: Yogya

Search URL Search Domain Scan URL

URL: https://jatim.inews.id/
Title: Jatim

Search URL Search Domain Scan URL

URL: https://bali.inews.id/
Title: Bali

Search URL Search Domain Scan URL

URL: https://kalbar.inews.id/
Title: Kalbar

Search URL Search Domain Scan URL

URL: https://sulsel.inews.id/
Title: Sulsel

Search URL Search Domain Scan URL

URL: https://babel.inews.id/
Title: Babel

Search URL Search Domain Scan URL

URL: https://regional.inews.id/
Title: Lainnya

Search URL Search Domain Scan URL

URL: https://lampung.inews.id/
Title: Lampung

Search URL Search Domain Scan URL

URL: https://maluku.inews.id/
Title: Maluku

Search URL Search Domain Scan URL

URL: https://papua.inews.id/
Title: Papua

Search URL Search Domain Scan URL

URL: https://sumbar.inews.id/
Title: Sumbar

Search URL Search Domain Scan URL

URL: https://ntb.inews.id/
Title: NTB

Search URL Search Domain Scan URL

URL: https://sulut.inews.id/
Title: Sulut

Search URL Search Domain Scan URL

URL: https://kalteng.inews.id/
Title: Kalteng

Search URL Search Domain Scan URL

URL: https://kalsel.inews.id/
Title: Kalsel

Search URL Search Domain Scan URL

URL: https://kaltim.inews.id/
Title: Kaltim

Search URL Search Domain Scan URL

URL: https://www.inews.id/indeks
Title: Indeks

Search URL Search Domain Scan URL

URL: https://tv.inews.id/

Search URL Search Domain Scan URL

URL: https://www.inews.id/sport
Title: Sport

Search URL Search Domain Scan URL

URL: https://www.inews.id/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.inews.id/techno
Title: Techno

Search URL Search Domain Scan URL

URL: https://www.inews.id/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance
Title: Finance

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.inews.id/otomotif
Title: Otomotif

Search URL Search Domain Scan URL

URL: https://www.inews.id/multimedia
Title: Multimedia

Search URL Search Domain Scan URL

URL: https://www.okezone.com/
Title: Okezone

Search URL Search Domain Scan URL

URL: https://www.idxchannel.com/
Title: IDX Channel

Search URL Search Domain Scan URL

URL: https://www.celebrities.id/
Title: Celebrities.id

Search URL Search Domain Scan URL

URL: https://www.buddyku.com/
Title: BuddyKu

Search URL Search Domain Scan URL

URL: https://www.sindonews.com/
Title: SINDOnews

Search URL Search Domain Scan URL

URL: https://www.sportstars.id/
Title: Sportstars.id

Search URL Search Domain Scan URL

URL: https://koran-sindo.com/
Title: Koran SINDO

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming
Title: iNews TV

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming/gtv
Title: GTV

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming/rcti
Title: RCTI

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming/mnctv
Title: MNC TV

Search URL Search Domain Scan URL

URL: https://www.rctiplus.com/
Title: RCTI+

Search URL Search Domain Scan URL

URL: https://motionpay.id/
Title: MotionPay

Search URL Search Domain Scan URL

URL: https://aladinmall.misteraladin.com/
Title: AladinMall

Search URL Search Domain Scan URL

URL: https://www.roov.id/
Title: ROOV

Search URL Search Domain Scan URL

URL: https://emshop.id/
Title: eMSHOP

Search URL Search Domain Scan URL

URL: https://www.visionplus.id/
Title: Vision+

Search URL Search Domain Scan URL

URL: https://www.mnc-insurance.com/
Title: Motion Insure

Search URL Search Domain Scan URL

URL: https://www.motiontrade.id/
Title: Motion Trade

Search URL Search Domain Scan URL

URL: https://motionbanking.id/
Title: Motion Banking

Search URL Search Domain Scan URL

URL: https://www.misteraladin.com/
Title: Mister Aladin

Search URL Search Domain Scan URL

URL: https://www.inews.id/submission
Title: Klik Lebih Lanjut

Search URL Search Domain Scan URL

URL: https://acehutara.inews.id/
Title: Aceh Utara

Search URL Search Domain Scan URL

URL: https://asahanraya.inews.id/
Title: Asahan Raya

Search URL Search Domain Scan URL

URL: https://batam.inews.id/
Title: Batam

Search URL Search Domain Scan URL

URL: https://bengkuluutara.inews.id/
Title: Bengkulu Utara

Search URL Search Domain Scan URL

URL: https://deliraya.inews.id/
Title: Deli Raya

Search URL Search Domain Scan URL

URL: https://dumai.inews.id/
Title: Dumai

Search URL Search Domain Scan URL

URL: https://jambi.inews.id/
Title: Jambi

Search URL Search Domain Scan URL

URL: https://kutaraja.inews.id/
Title: Kutaraja

Search URL Search Domain Scan URL

URL: https://lamsel.inews.id/
Title: Lamsel

Search URL Search Domain Scan URL

URL: https://lintasbabel.inews.id/
Title: Lintasbabel

Search URL Search Domain Scan URL

URL: https://lhokseumawe.inews.id/
Title: Lhokseumawe

Search URL Search Domain Scan URL

URL: https://madina.inews.id/
Title: Madina

Search URL Search Domain Scan URL

URL: https://medan.inews.id/
Title: Medan

Search URL Search Domain Scan URL

URL: https://palembang.inews.id/
Title: Palembang

Search URL Search Domain Scan URL

URL: https://pekanbaru.inews.id/
Title: Pekanbaru

Search URL Search Domain Scan URL

URL: https://portalaceh.inews.id/
Title: Portal Aceh

Search URL Search Domain Scan URL

URL: https://pringsewu.inews.id/
Title: Pringsewu

Search URL Search Domain Scan URL

URL: https://riau.inews.id/
Title: Riau

Search URL Search Domain Scan URL

URL: https://siantar.inews.id/
Title: Siantar

Search URL Search Domain Scan URL

URL: https://waykanan.inews.id/
Title: Way Kanan

Search URL Search Domain Scan URL

URL: https://badung.inews.id/
Title: Badung

Search URL Search Domain Scan URL

URL: https://bandungraya.inews.id/
Title: Bandung Raya

Search URL Search Domain Scan URL

URL: https://banten.inews.id/
Title: Banten

Search URL Search Domain Scan URL

URL: https://batu.inews.id/
Title: Batu

Search URL Search Domain Scan URL

URL: https://bekasi.inews.id/
Title: Bekasi

Search URL Search Domain Scan URL

URL: https://blitar.inews.id/
Title: Blitar

Search URL Search Domain Scan URL

URL: https://bogor.inews.id/
Title: Bogor

Search URL Search Domain Scan URL

URL: https://bojonegoro.inews.id/
Title: Bojonegoro

Search URL Search Domain Scan URL

URL: https://bondowoso.inews.id/
Title: Bondowoso

Search URL Search Domain Scan URL

URL: https://boyolali.inews.id/
Title: Boyolali

Search URL Search Domain Scan URL

URL: https://brebes.inews.id/
Title: Brebes

Search URL Search Domain Scan URL

URL: https://ciamisraya.inews.id/
Title: Ciamis Raya

Search URL Search Domain Scan URL

URL: https://cianjur.inews.id/
Title: Cianjur

Search URL Search Domain Scan URL

URL: https://cilacap.inews.id/
Title: Cilacap

Search URL Search Domain Scan URL

URL: https://cilegon.inews.id/
Title: Cilegon

Search URL Search Domain Scan URL

URL: https://cirebon.inews.id/
Title: Cirebon

Search URL Search Domain Scan URL

URL: https://demak.inews.id/
Title: Demak

Search URL Search Domain Scan URL

URL: https://depok.inews.id/
Title: Depok

Search URL Search Domain Scan URL

URL: https://garut.inews.id/
Title: Garut

Search URL Search Domain Scan URL

URL: https://gresik.inews.id/
Title: Gresik

Search URL Search Domain Scan URL

URL: https://indramayu.inews.id/
Title: Indramayu

Search URL Search Domain Scan URL

URL: https://jatenginfo.inews.id/
Title: Jateng Info

Search URL Search Domain Scan URL

URL: https://jember.inews.id/
Title: Jember

Search URL Search Domain Scan URL

URL: https://joglosemar.inews.id/
Title: Joglo Semar

Search URL Search Domain Scan URL

URL: https://karanganyar.inews.id/
Title: Karanganyar

Search URL Search Domain Scan URL

URL: https://karawang.inews.id/
Title: Karawang

Search URL Search Domain Scan URL

URL: https://kediri.inews.id/
Title: Kediri

Search URL Search Domain Scan URL

URL: https://kuningan.inews.id/
Title: Kuningan

Search URL Search Domain Scan URL

URL: https://lamongan.inews.id/
Title: Lamongan

Search URL Search Domain Scan URL

URL: https://madiun.inews.id/
Title: Madiun

Search URL Search Domain Scan URL

URL: https://malang.inews.id/
Title: Malang

Search URL Search Domain Scan URL

URL: https://mojokerto.inews.id/
Title: Mojokerto

Search URL Search Domain Scan URL

URL: https://muria.inews.id/
Title: Muria

Search URL Search Domain Scan URL

URL: https://ngawi.inews.id/
Title: Ngawi

Search URL Search Domain Scan URL

URL: https://pandeglang.inews.id/
Title: Pandeglang

Search URL Search Domain Scan URL

URL: https://pangandaran.inews.id/
Title: Pangandaran

Search URL Search Domain Scan URL

URL: https://pantura.inews.id/
Title: Pantura

Search URL Search Domain Scan URL

URL: https://pasuruan.inews.id/
Title: Pasuruan

Search URL Search Domain Scan URL

URL: https://pemalang.inews.id/
Title: Pemalang

Search URL Search Domain Scan URL

URL: https://ponorogo.inews.id/
Title: Ponorogo

Search URL Search Domain Scan URL

URL: https://probolinggo.inews.id/
Title: Probolinggo

Search URL Search Domain Scan URL

URL: https://purwakarta.inews.id/
Title: Purwakarta

Search URL Search Domain Scan URL

URL: https://purwokerto.inews.id/
Title: Purwokerto

Search URL Search Domain Scan URL

URL: https://salatiga.inews.id/
Title: Salatiga

Search URL Search Domain Scan URL

URL: https://semarang.inews.id/
Title: Semarang

Search URL Search Domain Scan URL

URL: https://serpong.inews.id/
Title: Serpong

Search URL Search Domain Scan URL

URL: https://sidoarjo.inews.id/
Title: Sidoarjo

Search URL Search Domain Scan URL

URL: https://soloraya.inews.id/
Title: SoloRaya

Search URL Search Domain Scan URL

URL: https://sragen.inews.id/
Title: Sragen

Search URL Search Domain Scan URL

URL: https://subang.inews.id/
Title: Subang

Search URL Search Domain Scan URL

URL: https://sukabumi.inews.id/
Title: Sukabumi

Search URL Search Domain Scan URL

URL: https://surabaya.inews.id/
Title: Surabaya

Search URL Search Domain Scan URL

URL: https://tangsel.inews.id/
Title: Tangsel

Search URL Search Domain Scan URL

URL: https://tasikmalaya.inews.id/
Title: Tasikmalaya

Search URL Search Domain Scan URL

URL: https://tegal.inews.id/
Title: Tegal

Search URL Search Domain Scan URL

URL: https://temanggung.inews.id/
Title: Temanggung

Search URL Search Domain Scan URL

URL: https://tuban.inews.id/
Title: Tuban

Search URL Search Domain Scan URL

URL: https://tulungagung.inews.id/
Title: Tulungagung

Search URL Search Domain Scan URL

URL: https://baritoinfo.inews.id/
Title: Barito Info

Search URL Search Domain Scan URL

URL: https://balikpapan.inews.id/
Title: Balikpapan

Search URL Search Domain Scan URL

URL: https://kobar.inews.id/
Title: Kobar

Search URL Search Domain Scan URL

URL: https://kutai.inews.id/
Title: Kutai

Search URL Search Domain Scan URL

URL: https://samarinda.inews.id/
Title: Samarinda

Search URL Search Domain Scan URL

URL: https://celebes.inews.id/
Title: Celebes

Search URL Search Domain Scan URL

URL: https://kendari.inews.id/
Title: Kendari

Search URL Search Domain Scan URL

URL: https://lutra.inews.id/
Title: Lutra

Search URL Search Domain Scan URL

URL: https://manado.inews.id/
Title: Manado

Search URL Search Domain Scan URL

URL: https://palopo.inews.id/
Title: Palopo

Search URL Search Domain Scan URL

URL: https://palu.inews.id/
Title: Palu

Search URL Search Domain Scan URL

URL: https://parepare.inews.id/
Title: Parepare

Search URL Search Domain Scan URL

URL: https://polman.inews.id/
Title: Polman

Search URL Search Domain Scan URL

URL: https://toraja.inews.id/
Title: Toraja

Search URL Search Domain Scan URL

URL: https://sorongraya.inews.id/
Title: Sorong Raya

Search URL Search Domain Scan URL

URL: https://alor.inews.id/
Title: Alor

Search URL Search Domain Scan URL

URL: https://belu.inews.id/
Title: Belu

Search URL Search Domain Scan URL

URL: https://bima.inews.id/
Title: Bima

Search URL Search Domain Scan URL

URL: https://flores.inews.id/
Title: Flores

Search URL Search Domain Scan URL

URL: https://lombok.inews.id/
Title: Lombok

Search URL Search Domain Scan URL

URL: https://mataram.inews.id/
Title: Mataram

Search URL Search Domain Scan URL

URL: https://sumba.inews.id/
Title: Sumba

Search URL Search Domain Scan URL

URL: https://ternate.inews.id/
Title: Ternate

Search URL Search Domain Scan URL

URL: https://ttu.inews.id/
Title: TTU

Search URL Search Domain Scan URL

URL: https://www.inews.id/otomotif/mobil/deretan-mobil-di-film-catatan-si-boy-kini-banyak-diburu-kolektor
Title: Deretan Mobil di Film Catatan Si Boy Kini Banyak Diburu Kolektor

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/profil-johanis-tanak-jaksa-yang-dilantik-jokowi-jadi-wakil-ketua-kpk
Title: Profil Johanis Tanak, Jaksa yang Dilantik Jokowi Jadi Wakil Ketua KPK

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance/bisnis/7-orang-sukses-bisnis-di-usia-tua-ada-pendiri-kfc-dan-pemilik-mcd
Title: 7 Orang Sukses Bisnis di Usia Tua, Ada Pendiri KFC dan Pemilik McD

Search URL Search Domain Scan URL

URL: https://www.inews.id/sport/soccer/profil-dony-tri-pamungkas-gelandang-indonesia-u-20-pembobol-gawang-turki
Title: Profil Dony Tri Pamungkas, Gelandang Indonesia U-20 Pembobol Gawang Turki

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance/bisnis/pm-baru-inggris-rishi-sunak-lebih-tajir-dari-raja-charles-dari-mana-sumber-kekayaannya
Title: PM Baru Inggris Rishi Sunak Lebih Tajir dari Raja Charles, dari Mana Sumber Kekayaannya?

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/internasional/deretan-drone-kamikaze-iran-awalnya-dianggap-gagal-tapi-bisa-luluh-lantakkan-ukraina
Title: Deretan Drone Kamikaze Iran, Awalnya Dianggap Gagal tapi Bisa Luluh Lantakkan Ukraina

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle/seleb/deretan-cucu-artis-masih-bayi-sudah-punya-penghasilan-fantastis
Title: Deretan Cucu Artis Masih Bayi Sudah Punya Penghasilan Fantastis, Nomor 3 Tabungannya Rp2 Miliar

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance/bisnis/kisah-sukses-bebek-goreng-h-slamet-dari-modal-rp10000-kini-punya-cabang-di-mana-mana
Title: Kisah Sukses Bebek Goreng H Slamet, dari Modal Rp10.000 Kini Punya Cabang di Mana-mana

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle/seleb/artis-tutup-usia-saat-anaknya-masih-bayi
Title: 5 Artis Tutup Usia saat Anaknya Masih Bayi, Nomor 3 hanya Diberi Kesempatan Bertemu Sang Putri selama 40 Hari

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/po-bus
Title: PO Bus

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/tausiah
Title: Tausiah

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/artis-tutup-usia
Title: Artis Tutup Usia

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/anak-artis-masih-bayi
Title: Anak artis masih bayi

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/doa-harian
Title: Doa Harian

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/brigadir-j
Title: brigadir j

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/ilmu-tajwid
Title: Ilmu Tajwid

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/destinasi
Title: Destinasi

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/piala-asia-u-20-2023
Title: Piala Asia U-20 2023

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/piala-asia-u-20
Title: Piala Asia U-20

Search URL Search Domain Scan URL

URL: https://www.inews.id/update-korona

Search URL Search Domain Scan URL

URL: https://kemkes.go.id/
Title: Kementerian Kesehatan Republik Indonesia

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/update-corona-28-oktober-2022-kasus-positif-tambah-3015-orang

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/kasus-covid-19-tambah-3029-orang-3-hari-berturut-turut-tembus-3000

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/update-26-oktober-2022-kasus-covid-19-tambah-3048-orang

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/kasus-covid-19-bertambah-3008-orang-selasa-25-oktober-2022

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/kasus-positif-covid-19-tambah-1703-orang-hari-ini

Search URL Search Domain Scan URL

URL: https://www.inews.id/multimedia/video

Search URL Search Domain Scan URL

URL: https://www.inews.id/indeks/article

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/belajar-dari-pertahanan-dan-keamanan-digital-di-tengah-perang-rusia-ukraina

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/mendampingi-hari-hari-akhir-prof-azra-sungguh-cahaya

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/haornas-momentum-gotong-royong-nasional-untuk-raih-juara

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/tentang-kami
Title: Tentang Kami

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/redaksi
Title: Redaksi

Search URL Search Domain Scan URL

URL: http://www.jobsmnc.co.id/
Title: Karir

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/pedoman-media-siber
Title: Pedoman Media Siber

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/term-of-services
Title: Term Of Services

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/kontak-kami
Title: Kontak Kami

Search URL Search Domain Scan URL

URL: https://www.mncgroup.com/business-unit
Title: MNC Group Businesses

Search URL Search Domain Scan URL

URL: https://www.mncgroup.com/
Title: Profile MNC Group

Search URL Search Domain Scan URL

URL: https://www.mncpeduli.org/
Title: MNC Peduli

Search URL Search Domain Scan URL

URL: https://www.instagram.com/inewsdotid

Search URL Search Domain Scan URL

URL: https://www.facebook.com/inewsdotid

Search URL Search Domain Scan URL

URL: https://twitter.com/inewsdotid

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQA6NejSxQguRkD3L8eXHzA

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@inewsdotid

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://inewsntt.id/ HTTP 301
https://ntt.inews.id/?utm_source=inewsntt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 56

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986095147&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986095147&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=

Request Chain 68

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=3pa1X3x6em96UlZneGVoSmF4enZsSGw3b1VidEFQNjhJWC9sNlpma3RLMWtEY3krZHhzenVvSFFENWpHVkFlQktuSFg2Slp4SzFzaU16NVIwaXlBNjJlUC95VlhOV0FPZ2hIaEs4MlNtUmVFRFE5OEUvQ2luQ2lzV1duaXdPUFJUdWplbmh0Nkh6U1JRM1NIN0owaGN1Tlh5bW4vRTFNRkxtUmxxUkxMUEVTa2h1cEF5UmlsVE1rcWZJczhJMGp3dS82Q1hoZEZkellXcnQxaXJzdGx5L1FKNW9nc3VsWlgzL0tqZUVKandJczdoVTJVPXw&cppv=2

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1wwcPUh2wULPKxA5PGZtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1

Request Chain 168

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1wwcPUh2wULPKxA5PGZtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1

Request Chain 172

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D

Request Chain 265

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

344 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ntt.inews.id/
Redirect Chain

http://inewsntt.id/
https://ntt.inews.id/?utm_source=inewsntt

107 KB
14 KB

1518ms
1355ms

Document
text/html

2600:9000:214f:4a00:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4a00:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f3c663a7c68483722dd841b8a6aed8b2e41fb1678863490a9ffbd5e5ce809032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 19:41:34 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-id: ut8BH2nTawvvRtVvrH1rUzl2CCcXTXf7_TWPhkfqmmJhJT03hXJBwA==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7616264aac0fb7e5-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 28 Oct 2022 19:41:33 GMT
Expires: Fri, 28 Oct 2022 20:41:33 GMT
Location: https://ntt.inews.id?utm_source=inewsntt
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voMQS2LHem3svFX4InDYs1R1PCRVFvwob9jyz%2FZ4p9Hu%2BIBhP9D2uKY%2BBgFaDc57ctbBN6l%2FodAQW%2FOivOBVk4ZYq%2FVlaSR5LhAmfi26CWLyCoKjX9u4DO29M2E8fxp4rSrNAQy8YDcg8A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 189ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fbd81088593e3b0a44e53bbaac8420401a35d553e37ed59a7ca23267b029f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27417
x-xss-protection: 0
server: sffe
etag: "1377 / 170 of 1000 / last-modified: 1666955192"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Oct 2022 19:41:34 GMT

GET
H2 200 mix-desk-v2.min.css
static.inews.co.id/css/ 369 KB
52 KB 168ms
44ms Stylesheet
text/css 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f63073f8d2d0342d31fd4074be34f73595862c5ae2041466056171e12d69938

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 3840923
etag: W/"632193ea-5c365"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: INGRK8GFzp8X6kz02n4FBsaokCLnO7K5TBJgFY8HDGbEgbLa6V10-w==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 3kolom.css
static.inews.co.id/css/ 32 KB
6 KB 160ms
37ms Stylesheet
text/css 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/3kolom.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cd12c8f0f4e8a4d5f1903239c3be91906dff284068edd49c1a7f728ccb5dd264

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 04:07:08 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 3840923
etag: W/"62b92cec-7eb6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: tuitN4agd7ZWxdeS30Zu8meJIotZ__inQIHzvemt90Z4bruY3J-NVw==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 daerah.min.css
static.inews.co.id/css/ 940 B
792 B 198ms
75ms Stylesheet
text/css 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/daerah.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 36852a6f8fe58b46478b6c4eb9a6e725392fe4ec2dd3352a6a93941663bd657e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:41:29 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 2822405
etag: W/"61778473-3ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: fkXsEH1-GZUCy6eSkSHD_LY7kSy6mDZc82ZlvthYJY0QbpIOJS1owg==
expires: Mon, 03 Oct 2022 03:41:29 GMT

GET
H2 200 auto-complete.min.css
static.inews.co.id/css/ 533 B
712 B 158ms
35ms Stylesheet
text/css 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/auto-complete.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:48 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 3840923
etag: W/"61778478-215"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: FfHtOA2J0W9CF3sOuJdvj1NUgSM3UK7NGvSdDHIlVh3gY3vpICXoRQ==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 sticky_navbar.min.css
static.inews.co.id/css/ 3 KB
1 KB 198ms
75ms Stylesheet
text/css 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/sticky_navbar.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bfc9928792050fbde5a1a1786a7d389c946a4f1ad23f69175fdb9171e0836006

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 3840923
etag: W/"61778473-ac7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: KeqddXJS5QB7yfOUcUva1LdgoHTCOH31dnUS9OBeEWA2UY7Kf_4OAw==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 swiper-bundle.min.css
static.inews.co.id/js/swiper/ 15 KB
5 KB 161ms
39ms Stylesheet
text/css 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/swiper/swiper-bundle.min.css
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0278e05948f95ba94656b45a5547d33f57ed6e54e6a0f24bb731d51b24ba05c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:17:54 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Wed, 13 Apr 2022 08:03:41 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 9804220
etag: W/"625683dd-3b4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: r17WoinwmnNhH0GHtCMVqxI7WgvcROCAjIjF_9M5OAonwH-s8YPSkg==
expires: Thu, 14 Jul 2022 08:17:54 GMT

GET
H2 200 logoinews.png
img.inews.co.id/media/100/files/inews_new/2018/10/11/ 3 KB
4 KB 631ms
519ms Image
image/png 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/100/files/inews_new/2018/10/11/logoinews.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bb4cac10236d97d976d9c18e8c7e8e2f38cc177f5a857eed4c269b372a7a321

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 4454
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-VWlNbXjsGs"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315357843
content-length: 3338
x-amz-cf-id: 1uwvJ4Vt78ayK4ktELExJ5bTvRwUJx0fWF8QeaVqxDSHxPHXx8PG7w==
expires: Mon, 25 Oct 2032 19:05:39 GMT

GET
H2 200 iNews@2x.png
static.inews.co.id/img/ 1 KB
2 KB 63ms
60ms Image
image/png 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/iNews@2x.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: abecc8df83a51a762faaacfd465ef9069eceb1ac0c1dc8fa44ae56f219897c72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 06:36:08 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 6786327
etag: "61778473-5f8"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1528
x-amz-cf-id: ZMtth5VhTwTgxTxHaN6tQaimI1VBhUAf1--rNlsCY1uo_SaPMaQ5rA==
expires: Thu, 18 Aug 2022 06:36:08 GMT

GET
H2 200 icon-inews-tv.gif
img.inews.co.id/files/img/ 49 KB
49 KB 810ms
698ms Image
image/gif 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/files/img/icon-inews-tv.gif
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1aaa0852e64e0974d0d684ddf2c2023969430bab106fdcca0bd09c1274f257fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
etag: "5b6a89ce-c279"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 49785
x-amz-cf-id: r_YgFDamxF7wVzoFWVyGybjmBPlTKM0WNlTqJl3SvbxFIRnkbZmnvg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 right-menu.svg
static.inews.co.id/img/ 420 B
734 B 61ms
58ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/right-menu.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 91224a2be7a33f3e5c162dcffd319a9d4a804446efdc095cfd9d9c7130fe2cd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 01:37:22 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 4385052
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 15:07:39 GMT
server: nginx
etag: W/"6310cabb-1a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kKFibj54h0ZscKSvywH_9mTEH66pDBNGOKzQW2MwaeMrxEkyXdSMbg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 network.png
static.inews.co.id/img/ 550 B
935 B 76ms
73ms Image
image/png 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/network.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ba526a508ff52afa5358c83c97eff0206984c608c0ca75d5b422dfb9c22e879

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 07:01:17 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 2810418
etag: "6310cabe-226"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 550
x-amz-cf-id: hq2xev6GTKoCS2NZ6WrlxByZClsRfYlplnKtnrV8cSM12KNLCvgXUQ==
expires: Mon, 03 Oct 2022 07:01:17 GMT

GET
H2 404 ntt.png
img.inews.co.id/media/600/files/img/ 0
0 340ms
228ms Image
text/html 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/img/ntt.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 close-red.png
static.inews.co.id/img/ 421 B
807 B 76ms
74ms Image
image/png 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/close-red.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d9bf54acfc2f866510bdb2ad1677da3086c72aeb69c979fca880d0fa07b24e1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 23:30:45 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:39 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 4911050
etag: "6310cabb-1a5"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 421
x-amz-cf-id: we_L4uXl_nxzJ3EVijqF6hHH6keYR39q3Iw3zMMpMDnehe94zXyLRA==
expires: Thu, 08 Sep 2022 23:30:45 GMT

GET
H2 200 pencoblosan.jpg
img.inews.co.id/media/600/files/inews_new/2020/11/19/ 28 KB
28 KB 800ms
688ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/11/19/pencoblosan.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b28b11c55732748a3cdb27bf098f990a52631b2d6295a2f3511c871e95a1e13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Thu, 19 Nov 2020 02:37:43 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fb5da77-173f8"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 28395
x-amz-cf-id: Gqk2htpD6lNljPQySOdAFr1kWABPFb_3IRigdLSBL934f82CRY7u2Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lansia_dievakuasi_ke_rumah_sakit_dari_posko_pengu.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/04/ 21 KB
21 KB 332ms
221ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/04/lansia_dievakuasi_ke_rumah_sakit_dari_posko_pengu.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f3e4b0b9cb7e4899eb18daa7e4d1217500ddeb9e12d1279b93c1ac7e4bf8c790

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 01:40:15 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc9937f-101e9"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 21234
x-amz-cf-id: iy-tHlG8xuhmCcDD3pZjw75hRI-fH480di2VnjT8AXxBjKKDTE__1w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 doni_monardo.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/02/ 48 KB
49 KB 830ms
719ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/02/doni_monardo.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 79adf9e5964c0c296744a2b06115685671557209f81382520499c7e62c8bc9d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 04:33:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc71934-2db2f"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 49223
x-amz-cf-id: 7yXP9rDZeW8TkyGCf4OhFjISu5W-JrQN-fFTT8SheBYg814J0dvphg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 doni_monardo_di_ntt.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/02/ 20 KB
20 KB 727ms
727ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/02/doni_monardo_di_ntt.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c4b2eb3e7b2d3f5d7ecb2e62185f2acc9a8043b76a59554537970a03b4ccf15b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 18:49:59 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc69057-11fd1"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 20070
x-amz-cf-id: SzY6IMj8NOMEJvNb3Mcx70MwnBO8okpeYW4jydicRDSZDWj6AtLXhg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pos_pantau_gunung_ile_ape.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/01/ 14 KB
14 KB 690ms
690ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/01/pos_pantau_gunung_ile_ape.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: adb7832ac189f82a3a012eb3d1624195068432a1cada70167247da82cb8e5656

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 00:39:50 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc590d6-ae85"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 14100
x-amz-cf-id: nBYPP-dmLxRY2pLej81IkaG7WxO8e2HomaQaN_uYwdPmvy3PRYXw2A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageload.png
img.inews.co.id/media/250/files/inews_new/ 2 KB
3 KB 557ms
557ms Image
image/png 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/imageload.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a179ff3fe8c70e211932b694602858d21c9a0562058639eccd6eaaaba6306b80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 5557
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-M5eBqsrbNV"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315357474
content-length: 2479
x-amz-cf-id: TDCh92Td-03XVeWkBeiT1KanRcUPKIQhc4AMM9nnTI3PeYWR_mIFXg==
expires: Mon, 25 Oct 2032 18:59:30 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 101ms
24ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 19:41:35 GMT
Content-Encoding: gzip
Age: 877
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (amb/6BBA)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

25ms
24ms

Script
text/javascript

2a03:2880:f245:e0:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Server: 2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:38:05 GMT
content-encoding: br
x-fb-trip-id: 1679558926
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843

Redirect headers

date: Fri, 28 Oct 2022 19:41:35 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 auto-complete.min.js Show response
static.inews.co.id/js/ 5 KB
2 KB 33ms
33ms Script
application/javascript 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/auto-complete.min.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dcd189b3bb4c3ea32c3613315081a69074fc0964337f04f3e5d783a23e0183c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 06:53:12 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 4279703
etag: W/"61778473-1462"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: WwXRwibDsiExYtFy0XeXbTvsLm2RfSwUhAyu7mDCiyaAu_Sr706wFw==
expires: Fri, 16 Sep 2022 06:53:12 GMT

GET
H2 200 mix-desk.min.js Show response
static.inews.co.id/js/ 228 KB
68 KB 43ms
39ms Script
application/javascript 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 56c76feb47fcf244ff18d7e708bdc5a3e1a146a41456a1949890c6714f3aea1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 3840924
etag: W/"61778473-390af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: TNa1EJmGPZPmmCIsrh_UuTDW4mewnnC02PRiuegEWhID7QUmU8UMxw==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 script-v2.js Show response
static.inews.co.id/js/ 4 KB
2 KB 57ms
53ms Script
application/javascript 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/script-v2.js?v=4
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffb71469816e7541203d7fc634d6f98a77e5ce2709d8abe7e468a87f6d35e86a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:12 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 3840923
etag: W/"6310cabe-e6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: PvwdxIgLULj-P5sv1-yxrpfViqkWFuyXjsAY2td--WtoZK6BuI04SA==
expires: Wed, 21 Sep 2022 08:46:12 GMT

GET
H2 200 lazy.js Show response
static.inews.co.id/js/ 4 KB
2 KB 62ms
59ms Script
application/javascript 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/lazy.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12eb096a7e01e8496f2a796e0d22e8f4555c695dc307290f6dab408e8d7ee01c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 00:52:16 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 5424559
etag: W/"61778473-e1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: TrDjSQY3yAMvkCPRw8JfFA2cNQ9tzOtP73MyhCq7Lhl0JRmNLnfS4w==
expires: Sat, 03 Sep 2022 00:52:16 GMT

GET
H2 200 crypto-js.min.js Show response
static.inews.co.id/js/ 47 KB
17 KB 42ms
38ms Script
application/javascript 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/crypto-js.min.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 15:13:41 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 04:07:11 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 10643274
etag: W/"62b92cef-bcbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: 18eUVcmwL336kE7xKA8T-Rwa9gB9N-0O8kTOA_u1PcPqkmRFbNVIMA==
expires: Mon, 04 Jul 2022 15:13:41 GMT

GET
H2 200 swiper-bundle.min.js Show response
static.inews.co.id/js/swiper/ 132 KB
37 KB 70ms
67ms Script
application/javascript 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/swiper/swiper-bundle.min.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f31219ecb01defc9ebb8aa29a6d0ce82e0f23a6eb146d79b470cc83906a23f76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:17:55 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Wed, 13 Apr 2022 08:03:47 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 9804220
etag: W/"625683e3-20eb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: EW6iOSNtTDDxs13uus6SM4X2O3uBR2njOuSMxn7iYMdLjIY6EdWpQw==
expires: Thu, 14 Jul 2022 08:17:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 116ms
38ms Script
application/javascript 99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 04:15:54 GMT
content-encoding: gzip
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 55542
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: DCD-Txff7kEszMigFZSW7f0lXXmFkE4NHAdO0W_UqULPHNNeG10maA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
59 KB 201ms
76ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0b1b13de5aed0702a746fc178a7889296fbe79e5b4bee6793e65d729ff0e794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59544
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.php Show response
hbs.ph.affinity.com/v5/inews.id/ 3 KB
2 KB 560ms
138ms Script
application/javascript 216.139.248.131
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/inews.id/index.php?t=28919
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-131.aus.us.siteprotect.com
Software: nginx / PHP/7.3.6
Resource Hash: dbfdc38f5f89b3ba3b06024d23c576ece8f5d05ed3fbb7537099ecc206283bc4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 19:41:35 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.6
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/Javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: close
Expires: Sat, 28 Oct 2023 19:41:35 GMT

GET
H2 200 chevron-down.svg
static.inews.co.id/img/ 212 B
743 B 65ms
65ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/chevron-down.svg
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2afd80dd7d92497bacd3831ed176ace1538b0e5512c8519754610d6f1ab197f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 19:02:34 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3371941
x-cache: Hit from cloudfront
content-length: 212
last-modified: Tue, 26 Jul 2022 07:32:36 GMT
server: nginx
etag: "62df9894-d4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q4RBazxegyJePNPyQydz5ivXMECqTiucsUj6ukntK8EbbIOLn0WOpA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-live.svg
static.inews.co.id/img/ 2 KB
1 KB 65ms
65ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/icon-live.svg
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 107cd8b4fd2286d6891309790c30e191fcf7955a9d24af52c76b288b2e6a6ff3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 03:35:06 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3341188
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
etag: W/"6310cabe-8a1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PB5Toitjn0Jd3WxcgCEHy8FxhyFltE-Wrtpzu6I_T1JVLInj5t5Q1Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
static.inews.co.id/fonts/ 18 KB
18 KB 745ms
678ms Font
font/woff2 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "61778473-466c"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18028
x-amz-cf-id: aorji-0V__yZrRYfNjDuMrRA_GKZxGgT01zhcQfD4b1Dg21TL6Rnwg==

GET
H2 200 pubads_impl_2022102601.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 138ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f694ee2c9d59f662b923098dcd9fad758c1033f33d80ff72f992b8356bf527eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130414
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:37:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Oct 2023 15:54:36 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 374 B
801 B 147ms
67ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntt.inews.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

823df4d4f681a392ef918e106005063d7567466259efc12b0687117b4526d7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
expires: Fri, 28 Oct 2022 19:41:35 GMT

GET
H2 200 ntt Show response
ntt.inews.id/getstreaming/desktop/ 0
1 KB 835ms
835ms XHR
text/html 2600:9000:214f:4a00:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ntt.inews.id/getstreaming/desktop/ntt

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4a00:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: br
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-amz-cf-id: gF19bTRfAR02MnbhD3zC9y5GAxHeLqn_Frc6igxLpHoe2pukAnXVUw==
x-xss-protection: 1; mode=block

GET
H2 200 editor_choice Show response
sindikasi.inews.id/widget/desktop/ 17 KB
18 KB 867ms
756ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/editor_choice?id=ntt&div=sideLeft0&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

83bc7f39d7324eaeff30ed92ba481e3e7df76caf527c64ad75ad382695537cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: YXdW_ZD-3_6PjBnHAWaMOZBmheAKNF8yP9vExWsH69mwVNIgb_rSKw==
x-xss-protection: 1; mode=block

GET
H2 200 popular_news Show response
sindikasi.inews.id/widget/desktop/ 0
395 B 860ms
749ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/popular_news?id=ntt&div=sideLeft1&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: djdH59OJ6kJQcht51OKT0lTEdllwSUzn2Bz7m3MIdQbIYt1j2CNQpg==
x-xss-protection: 1; mode=block

GET
H2 200 popular_topics Show response
sindikasi.inews.id/widget/desktop/ 2 KB
2 KB 758ms
648ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/popular_topics?id=ntt&div=sideLeft2&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f90cd04dc1006016008bd0871afff0f43d86119da3e193c01bbeb565c73abcd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: INOK8cRYFIkxoZb7-OOKy8fWKAPwJsl2AsKs3Pby8HhvgzY2C2hO8g==
x-xss-protection: 1; mode=block

GET
H2 200 banner-right Show response
sindikasi.inews.id/widget/desktop/ 0
395 B 797ms
687ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/banner-right?id=ntt&div=sideRight1&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: kn8ggNO6O3u-o6EZGfwurBlos7_-jHfLSv10TtZdoz1JeCNPTsIWwg==
x-xss-protection: 1; mode=block

GET
H2 200 streaming Show response
sindikasi.inews.id/widget/desktop/ 384 B
790 B 713ms
604ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/streaming?id=ntt&div=sideRight2&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f5a9f6010307729a4ff2ea25ef1e832fd1f524c3a4d74febfc3a1f65333e75b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: OhiR9qD3cA4FkKvgw-MPAmf8koqrQvDOvb2LUPmvkdMOI7tEAYG4ZA==
x-xss-protection: 1; mode=block

GET
H2 200 korona Show response
sindikasi.inews.id/widget/desktop/ 10 KB
10 KB 857ms
749ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/korona?id=ntt&div=sideRight3&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d7663ee1989dfd44fd9c92ec602e35e61237b52c30272e584ad5807f88e8aa02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: nCWBtVwliDfYKrDO0zbJlnT7h0aEWPwGrLC_zo--7FEhG06tSFk8fA==
x-xss-protection: 1; mode=block

GET
H2 200 side_video Show response
sindikasi.inews.id/widget/desktop/ 10 KB
11 KB 808ms
700ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/side_video?id=ntt&div=sideRight4&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7edc0cb931e1b025ba217ba5484c5717c952e55ba0c62d5f8eff4a31f9d29f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: KePdmwsGw4GWTGV_TIQL5qAMLoGySQafLoHeeLQhyq2DLmIH4gY30Q==
x-xss-protection: 1; mode=block

GET
H2 200 side_photo Show response
sindikasi.inews.id/widget/desktop/ 181 B
585 B 853ms
745ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/side_photo?id=ntt&div=sideRight5&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1cb0961cc3ad7eaa0740b49dc2e286cf4cf386bd86d523eae4bf4d954965217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: X04K-YCww1Ccn6giWV18Xgqlc3yYF9NgeqeXHQQfNsEt130xSMUpqQ==
x-xss-protection: 1; mode=block

GET
H2 200 mncportal Show response
sindikasi.inews.id/widget/desktop/ 502 B
906 B 776ms
669ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/mncportal?id=ntt&div=sideRight6&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9af02dc140425ce2947dc03ebfd19271127747d2578ba8aaab72e500a3f53f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: u2gB7ksMSBiqLCLQEtTFgKBmu2-GUEenRkVytOOoUmHuQ7LkkkSt8A==
x-xss-protection: 1; mode=block

GET
H2 200 rctiplus Show response
sindikasi.inews.id/widget/desktop/ 785 B
1 KB 790ms
683ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/rctiplus?id=ntt&div=sideRight7&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1dd559e191ad2988517dcdd3001d5c3d4c9df406ff10b59172685d12212d8138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: UJxK16NL6SxEAJsM4mh6f7NJ3ddHZQ0zUFJ_vs-2XBpa7RPmSzilSw==
x-xss-protection: 1; mode=block

GET
H2 200 visionplus Show response
sindikasi.inews.id/widget/desktop/ 756 B
1 KB 778ms
672ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/visionplus?id=ntt&div=sideRight8&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eca0dcbdaed5985a680233abe61ac188e947b85f2b48165cce08a8887db495db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: fTI0fiMiji46TYT3U9pGQ3N9O5oRW_aYH8R9xl0rhUg4-kG7rC9mRA==
x-xss-protection: 1; mode=block

GET
H2 200 article Show response
sindikasi.inews.id/widget/desktop/ 4 KB
5 KB 796ms
690ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/article?id=ntt&div=sideRight9&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7405346c27ac86dfa9c7f8ae8e48de433573f951990ab34f80026d033c79c446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: FiAQ98-y3p4i4AYiAb6ybjUmmitpCOEIdDWHK5nG6FA_v59QPgDkdg==
x-xss-protection: 1; mode=block

GET
H2 200 social_media Show response
sindikasi.inews.id/widget/desktop/ 4 KB
4 KB 869ms
763ms XHR
text/html 2600:9000:211e:2800:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/social_media?id=ntt&div=sideRight10&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

74fd74d010b59678e8cdd1d6702978a5a5585c5bee01efa016dfa0fbb069711e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: d6u2pSKs9oBihMxwpu07h8lI1cxrcu9Tnb-G1vsUtwXcUOR0t746JA==
x-xss-protection: 1; mode=block

GET
H2 200 slick.woff
static.inews.co.id/plugins/slick/fonts/ 1 KB
2 KB 531ms
530ms Font
font/woff 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/plugins/slick/fonts/slick.woff
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:49 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "61778479-564"
x-cache: Miss from cloudfront
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1380
x-amz-cf-id: _ZFI_10j8NLuVUXFdB6Xu4N_OpYK2bIvGV3kmEShH6tzoMNrsH5WqQ==

GET
H2 200 ajax-loader.gif
static.inews.co.id/plugins/slick/ 4 KB
4 KB 34ms
33ms Image
image/gif 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/plugins/slick/ajax-loader.gif
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 10:02:25 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 5737150
etag: "61778473-1052"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4178
x-amz-cf-id: my18pBefLtDcB79J841EBBJQRqIr79ZK7We9kPbh85dWwhgzuzXrHQ==
expires: Tue, 30 Aug 2022 10:02:25 GMT

GET
H2 200 load-aiml Show response
ntt.inews.id/ 3 KB
1 KB 747ms
747ms XHR
text/html 2600:9000:214f:4a00:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntt.inews.id/load-aiml
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6ce02617a10530cf0538138cd4c0540a8f917aee304338f42d38bedc1e2e8af

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: br
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XbiUAoocfFCt2BqvetgbVEPMme9XfsF4nrQZ-qK_qdTLguHhrAFmkg==

GET
H2 200 6.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/05/ 8 KB
9 KB 532ms
531ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/05/6.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 013dba738c2ef768c6a2339406a490ace9f450cab1a7d5e3142ba2a2074dcbf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 07:42:25 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fcb39e1-9930"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 8477
x-amz-cf-id: 4O_InaYEzKHAj_6kdySmLfIX5uZ6f4CNhC2k8w4J6PaY8HujtywoBA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/05/ 6 KB
7 KB 544ms
544ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/05/3.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1521e234e96ef5150b56b60c5288e85ab18efbad583aeb6125739caf92d1001f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 05:55:47 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fcb20e3-4f7e"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 6337
x-amz-cf-id: qk8BEdwsoZ1tlBp-RSNlwki56-fJjvxo04ePbfchcD9cqm1ZYQqkfw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 4B33 320 KB
104 KB 24ms
24ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBE) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 723452
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Oct 2022 19:41:35 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BBE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986095147&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terki...
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986095147&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terk...

0
190 B

34ms
33ms

Image
text/plain

99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986095147&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: HQPzkVR38kKRnZL1KO7snw8A2zlIowKBinFERLQbRNyBctBmGil8Hw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986095147&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: ruDbhUhpz77CJgbyvDwHND7PeEGbMvxJmSYBEIKwLnQ8EWCcn6IoWA==
x-cache: Miss from cloudfront

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4B33 851 B
676 B 201ms
135ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7b14bd6e486c7c3f4381eeac08b3b1d34503f80f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 28 Oct 2022 19:41:35 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: a0f34b743857d9e5
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 0463c8a56d69da4a3f68365323326b4907f24cb2c9aca9fd51c404ee86222a14
content-length: 355

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 231ms
67ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ntt.inews.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 195ms
70ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntt.inews.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
20 KB 658ms
542ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276164758618919&correlator=2571363665281834&eid=31070618%2C31069596&output=ldjh&gdfp_req=1&vrg=2022102601&ptt=17&impl=fifs&iu_parts=7108725%2CHome-TopLeaderboard%2CDesktop-Home-Billboard%2CDesktop-Home-Rectangle1%2CDesktop-Home-BottomBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x90%2C300x250%2C970x90&ifi=1&adks=3239413752%2C3215994126%2C4046664198%2C1852379673&sfv=1-0-38&prev_scp=Room%3DRegional%7CRoom%3DRegional%7CRoom%3DRegional%7CRoom%3DRegional&sc=1&cookie_enabled=1&abxe=1&dt=1666986095361&lmt=1666986095&dlt=1666986094774&idt=554&adxs=591%2C436%2C1084%2C315&adys=65%2C242%2C374%2C1062&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&frm=20&vis=1&psz=757x5%7C1106x132%7C254x18%7C970x-1&msz=728x5%7C728x90%7C250x0%7C970x-1&fws=0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0&ga_vid=1152857890.1666986095&ga_sid=1666986095&ga_hid=1420215835&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2564630d22bffeac0e4b88f758105ac5dbf214d7b6cecc4115bc11a7c0beb52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20564
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3967 6 KB
4 KB 206ms
66ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Sat, 28 Oct 2023 19:41:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
44 KB 234ms
112ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-59VRJBF

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b372a44f8dcf99b5a328b030e230bbd6a592e2ac1cdd77240adbeaf3fa74af30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 19:41:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 176ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 19:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2377
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 21:01:58 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159495/4556/ 319 KB
97 KB 119ms
36ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d887163975d331ecb96feb1f8470dd4d943de0f2e0303627182a7111702be2bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:39:04 GMT
server: Apache
etag: "10a1a71-4fddc-5cf4f03122543"
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=138417
accept-ranges: bytes
content-length: 99148
expires: Sun, 30 Oct 2022 10:08:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 137ms
73ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-10CQL436CK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fd21af5cc4f03938b58e90547b064fdeffeaf160ad534957d96c453dcc09b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 19:41:35 GMT

GET
H2 200 v2.js Show response
cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/ 62 KB
23 KB 348ms
47ms Script
application/javascript 64.185.181.185
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/v2.js
Requested by: Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/inews.id/index.php?t=28919
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b-d.bitgravity.com
Software: v/6.5.0/6.5.14/vb4ams1-www / PHP/7.3.6
Resource Hash: 657a91f8fb81963b23b45732abbd8712eede2d140681eb3754eba862ec1ca075

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-version: 9
date: Mon, 03 Oct 2022 14:19:31 GMT
content-encoding: gzip
server: v/6.5.0/6.5.14/vb4ams1-www
age: 2179902
x-tata-request-id: 57230cab49304e30e6a8259a229e4149, 57230cab49304e30e6a8259a229e4149
x-powered-by: PHP/7.3.6
vary: Accept-Encoding
x-cache: HIT,vb4ams1
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22673
expires: Sat, 28 Oct 2023 19:41:35 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 832ms
273ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ntt.inews.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 231183
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=3pa1X3x6em96UlZneGVoSmF4enZsSGw3b1VidEFQNjhJWC9sNlpma3RLMWtEY3krZHhzenVvSFFENWpHVkFlQktuSFg2Slp4SzFzaU16NVIwaXlBNjJlUC95VlhOV0FPZ2hIaEs4MlNtUmVFRFE5OEUvQ2luQ2lzV1duaX...

378 B
659 B

106ms
36ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3pa1X3x6em96UlZneGVoSmF4enZsSGw3b1VidEFQNjhJWC9sNlpma3RLMWtEY3krZHhzenVvSFFENWpHVkFlQktuSFg2Slp4SzFzaU16NVIwaXlBNjJlUC95VlhOV0FPZ2hIaEs4MlNtUmVFRFE5OEUvQ2luQ2lzV1duaXdPUFJUdWplbmh0Nkh6U1JRM1NIN0owaGN1Tlh5bW4vRTFNRkxtUmxxUkxMUEVTa2h1cEF5UmlsVE1rcWZJczhJMGp3dS82Q1hoZEZkellXcnQxaXJzdGx5L1FKNW9nc3VsWlgzL0tqZUVKandJczdoVTJVPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5add5d287e6b6f9b99b7f301c985443c82a183b9e769f759c70752d563c8fd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1410344
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=3pa1X3x6em96UlZneGVoSmF4enZsSGw3b1VidEFQNjhJWC9sNlpma3RLMWtEY3krZHhzenVvSFFENWpHVkFlQktuSFg2Slp4SzFzaU16NVIwaXlBNjJlUC95VlhOV0FPZ2hIaEs4MlNtUmVFRFE5OEUvQ2luQ2lzV1duaXdPUFJUdWplbmh0Nkh6U1JRM1NIN0owaGN1Tlh5bW4vRTFNRkxtUmxxUkxMUEVTa2h1cEF5UmlsVE1rcWZJczhJMGp3dS82Q1hoZEZkellXcnQxaXJzdGx5L1FKNW9nc3VsWlgzL0tqZUVKandJczdoVTJVPXw&cppv=2
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 320703
content-length: 0
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 80ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-10CQL436CK&gtm=2oeaq0&_p=1420215835&cid=1152857890.1666986095&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666986095&sct=1&seg=0&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10CQL436CK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 128ms
66ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1420215835&t=pageview&_s=1&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&ul=en-us&de=UTF-8&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACAEK~&jid=2102389980&gjid=1875067085&cid=1152857890.1666986095&tid=UA-109056487-1&_gid=2069587307.1666986096&_r=1&gtm=2wgaq05W2Q4KP&cd1=null&cd2=null&cd3=0&cd4=Non%20AMP%20Page&cd5=GTM-5W2Q4KP&cd6=1666986095397.lgfafc79&cd8=2022-10-28T19%3A41%3A35.397%2B00%3A00&cd9=null&cd10=null&cd11=null&cd12=null&cd13=null&cd14=null&cd15=null&cd16=null&cd17=null&cd25=gtm.js&cd7=1152857890.1666986095&z=1191553056

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
66ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 live.jpg
img.inews.co.id/files/img/ 41 KB
41 KB 194ms
194ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/files/img/live.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 24758169dd6ea3dca49bbacb4076ffc3b2448b50ed0c98cc7a10a167be0431be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 173991
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 41749
server: nginx
etag: W/"PSA-aj-fewYzPc9mg"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357471
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tevC9b19Z66gsCmduHkzHp0ooThapglIntoRDtH-zQZcRXO5U0oAzQ==
expires: Mon, 25 Oct 2032 18:59:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 97ms
32ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-109056487-1&cid=1152857890.1666986095&jid=2102389980&gjid=1875067085&_gid=2069587307.1666986096&_u=aCDACEAARAAAACAEK~&z=689731447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 19:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 96ms
31ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-109056487-4&cid=1152857890.1666986095&jid=2051690406&gjid=1755061027&_gid=2069587307.1666986096&_u=aCDACEABRAAAACAEK~&z=1811310577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 19:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 open-sans.bold.ttf
static.inews.co.id/fonts/ 219 KB
220 KB 674ms
674ms Font
application/octet-stream 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/fonts/open-sans.bold.ttf
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:48 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "61778478-36d50"
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 224592
x-amz-cf-id: -M5-8sgBEiPDWtuT3eE8zvJ3zaYE6hsktLBDFPEZeBY4Zi0iNFwY4Q==

GET
H2 200 widgetvisionplus Show response
sindikasi.okezone.com/widget/iframe/ 96 B
367 B 317ms
214ms XHR
application/json 2600:9000:2057:4400:9:965a:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sindikasi.okezone.com/widget/iframe/widgetvisionplus
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.9 (Unix) /
Resource Hash: 10980d61a054f279e0d593a30d004e37a24bfa1ae1130b766fc7138e84c5905d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: Apache/2.4.9 (Unix)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 96
x-amz-cf-id: YxLWJAdPZJxTSgenpsmog3_3NiKi1gQ23HGgYlhopd9zGrMWwBmSRA==

GET
H2 200 create-geolocation Show response
ntt.inews.id/ 160 B
593 B 911ms
911ms XHR
application/json 2600:9000:214f:4a00:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntt.inews.id/create-geolocation?geolocation=false&latitude=&longitude=&action=created
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e422403281420a90feba7e93d1f0466fa665920be93d27b8bac2c2bde5cddd8c

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: br
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f44OttiUK8WImmILDsDTppxxPYKYPMY5efliBPez-nJb9NBuvlB3Zg==

GET
H2 200 widgetrctiplus Show response
sindikasi.okezone.com/widget/iframe/ 198 B
467 B 308ms
215ms XHR
application/json 2600:9000:2057:4400:9:965a:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sindikasi.okezone.com/widget/iframe/widgetrctiplus
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.9 (Unix) /
Resource Hash: 84c7322f4f885921d401998ef0591b2816e1412d8bee03ba2e3bc10de8d94401

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: Apache/2.4.9 (Unix)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 198
x-amz-cf-id: RLojZZoe12fwToxRmmLMs5gf9srxY2q49Vh2Im1O0BOh0cGg2tFg0A==

GET
H2 200 vidicon_play_image.png
img.inews.co.id/files/inews_new/2019/01/09/ 3 KB
4 KB 517ms
517ms Image
image/png 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/files/inews_new/2019/01/09/vidicon_play_image.png
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8374e43ee6f7512f5d01e7fdf1b0110d754afffdcce407c5f6f78c287b88afef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 5410
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 3253
server: nginx
etag: W/"PSA-aj-SlCzXrTPH6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315357660
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QDEvJtQn4lbArosP1c7KUWumI6g7N3kZ24xo9wAS9EVhMfpv9YsKFw==
expires: Mon, 25 Oct 2032 19:02:37 GMT

GET
H2 200 harryanto_aryodiguno_perindo_ist.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/19/ 3 KB
4 KB 195ms
194ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/09/19/harryanto_aryodiguno_perindo_ist.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88968ee29b6ae40aa82d4a5fc20e3a7b3ac853c51044ac3d5ef1cfc90af7761a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 3914
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-2s3pZjIaxZ"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357563
content-length: 3516
x-amz-cf-id: xI7Y8MVQSay1FqDC0WM3nMgX3CGXBQqgMTjiB7q1_ndYDodoykVWPw==
expires: Mon, 25 Oct 2032 19:01:00 GMT

GET
H2 200 yadi_hendriana_mpi.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/18/ 3 KB
3 KB 192ms
192ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/09/18/yadi_hendriana_mpi.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 26f08a503e5ae3e0b71454740be5a1646b971c387d35660f6f0914159cd17724

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 3471
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-nZVaeBqKeq"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357669
content-length: 3060
x-amz-cf-id: YtZsJfmf-virifBs43kfizT1toIpL5VT0cXyn3Ru6b9hwQPwGB3ojw==
expires: Mon, 25 Oct 2032 19:02:46 GMT

GET
H2 200 agus_kristiyanto_dokpri.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/10/ 8 KB
8 KB 195ms
195ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/09/10/agus_kristiyanto_dokpri.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b105220d8c044084da36f099681f5558fde5163076a4e994e05fda234187839d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 8661
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-PDqmdSBvED"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357543
content-length: 8228
x-amz-cf-id: 18rA0osL_9206mZnxGpjgH8jM3p1xffwfpj7swr8Zz44nPwS81fXFA==
expires: Mon, 25 Oct 2032 19:00:40 GMT

GET
H2 200 fontawesome-webfont.woff2
static.inews.co.id/fonts/ 75 KB
76 KB 353ms
352ms Font
font/woff2 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:48 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "61778478-12d68"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 77160
x-amz-cf-id: 171vDcWGB5EaqW1KKGq9LwqmWrJjlBpad8fu8yadc5I_VWvWF2B11Q==

GET
H2 200 imageload.png
img.inews.co.id/media/400/files/ 4 KB
5 KB 201ms
197ms Image
image/png 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/400/files/imageload.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a1d9b56ca3fe9f2986f33516b17b42565d93548760107c2940ad38cfa53827

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"60c3deb8-229c"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4318
x-amz-cf-id: AvUWLBvMQW9k0his7Ik6gV_teb1u_gCqYvL3W5_30r8HZMeAZs0Uaw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageload.png
img.inews.co.id/media/150/files/ 512 B
871 B 199ms
195ms Image
image/png 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/imageload.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e5ba3f57c4b22922d41bed7f247fbfcd228bb7a8fbc575a0872114a1807d54db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 1392
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-klL7SA0ER0"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315354442
content-length: 512
x-amz-cf-id: C87cd9Hkcy1g8C1vDuKD7HrrqQtimM89NN5d2M8CCqJIw_PuZ__wKg==
expires: Mon, 25 Oct 2032 18:08:59 GMT

GET
H2 200 korban_tersambar_petir.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/03/ 6 KB
6 KB 544ms
539ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/03/korban_tersambar_petir.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a48720f34b8333900287903d50275de90ae3d9929e6d35ec3948089badb7258d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 04:50:24 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc86e90-1210a"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 5991
x-amz-cf-id: avOIw7h_FK_mtR1eUoYKPyu8SuWV1_NAjv5RP6v8-PlZEUr2vbMsrg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tes_swab.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/03/ 8 KB
9 KB 526ms
522ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/03/tes_swab.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b82cbdaa2cc09331a02e98cc02272b4c6e338ca4098abeed6cbc65e655d69618

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 03:06:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc85650-1a958"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 8566
x-amz-cf-id: p9x1MTqbzM1BndHm8SNgWPV3Rlv0oLefGTQ1gN1BNFmv4hPHxqzokQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/02/ 6 KB
6 KB 233ms
229ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/02/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bbffa7322a01459d23bac2cfca73edab07ccf4071858026533384ff4415797d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 09:10:44 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc75a14-5afd"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 5996
x-amz-cf-id: umUWfuPaJ-niqD0JASfI6uwr0p1Pj7DudV1itANlxdx894mQ2nq5JQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lokasi_dapur_umum_pengungsian.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/02/ 7 KB
7 KB 565ms
562ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/02/lokasi_dapur_umum_pengungsian.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 482f89ec31e57302372b11a3d7392ce139d9fa7e9b1148a0cadc0096d0547a2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 06:33:38 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc73542-13841"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 6681
x-amz-cf-id: O2xqLxZSZTDEXMDy56SBQCDIDmFPdgjv0DCJiKbhHOFACmO9h8omMw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/01/ 4 KB
4 KB 238ms
234ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/01/ili_lewotolok.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9474333d7aa7245993d7b1e587cbaa03f01caf631c11e356cd18694e93ee1242

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 17:20:33 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc529e1-b572"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3839
x-amz-cf-id: LhgM9Ff15xnYwPChV5VvcXthT-ENNkvR-N19ml6AnlWNJBYr0jeNTA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gunung_ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 8 KB
9 KB 589ms
585ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/gunung_ili_lewotolok.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 95f36d2c3212d5e41caa894cddd8aa4d4904f70b27fde249382cd641b2e483cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 09:44:52 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc36d94-2f50f"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 8527
x-amz-cf-id: m_z8LNKFF-CQOGztj5VPpbdKuL8WYeUZOrsT9FbT0au7EdqtHM8n9Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 7 KB
8 KB 607ms
604ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d47b4c2593df99176a3f38c179227f8d717f8809b6fa72af241871aee2cf88a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:22:03 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc35a2b-5c56"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 7615
x-amz-cf-id: 2Sd5EDnKNTFyBNRP1Td-vG2nIhHtJoJ_OLqwIfnDJYlPBUu4CtKCZA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 19.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 6 KB
6 KB 551ms
548ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/19.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1ea18d11886b00baca4d0974e5d4b057eb7a068f6c04c81aa6a0205894c5215

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:00:35 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc35523-7d43"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 5700
x-amz-cf-id: Bq-4ODVQ3kwkS-Ge2fCQbb8Oyp3s16ZGWuyGXeP-vICk6R_5VGeE7A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 17.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 4 KB
4 KB 563ms
561ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/17.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c289874df4757fcc9027ccbd38b7d7f7805ce67a37a048b86069089b02942f4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 07:41:39 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc350b3-3540"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4004
x-amz-cf-id: iZ1aBQUXPYx708lIzpj00rfaTg-0863ONGLzPhQ5p5q8hZDAIfUS6A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gunung_ili_lewotolok_erupsi.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 8 KB
8 KB 552ms
549ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/gunung_ili_lewotolok_erupsi.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: feb1cf7d72afdeb62e3a3973f203c731647a570163df294ce1be39443e8ccb7a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 04:28:47 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc3237f-13199"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 7736
x-amz-cf-id: _Nk_W2xnUEnj-KA3GkxtMwey0CvovqZdjBLLoebas1yY3uK5ZVY4Eg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gunung_ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/27/ 4 KB
4 KB 598ms
595ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/27/gunung_ili_lewotolok.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b573aeae6c5504229688d1ff3d72b734f1f5e146ec18414d055efe267f99c0bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Fri, 27 Nov 2020 00:55:01 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc04e65-f536"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4199
x-amz-cf-id: QiCzrM3vRM6m3oHJvY2G2svVA6c1ltreDEaf0SgVNJVIeYyv-vDQQg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aktivis_mahasiswa_di_kabupaten_sikka.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/26/ 12 KB
12 KB 581ms
579ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/26/aktivis_mahasiswa_di_kabupaten_sikka.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f69b89737fd40509b450eb354bf0e4778f281372d6504d30465a97cb338df8d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Thu, 26 Nov 2020 05:31:05 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fbf3d99-3220b"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 11814
x-amz-cf-id: gpcRMjeacDtBBeDP1_M3ybNiXNdSuCrSPQWKK-kEBB5d8Mut0FDLrQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6.JPG
img.inews.co.id/media/400/files/inews_new/2020/12/05/ 16 KB
16 KB 720ms
717ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/400/files/inews_new/2020/12/05/6.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 937aaa154deed9b1e222398561218f8fac221943d4c0e7790e5014d4e67288fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 07:42:25 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fcb39e1-9930"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 15944
x-amz-cf-id: O6ClEWBuv6RZw8w_LYAjwf_zR1Df3zdW17-y6nTXnEgSQ2EieQmbVg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.JPG
img.inews.co.id/media/150/files/inews_new/2020/12/05/ 3 KB
4 KB 225ms
223ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/12/05/3.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6639c89c562db38912bcc62216b60dffd7ad9c7b74b0a39636a531dc86704c4c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 05:55:47 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fcb20e3-4f7e"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3405
x-amz-cf-id: xxIxDCAd3QWN7wLYjXtJazNn0jcC_t81e_LnrV3SgJmXnpaGOQVSFQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/150/files/inews_new/2020/12/02/ 3 KB
4 KB 591ms
589ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/12/02/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f0a086c3cb3b3d4d09ae9ba96af6506ebebec54a7181ec8bdb23f2ee2aa31d0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 09:10:44 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc75a14-5afd"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3348
x-amz-cf-id: uXnOb6rpA5yChc47_s8xJ-OlR0TsxMbz2IpV1qBXC_Tt3GZ7BkejLw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/150/files/inews_new/2020/11/29/ 4 KB
4 KB 237ms
235ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/11/29/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d96d17e0808e153cc1bea4b5608862917b322df6d84d75abe13373596a1d646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:22:03 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc35a2b-5c56"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3872
x-amz-cf-id: 28YyDyjpVrfbkwRDzJ6fSdPJ4NT51DyqGUp4P3kNy-x0p8sfv9x1hA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 19.JPG
img.inews.co.id/media/150/files/inews_new/2020/11/29/ 3 KB
3 KB 547ms
546ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/11/29/19.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5722dd6b464726069fab1c1821c6681abe2a5a143fcd58fc109aecebdb44460

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:00:35 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5fc35523-7d43"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 2972
x-amz-cf-id: _d4Kp_BOZObs3miaCAbvhgbPpzu-1blp5N4NkMZOVQ7MsvhXWjzxOg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 164ms
95ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-1&cid=1152857890.1666986095&jid=2102389980&_u=aCDACEAARAAAACAEK~&z=14378892

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 165ms
95ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-1&cid=1152857890.1666986095&jid=2102389980&_u=aCDACEAARAAAACAEK~&z=14378892

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 166ms
98ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-4&cid=1152857890.1666986095&jid=2051690406&_u=aCDACEABRAAAACAEK~&z=1594350520

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 163ms
94ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-4&cid=1152857890.1666986095&jid=2051690406&_u=aCDACEABRAAAACAEK~&z=1594350520

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK affhb.data.js.php Show response
hbs.ph.affinity.com/v5/hvr_man_inews.id/ 53 KB
18 KB 418ms
143ms Script
application/javascript 216.139.248.131
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/hvr_man_inews.id/affhb.data.js.php?t=28919
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-131.aus.us.siteprotect.com
Software: nginx / PHP/7.3.6
Resource Hash: d9b79a57f428a5baf8ee33e293e29d0c80fc6bc35e41a7de31fd300043b35846

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 19:41:36 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.6
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/Javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: close
Expires: Sat, 28 Oct 2023 19:41:36 GMT

GET
H2 200 covid_xbb.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/24/ 7 KB
7 KB 538ms
537ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/10/24/covid_xbb.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 399df4ffb74468b7e1771d90241c65fa17b40df94a37414a4c86ef1a189048a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 7148
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-lKmi-b6psc"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357946
content-length: 6721
x-amz-cf-id: ZwoIkNBSNT5FN0CO0qLqxWYw7NwflAAc6dUPKfiNW7U8c8WkHBeq5w==
expires: Mon, 25 Oct 2032 19:07:23 GMT

GET
H2 200 nakes_lampung.jpg
img.inews.co.id/media/200/files/inews_new/2021/08/31/ 5 KB
6 KB 514ms
512ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2021/08/31/nakes_lampung.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 97cae52e82c98d08065ab910fab3cca6312087b28166c64e4f4835047764bdd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 5778
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-pXl1kU8VCe"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358464
content-length: 5398
x-amz-cf-id: jokgYiokV5fIGwpehgbq9_ebiuxhpU4XgGfWvYgRZdTkwRRrIlaYVA==
expires: Mon, 25 Oct 2032 19:16:01 GMT

GET
H2 200 27_marinir_covid__5_.jpg
img.inews.co.id/media/200/files/inews_new/2020/04/27/ 6 KB
6 KB 537ms
535ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2020/04/27/27_marinir_covid__5_.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 64d315994da14bb2f433e0abf69714d6ec19be4a4a21e702d51c6586fb10fce3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Mon, 27 Apr 2020 10:31:39 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5ea6b48b-14774"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 6100
x-amz-cf-id: OSpC00t5Pl5-kzQqtYJLhRNvTTo-Sd-F4UecOAMdQbW0iBnclsxLfg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 covid_19.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/13/ 5 KB
5 KB 557ms
556ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/10/13/covid_19.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d94a580a9519b03cb06fa57722ac3f0b81ac6326e3fbc64a2145dd85a0191eb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 5620
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-hOPeQBN2qY"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357928
content-length: 5252
x-amz-cf-id: _V3BAeL0POmGQFUNQPerYIQFAJLTEzolWBMFmtZpnIRPdgJyVHYMKA==
expires: Mon, 25 Oct 2032 19:07:05 GMT

GET
H2 200 covid.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/09/ 6 KB
6 KB 556ms
555ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/10/09/covid.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a9fccc53c5bbfb0423017d4e08833868354aa92e33b3f7c88f9b1e586de35c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 6160
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-3U_Ng3Bz8M"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358964
content-length: 5774
x-amz-cf-id: 0QLp2vA6b1lPJHuUi-p-hKQrSXkKwJ0dKXlsI-pIHEXUvnp9Ru6TdA==
expires: Mon, 25 Oct 2032 19:24:21 GMT

GET
H2 200 IG.svg
static.inews.co.id/img/ 3 KB
2 KB 36ms
35ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/IG.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 79e4cb833a7960f3d8c453e4f675bb2ca02c12c1bfadf0bb1c4b7f58aaf11427

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:21 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3840973
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:21 GMT
server: nginx
etag: W/"632193ed-d09"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b8q72mtJXw0ran5UL6tjP826FHDSdPka2-1LhYHgmSoS_q_GZUIxgQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FB.svg
static.inews.co.id/img/ 795 B
983 B 35ms
34ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/FB.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 55a0bf1642d1bd7a234f600647e44646e616fee58bb74db6a7796555e36124bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:21 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3840974
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
etag: W/"632193ea-31b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A2iAIGbaEI4ldPi_k7_oGtqzbl1_9MFQRv0HcT9v3_UaQTZurxP09A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TWITTER.svg
static.inews.co.id/img/ 1 KB
1 KB 36ms
35ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/TWITTER.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d0fea9c53e716be3a1533132706858c49afa9386dce14c34e602634de7e5fb13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3840973
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
etag: W/"632193ea-5ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nli7ddEsAXDiArBZzfxEnXSLqcoCj3LzgMg7osFo6kwOuykKEmmpvQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 YT.svg
static.inews.co.id/img/ 1 KB
1 KB 37ms
35ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/YT.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 662ac00075123b7f5d3762d2b99737218a4699a7e930071535649b0c03d992b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3840973
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:21 GMT
server: nginx
etag: W/"632193ed-4be"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m459cZXG0w-NJEShp8tNNRWy4gJ6nDKuWnKeQcSHC6ViUq5pWN8lXw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TIKTOK.svg
static.inews.co.id/img/ 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/TIKTOK.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 58406bdb89d442965b8ee73be2adfe68135734ce95ff80839130c0db7e93d186

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3840973
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
etag: W/"632193ea-787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KjeaNe3s61zjeb7su9v6I_WwXhc5d1SJDXtilYvY2aASVEQ93uV6vg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mnc-portal-2.svg
static.inews.co.id/img/ 11 KB
5 KB 40ms
39ms Image
image/svg+xml 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/mnc-portal-2.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f089ee5ec465c07bbae50fd32ad44489d511bb66f27d1c166bca2a091ea4f740

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3840974
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:21 GMT
server: nginx
etag: W/"632193ed-2ddb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eT-SsjLVsBNcK3E6bBUAbhIJNB6OUUNUzI2lAwXEOy8pNHpmZBEmXw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_20221028_215446.jpg
img.inews.co.id/media/150/files/inews_new/2022/10/28/ 4 KB
5 KB 201ms
200ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2022/10/28/IMG_20221028_215446.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1b5849b2b7261637d488dade2254dd3cd72460a42115f20a05ac2c2d91d6bd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"635bed58-196d2"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4471
x-amz-cf-id: krq48hEvT4RBkrnE8rRWQj89FfiZ0zUqFpjJ3oc7J38rSVUPC8wfGA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 johanis_tanak_kpk__1_.jpg
img.inews.co.id/media/150/files/inews_new/2022/09/29/ 4 KB
5 KB 525ms
524ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2022/09/29/johanis_tanak_kpk__1_.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8eec4c634ff559c18a211db765d67d4a3a99f7423aea7ca2e2566bebc9f43b73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 4657
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-AdBvkAy5QU"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315356561
content-length: 4273
x-amz-cf-id: Pq_tO2znHRcmoWMWmrnqzBgDV6uLpOJ9ahaQ0h60FWLNoH700pRVAw==
expires: Mon, 25 Oct 2032 18:44:18 GMT

GET
H2 200 kfc_dan_mcd.jpg
img.inews.co.id/media/150/files/inews_new/2022/10/28/ 3 KB
3 KB 505ms
504ms Image
image/jpeg 2600:9000:2057:d200:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2022/10/28/kfc_dan_mcd.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12c3cd78874d03008bd2d81d65b41c683e18dca113e63e38cf690e97033f7087

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-original-content-length: 3471
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"PSA-aj-2zMyX4CNmo"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357476
content-length: 3045
x-amz-cf-id: 9J2qmYVRlARc_BC8aZJEFybXTiVdfVjI2qS1ouP_Aw46PHZkZ4fvRg==
expires: Mon, 25 Oct 2032 18:59:33 GMT

GET
H2 200 footer-sq-top.png
static.inews.co.id/img/ 1 KB
2 KB 35ms
35ms Image
image/png 2600:9000:214f:a00:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/footer-sq-top.png
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 967b13c657d05d28926c464daa81fea65e885b115c26b68e144034398e41f5ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:12:19 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 4940956
etag: "6310cabe-54f"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1359
x-amz-cf-id: legb_29XoWh13qZpFiHMdOxPY-JbIvvvwIfLmg2w_hvI-BEJIleBng==
expires: Thu, 08 Sep 2022 15:12:19 GMT

GET
H3 200 container.html Show response
948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0017 6 KB
3 KB 125ms
62ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Sat, 28 Oct 2023 19:41:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F988 6 KB
3 KB 119ms
61ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Sat, 28 Oct 2023 19:41:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E82 6 KB
3 KB 114ms
59ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Sat, 28 Oct 2023 19:41:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB63 6 KB
3 KB 117ms
65ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Sat, 28 Oct 2023 19:41:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 84AF 624 B
560 B 140ms
69ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNUS95kojb41EbV7HVWm2qDDUZPVppb4m57etSJRwRYwhJ9NHtHfvRrqFDzUEQFzN87irYkRvTi9IJUkGGGblhM6jLdUzm_1L_MqEgJVqFRliufkxSLpi-XV4b6l91-RJno82RuPAjv5Fub2c4Lh2KRSuIk0VxmaBg6QZ_Rr0ZsCSeqvWTw

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:36 GMT
expires: Fri, 28 Oct 2022 19:41:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2E82 80 KB
34 KB 174ms
104ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrEE3vDwUhK5RrVzSiHini0FMHBPnhn3ajRgNjLaolfELIcwPVkU4j8oNzIvMtqXEOYFRTKsXM8X1--ttBilslB4fLSw&cry=1&dbm_d=AKAmf-DMf6nD5bgWr_3LN8T73RK2ENIFnr2HoRnkFojufcCwCnchu5tFH1NQ6ivKIMuJtNZ4W5zwpCyDgmWqd12vlIODhFqe00it5tPWy8O8Yq_gCo1EndEsHFI2FLodkYkGdESE5J3sS-sZ5hZPx4Lsu791zT4Y1ToEn8dUPvWruG46J4-Zcm6iZ-FL-DweeocvFAB0p1f01jCRpw6Jrk-eVZb-0ku0MV90vT86LLNpIx8H-vTI4xE--QfxYKld5-0D6SedC5q03_PSAhLSDLnn-cuPkS7GHImvpVOFc-Zof6EUG5Sknm1afKRWKA_BqZqrok22GrIATWLUP_iyBiP0KaYXlPW_qzh0KZpBivdCQUmfMP2BV9x6_-IvjlKjbOwFuHSfW7i7tCO0ae0LvWqC1ySumKsJDHa-U4sZlbEDdD2x4Kh4qTcAwLfuwON2cEQAMttBHZDh11KWIXhec2PBaFInYiDbWlJGML2aefcFyJllZsNlwaFaKw4yQRgV2jMatlA_g013PGwp8bhQfxyl-P7Q5JIrHgh-iKYcBEHCRYDpmqb2MA_z5BhBD_Rgdxs0K0aLCowHXBPHmwbAQu2dLioB5X1oDRdQ9bIC9bQwyQs0m6XDGzYG-WZk8kyVGM7MxFpMTPM4lkM5U6Ogq9j0SRjC7k5DOASH7kmBHMP9NLtrNpRl8rmLfHHjZDtPABa4L79X-xYswjcreglHJrE8n2CoxJu_P1uC8PKGRUiU5bRHe_KVSA1VSW1chz4G4Eak-ouoZcE5nmSkMl0jgB89fih5kZCMrvxnuqs5ECNGb0FW-JOOOt-qboZn5My-mGx-cXOE_yFwQjPmN_nf36yE7YnJj6M6KBI6p3nWP5W0TmulHPKPXl9wV3qiuIcLSX_Rdzl16_uZ_43b7a-a1gyjbL4uk5-cl1KZdwkak3HQeDuyOO9mpTrkDPljQLdCb6t6f5ZtJx6-wEfd0bh5YAsK7h4o8aJa32OwkRy6uDg4p6PDai61QzNuoCtLrRq5MqPW210S6CBumOEJqgum1GUjbECHY_VYt08q9_nlbuKQl65wbE3k1NzUQxdDKFwVNzI9uypY9TlIGmuIjCg45GVu2cI6cC5lCm9B0pSe8S8-wXJ4Ca3nNehOmUmK9qUs-jXlkZgJdXHWAAY_ZuJ-IofFM46YC2DJU26jPLmRASXJ-wJfBC-7-TSJnqbIWSvvfCik7MekTOMa8ALQKv_VwA_PcfUhvtSjFUX4_XsZROina9uEYGvl5FASzKqRb1VK3gcqLLP5HBEBOZEWpjmxzKoa-Xl5Jyyb7pvj66-LC2XRmS3DR6s_g51KtXLum2mm64o6otLpZAUoCOQiLoY480IvHjpAt8VvDOysCdEVcJK3h3wS3WCg_xvFfL2omDsEDABPkpLpEJ4SosNX5_KEQjRdU7w_gqodxxRhSFELyGRpnwpT4EEB5mx-eOEP7-Gqx17c-WAffV8cER1-Ao9z1kaHcOH3R9-XzM8U1jx5fC-pJsH8RbYxAau78SK5LosNvYknmAs_h8XW2U_Oskiaev2WbEg07P-m63IawRxdTQCMottOLSqbuLBZ5w3IhyYxurvudFYu-fr7BoLG4-54FBo7S70tdh7yQXETpdPc3uMnrW2G2K7jZ4K6p50H1pJQgJPEaDwep2yVuVEQ0Iqp9N3aH_-Sr4WG_vuBm3dfVgDsYHmCqnNoypYLTDRlhgN1P7uBKjvWvfGYbG3bLMlDpG8FlgmFJV0hnbEqFm3erbDe2TcHaPtC_KinKTtJdLYZaw00a4WowOA-P-dDL-ybhStlxpDQGvhKfFQsnlGvHIO5QpXlWG6tLs0Ia8-7P9Wochj8KF25Y6otF0asFBQGkEgTDEQ4w0CXMPPDK-ReW_FIfNm5ilfubh5sHbf6Pr2DEDN5lrodOZF7jA4wTiG6lVqHnMK3MIgxCZUGltocFRdXP4jMTDVOSTKcBH1ZjRwta9xv-iSHC5BDaITfiG1I60cY_8kA38iTft_H5S5cYjMrqaXC8CF8KBEhjFeIW-h77qUU6X-SYK-VjlLEx3v276kWK8rDjxKqk6H86LmaYPkxwRS1OfSn1UG66vPv5ZeozJZ13r0u5SKag1133uvUlwyqvhUZ7FYHhUbd_d6_f9jitnWlGZyKj3cKWEtc7a1B6e4J3oA22bqSp36n55VLSXUBZtk8k36pW7z7eBOz6giQJHicAlHGSMDanrHXU5KXoLsbzrgJ7R_TeiXfkj_jt6Pwl_IrLaGhJpkvYOUCfoIzD83LdZNsZIy-neRE-0wRSpKHoIctqgKcAw7tXYiTxXfGf6rgG7p4293ULgRICjH_i2Gq6q2vlRf2xBnX2AlugdsJvp1DR5Bq7SW_GDvpPaMLCiv2_0lJs2CfThb_Z1fzjcsKzSnIw4NbSMIKsj7sM0BxxrI--1Jl1nt3X7Zb0Bbsj--vOmc5ejRhUp2geQFI8Gh3huenLgQlryf5tAnO9HMZmqVH9IdvBKu-SrxxKyCXqhMAqQteIdPSKUdzYMFtJAQI7vyVk3NfxqC8sD4mIfnxYAFoZ0izrWax0uTMyObL62Lzco_JkW19RN98e-lQU1fbNqleNh2G5VWDJ77p8lWaC-3tR81n5V7myFCemXWd558OWDwN8ju5gBxpl0qU-hQBwqJM0oFgTQoRqZci9qBYqvmCq2lE_tZWo4shDQdjdrpNH9dSGW5Zutk0lPmFC7Z-wX46UBCUF1Vsukl9WbhSMeQiJ6wO7fNUoWbzazw2-2ADLtnpYB_23xnoDgKVphNzo6PzMbInfwTM9trvQmHKkFNNPweXomm5y7BRrc32HvIGQkZjgUuF86b5SUbTchxh0DvVm5Uid1m6gupeKe4XtcF4FMZEGu3aEKCwSwBd6BL3p24Uwm7nNTCNfKzCoQxuwCrmjcBVLSRXrS1pHZRJvqtpoXO4eeR1zKwrqcbT1I589dsAhZB7pjy1FSqpaR4GttLI7D5elENaMGqTyWq1-K1kWgDZGkKACv4Jjbl6eAIsB7LQisPMRRZ3nz2Isug4JqpGgtm0lbWHUxqormP3YFzPYLf3N6HXGwNReyjduzZ4wr3EyH_6ZPYmzSpe1PQz9RqEUtZX1RHfAs7Pi75aY8Ccnm_kvIgSI1eiUb0UGwEbOyDZDoFahIyJiD3At-WceSO3kXAqAxjJPHPW1TZEifCFOgOddUyyBEX5qloKpnWAleIVd_LIEHw38jJ7-ZUyTBBMo-A&cid=CAASKORoYZd0cg9s1SvXDVTo5R69AS8dWmkZvpJUV8XXLWRS0CFgstVufrQ&rfl=1%2Chttps%253A%252F%252Fntt.inews.id%242%2Chttps%253A%252F%252F948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba6249673e2c78e2f79a748fd186ac1fa14b4fd389996d108f808509ade07608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E82 42 B
107 B 218ms
93ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFp19GNNMVjIdYrsNloLxfl2J84wZlz5r_GZ1_LCg4W8m3wQTuBMDwixLD__1yL6NzoegRTYffojBlr1BE-IOCZgcfnreSxr4E18EQ7dqNq6YtuZI

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2E82 3 KB
1 KB 201ms
130ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:57:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2E82 17 KB
8 KB 129ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E82 0
0 133ms
65ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbbYcMlqBAUni30N5cYxhNI8rVaI401Lb9qvywPaAeNjJN6kkyXNCMzasKdFQICrbaJYHptW4I6L1KP7qMeD0_yEE3_Q
Requested by: Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E82 153 KB
47 KB 203ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F988 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMc9GbzBcY4a_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgTeAU_QyQjFeUeskVxDuvzJKhAAtmLGbnwk1aqa1ZouG1bFdX09nIqXr-x_vCO5XUxY-aYKWlX1zra4qiBt_bC1wEk5EHp8VcNr08HC5iMIyO37USpLylasVMK_dxQkpR4a1-rKs1vXcmYhb_0dZkh1pKuANMagIzUc0jHbGv4bUbz93uqCJTYxkG4_7yHBtwP6M0p8BTw_iSWLsx1kjG0V85Jac__PH-PMKemszeYydQ_PBb_Fn4e0KlIPurtiztHtdEoOi0FcPTzaTu-8KvUDbfwguwlP6L7QwCoxiGorr-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgzMDc1OTgyMDgwMTY2MTkYvZwU&sigh=BAym3qU9wro&uach_m=[UACH]&cid=CAQSPwDq26N9jmqo9Xk6vPA53JQF5Tct9mnbluj-PHYpAndPQzJfcWme__zHcN0LrnzgOt24vHgvliFWjFDpIuTouxgBIBM
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F988 0
0 114ms
29ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ksr2DvrMCcoHWp2DYgICAAAArGhSEVknHWOG71MNEG4wXGOKqCT_axYBITbr7gASAAA&wp=Y1wwbwAIX4YEpGocAAibb6kJjXd8tVEwHPWpIQ

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 215863
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CECF 168 KB
52 KB 182ms
120ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1wwbwAIX4YEpGocAAibb6kJjXd8tVEwHPWpIQ&u=%7CKtJnaTr726srVDjJCnRxLuqnLoky%2FIPE5gDEtO8hVkk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2SzSLlBB7lsytc1YurNbrpdJp3ws0ThrWozfRpw92iCj4Yd9XKPyQeMjtoUArMiBW2Z8lwEqI8CplMXlKtBK09669YbR6wBFD0KQhsuOXFz2NwBYFyECB9SilVXHfygETUVLbiEb_LmPbScpk7gEYid3fL82DjvRdiVb-ETZvMKLQlj4LfZavLVFV5KL5liNuYBnH-PZJTi3tQ8R-j5oqzN4eu4_VJr-nTyPG2z7KdL-55F_eAQKmc5YAoH_nUEVV4olJqbHcCoo8fPrUKCc-7Nv4EgGl8_t3oU_-M71Ay-UFNP6BF-uluCrralsHWy7yLDvmJLTPioZ3TytzIozZC0dwMNqrZ0dpvdPWQqtaCj1mjQr3SmQ8ib4n_mRvhz1uGMYiEf5QrUqC3JfpPgcYBn4x_hG03o15atdRPcdO6-9OS8w3e1ku9O9Tl_BvfeX_IATbhPOVZRLUstw6Ch95TwSxb2_fSAV9uJY-saB09W8FQjBdL6INSXU4g7Hlpxxy66TUNPl7AJ7FrCp5ln5mK0jt124PG40_M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM4owbzBcY4a_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgThAU_QyQjFeUeskVxDuvzJKhAAtmLGbnwk1aqa1ZouG1bFdX09nIqXr-x_vCO5XUxY-aYKWlX1zra4qiBt_bC1wEk5EHp8VcNr08HC5iMIyO37USpLylasVMK_dxQkpR4a1-rKs1vXcmYhb_0dZkh1pKuANMagIzUc0jHbGv4bUbz93uqCJTYxkG4_7yHBtwP6M0p8BTw_iSWLsx1kjG0V85Jac__PH-PMKemszeYydQ_PBb_Fn4e0KlJNuJrwSV5xZ_WSn-KMAJoiR_u2nP8tdX6UczTpGgHO7DK0Iu44EI0SUeAEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sZF8U3lNqYFc1Bkmu3oik8Pxc2A%26client%3Dca-pub-8307598208016619%26adurl%3D

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

004df7a63391acd684396fdba7c360490ec8e119bab45eb2b8b9f2b27a4f9e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TUhQCobv7-4v4DY9O9yVCCPWJYMDR8RxlwivfIjINGYUbIv8YxSNTyUGZKmnQWhtGxVSzVbGreY8ycGV9bB6A0jhj1BDmmjhSF5IFnUnkm96EsZszWPQ_7iqCEBSF71IMu30qBQIWQ9TDobavZzcLMC9jc1k0qJCkNETTcn9K3ObAwIMe0ZDvFCYx59ai9FD4ji8sYjtaffuMTu25UQ6zdRwSghcjDrcCf1vK7xv8yIxTJiiDLCJUIYPg40aM1nc8_ttxQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 93812553
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame F988 3 KB
1 KB 195ms
131ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:57:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame F988 17 KB
7 KB 125ms
61ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F988 0
0 127ms
67ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0JlybnO5hdzuow6XDEIlnLfcpx1mLqcCAPVGRObb2D9LQ2VW-OaZtKQ737vFI2mEkydf4TRImQIryEXt1O65WCDoj6g
Requested by: Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F988 22 KB
7 KB 129ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F988 153 KB
47 KB 218ms
107ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0017 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIoDabzBcY4W_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgTbAU_QalW4IGb5R7R1rL6C1d_fAbeq6PM948hreiV1GqwS04-FSUGazRNd-aT1mLFQqpEygjCMinmOgRvBjsw2UprD4f1lwkTibWueXk8G_uahbBs17XqGw8-hQ5cuFYw7h3u-bbcbQWU9ByG-qKI16cTtg5jgsTUCXM69rj-nbxci72tnihO2KzKqRCNqTWHgUUJqQJ1stQY-vhZhFW9KF8RAMKqKMmpr6cxQaexd6T-pbMhB76fyeXpet1Pc2h7FGuplDzIAG7zBFPZcDFyfF_xleaZ5ESGFaofhzeAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMwNzU5ODIwODAxNjYxORi9nBQ&sigh=kQfch-CMaJE&uach_m=[UACH]&cid=CAQSPwDq26N9jmqo9Xk6vPA53JQF5Tct9mnbluj-PHYpAndPQzJfcWme__zHcN0LrnzgOt24vHgvliFWjFDpIuTouxgBIBM
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0017 0
0 111ms
29ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kuOtFPBB2AVanYNiAgIAAACsaFIRWScdY4bvUw0QbjBcYzGIFvWDNAvPG0JAABIAAA&wp=Y1wwbwAIX4UEpGocAAibb3t1Rd7667nrC4YmHw

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 301663
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FEDC 46 KB
18 KB 90ms
32ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1wwbwAIX4UEpGocAAibb3t1Rd7667nrC4YmHw&u=%7CKtJnaTr726vgWOKjIMcHQH4F%2Bhxx2aszIjDOP85D%2Fkg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmcCv0AOFezvAr6tW1v5O9KJ8Az8v0Mw07aR9f3-gqfU-mO6Kn09kHndez44dea1wqf0GLQsNfOv1U0f52Mkl-qKsfFTc5Yomn-mzwJMXRrMutluuqUcGsn__2WE74h1Ye6Gg2w0xbqYSN4fIFjb97LBMPEiXJxZzQeZuRFgABH6jfqJkEfZcJ7KwMvIzy5VoHnAUQa62HMSeesbwc2PfzL7OO6-nEu2Qc91VMm1b8Hb0ItCsXs7_F-g9DCY_Eawc0ZG_Fz1IT0TSg9YeFP0u7yHsAuV8Eg4b_QwDVbLMH2hJsAm2--7T90Z4zwexr31t_7Lt3_0Z0Plx2hEacz1yE_wpe-JUWWm2NtPBgRA-s64X2oRm_aCzNl-8BD3TrmzbUONAOjfYRBfKrg8h5JQ4wvo48W_PexBgf8ywlI5wdjoHNbAqpv-huLj3ukL-tURcICSP4fYvaiqxfWIg7jN1lZUrBgSLYW62G8JNnmwB6q1DornhtcVUVgddYzSCxDmuggdMVLZaTwGGppTk8Mgl7PbWvbtACL714M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV6kPbzBcY4W_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgTeAU_QalW4IGb5R7R1rL6C1d_fAbeq6PM948hreiV1GqwS04-FSUGazRNd-aT1mLFQqpEygjCMinmOgRvBjsw2UprD4f1lwkTibWueXk8G_uahbBs17XqGw8-hQ5cuFYw7h3u-bbcbQWU9ByG-qKI16cTtg5jgsTUCXM69rj-nbxci72tnihO2KzKqRCNqTWHgUUJqQJ1stQY-vhZhFW9KF8RAMKqKMmpr6cxQaexd6T-pbMhB76ewe1vMMNxAyaFZDkm1MpT4EqjLovxyFN4r38HDixlnPTkAwAPyckdjYeAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1TLS46dJYRG2ebQH7YLXPtFCWDSQ%26client%3Dca-pub-8307598208016619%26adurl%3D

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3886d733935925b50dc10065ab88c7addeeaa6d04368cb0b3141163c23cd9f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XzIfIobv7-4v4DY9BHsis4stb8Fn-j_AeT5Yfhg_bPRn5yIRowGPY6m9DxNOArHRGN2oq4m1j3dbAHtBj2mFjPwJrRJgy2bP81OQX_uLm7Rs-n86ej43MuvP-Auu7tbLFnFcjbwTCkjVsPEgu9c7ezgC9pk2fjPvwVy9ctjXNBh95jtoSsYhMnXqLwTnzV_vjTR7r9J3UIAMeD4d8YikDMfClrRoLZtyWLRJ5OKRulGxW5ukHQyvr44GJ0nZz9nyggBJjg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4073127
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0017 3 KB
1 KB 199ms
139ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:57:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0017 17 KB
7 KB 149ms
89ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0017 0
0 123ms
66ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWIU2DKZ6h6wNsagQslJWq9kU1LC_5GMms5onuWgK9Wa-Q44Ujb_XRLVxy605mgh2QSNZ1_qQL2PknVhZeIcTTElLZPw
Requested by: Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0017 22 KB
7 KB 178ms
118ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0017 153 KB
47 KB 267ms
159ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4814 624 B
975 B 125ms
69ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWRsreNSVyx94lboTpKiwPjPyGkWA9XmNVD3-SHczw6R0DEwC4tksohkUJiF8-KxQJyOJn-WA_JTQc5s47NS5wt4BNk3_k_byLSXce3b7oXQ4GEx_QOM-qpzHs92ZFju7KS02kE6MI371tbF5NlXWIzI59Vpg2jEdX_bufFJXJ_yCVElcM

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:36 GMT
expires: Fri, 28 Oct 2022 19:41:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EB63 80 KB
34 KB 151ms
95ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgOlgm-lgyepqrvzZKiBEMR7jBTfi3sz4OTL2AWaVA_AA243RZi0eH1oQSrtTFmSK5EbIKxiY1n58ki2NwDiBE7UZNWA&cry=1&dbm_d=AKAmf-BRiIJVyKdFc49m5zApruxtNvPWuX_Dt-xvxXZixxbtWR_6boEyD-IlU-5-KIe3aCdQ98gvt3_zF86hGKLR7Z_mUulThGdB88C_yogNfXyLTGzcdCs8oaqtvcnksU9X4SQlb8t3bZJrY3nGAim-Vln_tNlPT239m4c3dqIa6xY-ZGYb5oTqve4Js6E59O41g8hgyrEccHg5xLGubfWiOteLEg72a7axzme5zR8kx6yvEUNa_zKTpsMe1g9wjjxsetwMbSq8he0Dfpf5oO7X1HWDK2f88UEezHxTR3G5WgdUOl6UHIaQnJW_ZL2rCazd4CRkgPYS0aP_H29tF7yI_ojhw9DP5jHqwa4BhrVv5iY3I9M7Zex7tojD2tJMxmwbGC9Qc-kR34CTcbre1vgAN-d6layJw67BFn5RYXofyYwgIzctHHJPMC4NcCS6oo3HkmLiWN9twz1Sdb9eUmrIruGsE0j1c2yx_Ehv-qDZ1vbl4da1Z8VFwnJk5ZEDNb_74pBxpUgAfeI341FTrYi8Yk4X7CqTJuo_NUv-1QcTaj6EuPS2gQSNi4SXJaDA-LCozz30mJIYFHn3jjxTEOXy5-qMHJJYtFMYgFxGYuwgtPJy7DaRwvHJ9HTFlD9xloQfzUXnyAe9mxgYYi2e4EPUzuZZKHhThF8yD1v6yA0nwUH5cjK8hJKTivZ-0vJdGc_cZyfVDGcb0pxTgu_gE8gjfKl6hZGh2slRqrJkoaIKtaRqwKnL0i_bJLeKj_dmJFKO9ACMpQKP5ZZq5dvfocOFUPksJz9aneOGfUAAbTt4iIGuA_iHyAtMj0N0LmH7X8VARMxejBKpLNUTRhhbDkB3uJOuRiFbf3ESYaIxCqIwyrFUygjMNcBwpmGiV1_pDhE01DqPgy1a3AoDbJm4ufpiFmv-XD_HXJnoHZMbyDdp9922DRgiRy4c41qOYL7RW0G8cjm3V_hG4po8nFZXSv_Y-d5NBLyn9JkRB9pCv6CvQvWLMYkbvGxFsH9gs8bdpJg2ArYi0JatItDiDTmQj03XdcVkGf4Ff_cBdsoay2Jgo14H6CbAuwqlb2KO_RNu8uP52x-eEV3-hrngr485ZHb9zs14c0PyKH1R5Pv-gIgW2aG9vj8SjnjBu0SaHmyAaVpnN0skIdPBScqjCvTM-YK-65kbW_UQZCzHOrNbrhFzADAzEzTt2BXIqAsdOyzTDGL90jb4reIXsC8hYp85eeOjcvfctyvmh5imVK7IzCZaZbMvRWpcZpm3ELluBZWvZq1ykiPU00J4cJiBXhx_3Q-V5WKXE2nBnf-prtIIaE67pqFgqfqNc3NQ0DtWntN3xTF_83W4OnMCSLJF0QECfAnuF3aoqDBbVrpkZ2WvewtaV1cg8hmogu1n_1YQ457jDLpj0hIIsHmSTHu67vJFvAb4vaz-mSUo-FyRmoSgn1sC71Y7ayRH0iuekqfsdEuvPE0D9_0Xwvr1j9TdqqZLxsTozK_B1QNtgMN6vbSGq2R4cxWUJOAToqT2dXQ7TdVKgN9xvUKqRTQOi8kCs1sG26HQ-JiXKuzEruWSmrIxQTtv3fRC8w4z3mJprUvFMnVfSs016rCkZsothioD7l8i2m94yJvavrNjAU0OB5Xx2Onfd1wsmW8rpoWxozmWdhPlkSf-WK9Z0AHvTzQ3iBfQXQkP_kyYwyD0CU_YASPnsMSs2xkNwA9yDKVaSn7Be79qs9-nt9PQGX5eTJzTR2ow5OHzpxkowPHoBdcitdlwGh-IiqZiXO_RLjIo7B8bOVPOTzDcrbhqL96iXkiRnOAyDkBUZyxaMsFb8u0yKewQwWA00tosU7emgJ5fmCHzPPOROpAs1UrJtBlwTn79-G2cC6jcJMnY73JOOlmEsZ-h5KVUVlfbsoQCuXraYzZAcd0s7fhF6-wVc1Ek1aXYcZuZtf1ueDtHXG7MyHeSbkfOfjZkYtF2-IGeQmwT5IyyG7e2k2RwaYi22R5kH_VSo5zzR8MORM_QxBIJNitPrHp1GXPLe0QLT2bVV0RF3UedzpzgXhEyohynsGzEyY7I7GK9WQQ8G-sjDdS2B77PsCnDPv6VflegY68C2l3twLGxBPO88g8rzxapzthJvRrTt_nwOy8hSB957xpQiauuZBgObdwMbrdqWwFPM0Ab9v0_uDrJHiUlCsIfWonYA6u8PWtOBthmZUclKm5Ukz4veO5aUEcYkOLdac4sDygX9iHWMjkIxKc1rcEUh63w6VMhR6BL-hscUeicfCPukUGCUDIevcUXOco8lUW9c0DbmrvS8ip9rmSpz3adSlxJ7CcVoJ10qHNMVj-06XJifEiqCyjZ6qGmVuUh5i1xJuIllqhQLJqTkgSBJrif2GCSrALKB_8-nE_zfaNWuZd2zvQNG_Ggwq0PAFF0v6Mw4tDPMMd3MGYTVbFbgqNsiXEWiS5VHf-USZIuRi3FerdrXS8b0pS_71Te6IWr6nXE9vL-N_yhSvOa-4MatRI6qsq7lJJ7lMt5QCkgFIFcWakBXwW3DxBNuCsw_73PkbsX09mkEAOAFDE4Pori9QhGoau_S8pL4kLc5uVC_9U6kWVp-bqiBQmw_6nZIy8WUzs9Uc8hMdLqwjVxkm5q0P3sagXldGVFsYvq6Sc0aw4i6Agswiy-B9bhYxrnSfVWPzl2nXeiDdfYKDaarVAjNE4phKIcbwxlDNqXafZmx4jGXJ0HYKRI0HqJycwaRWtxo62_VfWUwnhIKtKgA_kTXP-lpzTSBJwGYKTnBOY3syqlPWqDWkV3icyn8UOwii6_7eZkyEqi5ELH2VStXMSPVuoQ9KVjPsHne_Dmqa_uRL2PSmgvWQwayYtMG8AkHyVLUf6PRubMAoWkS_vt1gxf8N9G2nRcYp5RbDYmzD7nqKLdTE1pLsknnKGvFlscm9O4tMZmDBHbRpek3LVGpPCbXxeyreAvfm-R17rqV7Hy0GSlzjViOmbeHwQBF1H5FzPJ3R0vg1jvel1KqmSvT4n6YxsG133eKZUTZMsKczIZ_S40YIvbEmSj-wFsP7DPJhHgd6PZqvVxRtYImhDIWZHp2YwAiwUEnYZlxbEKCdbutHPlfRdILxKVwPV6dl_K9qsadkUI3drd7rAFBhzTVh61o1OZpwdxxsKCLHSVIShCu5nFh23KO-eHCA1f1dYGtLTszrg9QCXHQ4RVF3V9jfgspgAjFjqecUG9orH4rRWrYJfmx-_t-A&cid=CAASKORo7MUIoh_s3xf3r_Ri_rePf0MbgUFWhqSWpnM_AUcnLmDqhu8LOVk&rfl=1%2Chttps%253A%252F%252Fntt.inews.id%242%2Chttps%253A%252F%252F948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fecd547b9fe117a46b02f53ee26b3bd82817b2a6170f5c0d454bb9c5fa3fd425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB63 42 B
494 B 203ms
92ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwWcqGI9X1ztypKGYWn2Zrj0mWc8rNTxlGu35AXFuhEu0-6HO0wejdfwzz6kKWNt-kdQMP1TOP08L0sUMaBvj8e8KwMy_I5o2xjZj4XbvnlLWaMIo

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame EB63 3 KB
1 KB 197ms
140ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:57:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame EB63 17 KB
7 KB 186ms
129ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EB63 0
0 120ms
66ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs84KjOOr5Pz_cB4sY368qAE3CYWd6dC_q3GGGleW7UIaa1pNlb8_gn3rqWxs-b-u8KwBLdUnaZNKhBvNDsFyOaDiDgQ
Requested by: Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB63 153 KB
47 KB 284ms
179ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FEDC 2 KB
1 KB 134ms
73ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1wwbwAIX4UEpGocAAibb3t1Rd7667nrC4YmHw&u=%7CKtJnaTr726vgWOKjIMcHQH4F%2Bhxx2aszIjDOP85D%2Fkg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmcCv0AOFezvAr6tW1v5O9KJ8Az8v0Mw07aR9f3-gqfU-mO6Kn09kHndez44dea1wqf0GLQsNfOv1U0f52Mkl-qKsfFTc5Yomn-mzwJMXRrMutluuqUcGsn__2WE74h1Ye6Gg2w0xbqYSN4fIFjb97LBMPEiXJxZzQeZuRFgABH6jfqJkEfZcJ7KwMvIzy5VoHnAUQa62HMSeesbwc2PfzL7OO6-nEu2Qc91VMm1b8Hb0ItCsXs7_F-g9DCY_Eawc0ZG_Fz1IT0TSg9YeFP0u7yHsAuV8Eg4b_QwDVbLMH2hJsAm2--7T90Z4zwexr31t_7Lt3_0Z0Plx2hEacz1yE_wpe-JUWWm2NtPBgRA-s64X2oRm_aCzNl-8BD3TrmzbUONAOjfYRBfKrg8h5JQ4wvo48W_PexBgf8ywlI5wdjoHNbAqpv-huLj3ukL-tURcICSP4fYvaiqxfWIg7jN1lZUrBgSLYW62G8JNnmwB6q1DornhtcVUVgddYzSCxDmuggdMVLZaTwGGppTk8Mgl7PbWvbtACL714M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV6kPbzBcY4W_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgTeAU_QalW4IGb5R7R1rL6C1d_fAbeq6PM948hreiV1GqwS04-FSUGazRNd-aT1mLFQqpEygjCMinmOgRvBjsw2UprD4f1lwkTibWueXk8G_uahbBs17XqGw8-hQ5cuFYw7h3u-bbcbQWU9ByG-qKI16cTtg5jgsTUCXM69rj-nbxci72tnihO2KzKqRCNqTWHgUUJqQJ1stQY-vhZhFW9KF8RAMKqKMmpr6cxQaexd6T-pbMhB76ewe1vMMNxAyaFZDkm1MpT4EqjLovxyFN4r38HDixlnPTkAwAPyckdjYeAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1TLS46dJYRG2ebQH7YLXPtFCWDSQ%26client%3Dca-pub-8307598208016619%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame FEDC 2 KB
1 KB 129ms
69ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FEDC 308 B
637 B 95ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FEDC 293 B
621 B 95ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame FEDC 43 B
348 B 119ms
33ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=F9PM0GH6WEaEzlApExi3_Ms0q0sAAqirPS5Y_pY5bewEYo18u2MxubkKem9Nq5PpT9Qr2Sf3Dzi-pbaScDXNhCg3YCohGwaDJAPEkm5lI1ErRoWtys9CpSIbegA8dZdAbpRH7ew5zjgKBiu8mV8OoO04uYAis8BtQgYzqP73MxI7A-XX94A3LkUfHzFAGPge3VhRLy7eiBwFeIjhAaWsY0zJf_NNMwv2fSi4NXiwVV7Al3YIXnbjxOpfxPcqsmU8tRtJ93BDPoawWitYkan0Y_dbQni6yf9tsqvhcnGlWuNdBUQAPhME77CGY47lPNEbrjtFHDpGuu-_T_epJhvVfQHsifr9Tfb7O19oX4Br-q2_wLKxOzqCkOUCJIFnOf_BDd_u-NIztWv9o4VZK71gGKtFMzX7JzARVI-R_u9RoAMoXrRl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3370636
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3c07574507864dd782e2a3ad4f256eee_image_ad_728x90.png
static.criteo.net/design/dt/2413/221021/ Frame FEDC 37 KB
38 KB 94ms
36ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/2413/221021/3c07574507864dd782e2a3ad4f256eee_image_ad_728x90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

83694e7247249842602652bc461d57231a0f105d6d43b922649f8e476b2988b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 21 Oct 2022 09:34:10 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63526792-9509"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 38153
expires: Mon, 23 Oct 2023 19:41:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FEDC 0
128 B 127ms
34ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=XzIfIobv7-4v4DY9BHsis4stb8Fn-j_AeT5Yfhg_bPRn5yIRowGPY6m9DxNOArHRGN2oq4m1j3dbAHtBj2mFjPwJrRJgy2bP81OQX_uLm7Rs-n86ej43MuvP-Auu7tbLFnFcjbwTCkjVsPEgu9c7ezgC9pk2fjPvwVy9ctjXNBh95jtoSsYhMnXqLwTnzV_vjTR7r9J3UIAMeD4d8YikDMfClrRoLZtyWLRJ5OKRulGxW5ukHQyvr44GJ0nZz9nyggBJjg&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FEDC 2 KB
1 KB 128ms
74ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4814
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1

43 B
766 B

31ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWRsreNSVyx94lboTpKiwPjPyGkWA9XmNVD3-SHczw6R0DEwC4tksohkUJiF8-KxQJyOJn-WA_JTQc5s47NS5wt4BNk3_k_byLSXce3b7oXQ4GEx_QOM-qpzHs92ZFju7KS02kE6MI371tbF5NlXWIzI59Vpg2jEdX_bufFJXJ_yCVElcM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4814
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1wwcPUh2wULPKxA5PGZtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1

43 B
766 B

31ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWRsreNSVyx94lboTpKiwPjPyGkWA9XmNVD3-SHczw6R0DEwC4tksohkUJiF8-KxQJyOJn-WA_JTQc5s47NS5wt4BNk3_k_byLSXce3b7oXQ4GEx_QOM-qpzHs92ZFju7KS02kE6MI371tbF5NlXWIzI59Vpg2jEdX_bufFJXJ_yCVElcM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4814
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1

43 B
1018 B

48ms
37ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWRsreNSVyx94lboTpKiwPjPyGkWA9XmNVD3-SHczw6R0DEwC4tksohkUJiF8-KxQJyOJn-WA_JTQc5s47NS5wt4BNk3_k_byLSXce3b7oXQ4GEx_QOM-qpzHs92ZFju7KS02kE6MI371tbF5NlXWIzI59Vpg2jEdX_bufFJXJ_yCVElcM

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
AN-X-Request-Uuid: 3d7cf14e-396a-43c9-828c-da8f6e2e9dc7
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4814
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D

170 B
188 B

96ms
41ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
AN-X-Request-Uuid: d94487d7-5a62-4a4c-94a5-00119a6f9be2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 84AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1

43 B
766 B

64ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNUS95kojb41EbV7HVWm2qDDUZPVppb4m57etSJRwRYwhJ9NHtHfvRrqFDzUEQFzN87irYkRvTi9IJUkGGGblhM6jLdUzm_1L_MqEgJVqFRliufkxSLpi-XV4b6l91-RJno82RuPAjv5Fub2c4Lh2KRSuIk0VxmaBg6QZ_Rr0ZsCSeqvWTw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEG4zKTkMJeo9ko9a5vmhSY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 84AF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1wwcPUh2wULPKxA5PGZtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1

43 B
894 B

31ms
30ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNUS95kojb41EbV7HVWm2qDDUZPVppb4m57etSJRwRYwhJ9NHtHfvRrqFDzUEQFzN87irYkRvTi9IJUkGGGblhM6jLdUzm_1L_MqEgJVqFRliufkxSLpi-XV4b6l91-RJno82RuPAjv5Fub2c4Lh2KRSuIk0VxmaBg6QZ_Rr0ZsCSeqvWTw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH7A9Roz6nPGIW9wuDGn7E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 84AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1

43 B
1018 B

51ms
39ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNUS95kojb41EbV7HVWm2qDDUZPVppb4m57etSJRwRYwhJ9NHtHfvRrqFDzUEQFzN87irYkRvTi9IJUkGGGblhM6jLdUzm_1L_MqEgJVqFRliufkxSLpi-XV4b6l91-RJno82RuPAjv5Fub2c4Lh2KRSuIk0VxmaBg6QZ_Rr0ZsCSeqvWTw

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
AN-X-Request-Uuid: 432bf51e-6a47-40cb-aaa6-871d1eeb6475
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI4Ml67xkwhjHwu-NootfaQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84AF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D

170 B
188 B

97ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 19:41:36 GMT
AN-X-Request-Uuid: f6692935-d6f2-4abc-b754-70307fcc60df
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTM0NjI2OTIxMDUwNjI1Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F988 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e269fbe64af2bd3bc6e30be1e98b710ada034b343c515c9060873a2325d17ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CECF 2 KB
1 KB 61ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1wwbwAIX4YEpGocAAibb6kJjXd8tVEwHPWpIQ&u=%7CKtJnaTr726srVDjJCnRxLuqnLoky%2FIPE5gDEtO8hVkk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2SzSLlBB7lsytc1YurNbrpdJp3ws0ThrWozfRpw92iCj4Yd9XKPyQeMjtoUArMiBW2Z8lwEqI8CplMXlKtBK09669YbR6wBFD0KQhsuOXFz2NwBYFyECB9SilVXHfygETUVLbiEb_LmPbScpk7gEYid3fL82DjvRdiVb-ETZvMKLQlj4LfZavLVFV5KL5liNuYBnH-PZJTi3tQ8R-j5oqzN4eu4_VJr-nTyPG2z7KdL-55F_eAQKmc5YAoH_nUEVV4olJqbHcCoo8fPrUKCc-7Nv4EgGl8_t3oU_-M71Ay-UFNP6BF-uluCrralsHWy7yLDvmJLTPioZ3TytzIozZC0dwMNqrZ0dpvdPWQqtaCj1mjQr3SmQ8ib4n_mRvhz1uGMYiEf5QrUqC3JfpPgcYBn4x_hG03o15atdRPcdO6-9OS8w3e1ku9O9Tl_BvfeX_IATbhPOVZRLUstw6Ch95TwSxb2_fSAV9uJY-saB09W8FQjBdL6INSXU4g7Hlpxxy66TUNPl7AJ7FrCp5ln5mK0jt124PG40_M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM4owbzBcY4a_IZzUkdUP77ai6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAiuOaIKDs7A-4AIAqAMBqgThAU_QyQjFeUeskVxDuvzJKhAAtmLGbnwk1aqa1ZouG1bFdX09nIqXr-x_vCO5XUxY-aYKWlX1zra4qiBt_bC1wEk5EHp8VcNr08HC5iMIyO37USpLylasVMK_dxQkpR4a1-rKs1vXcmYhb_0dZkh1pKuANMagIzUc0jHbGv4bUbz93uqCJTYxkG4_7yHBtwP6M0p8BTw_iSWLsx1kjG0V85Jac__PH-PMKemszeYydQ_PBb_Fn4e0KlJNuJrwSV5xZ_WSn-KMAJoiR_u2nP8tdX6UczTpGgHO7DK0Iu44EI0SUeAEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sZF8U3lNqYFc1Bkmu3oik8Pxc2A%26client%3Dca-pub-8307598208016619%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame CECF 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CECF 308 B
636 B 48ms
48ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CECF 293 B
621 B 60ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame CECF 43 B
347 B 33ms
26ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0NL0_1rCfbje8BygJf0suVSkT4H17nd4DNlJYDnFobwOjzcVRFIbvM_vhFoQfxn8G-Ed5jSXUHkO3Kq82qCw1-SXzJGKCgc5rUnADSuQPfLMktcO1PkqVPL1E9CVR8e68K4ZGr3rgxyIgQXGnAopQAmeoi2z3hIGTmdt8B8VkXW101m7hMv-pa3hmGRP8sdJVpSqnl02yoqTUspRri5LSXK2y5Jwyz3UM9k7QE2z_qJu4k3dP6OfUuvuIzUttxqpg2mpYCLOcGnl34szEeovA-jMV8zccXAEQzOD5_rAdURcOef7pE28_JH5NCPwDQULtbQmR9qcoKihSy7PWWkdsklFKpwNJih0S1PWEbmSnN31Im-0C00MaCQxSKSQyVAn09nhw6JK4kPtwkA6wNklDBw3v8Z9QnCIoIOStumouzSR4gfE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3090187
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0017 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b12d33f398124e56fb7e04ce3aefa2741dbd716abeb8d5033edfc48a0b624ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CECF 12 KB
5 KB 88ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 90200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7616265f2ddab92a-AMS
expires: Wed, 18 Oct 2023 19:41:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CECF 12 KB
6 KB 35ms
34ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 8 KB
8 KB 99ms
24ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F80316%2F210216%2Fdd3a924a66b4466696587ee88716c34b_logo_n_horizontal_2.png&v=3&w=256&s=-ppNIAzVpv3FWTuH4lRbEtDT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e85839289d5f6329c7233cd33a93ee054935bcdff7285e739b49b392decabd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28627669
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8311
expires: Mon, 25 Sep 2023 03:49:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 27 KB
27 KB 122ms
48ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F540USVdwVicKaCqSm82UYG%2F59f3dd388661bf25ff989e796e7d15ae%2FNon_woven_tassen-1.png&v=3&w=400&s=QDddqtUvZfjZIff_uZbkfw2N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f36c040c1a8864016cb97dbb8232971d8edce7d3abc0c1dd1f6f99a660d180e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31216001
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27367
expires: Wed, 25 Oct 2023 02:48:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 39 KB
39 KB 150ms
76ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F1OhtAcYWMcGCCQ2WCquU0o%2Fbf22854d31089e50f323c97ded76ee52%2Fbestekzakjes.png&v=3&w=400&s=RPtz6_We_0jmAWADP48Xiltl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f60cdcea15ced6599782416f2a1674bc6e3ce93b0d8575511a5937d273f91d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29507327
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39597
expires: Thu, 05 Oct 2023 08:10:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 14 KB
14 KB 130ms
55ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F2gndhC2eA88HmjKc7s7bXO%2F1ad3afd45ecc69557734d330242db1dd%2Fbroodplank-feature-WIT.png&v=3&w=400&s=ACuPYFZutGJWIEI0juBoEfHt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c5058692aa5abcc28747afbfa11c85be8622ac493dba233b7c1949f928e4a566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28909825
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14104
expires: Thu, 28 Sep 2023 10:12:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 39 KB
40 KB 130ms
56ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F6ldW4CMBCo42YWC42WeYce%2F518e736c5897a9c1036e4f0edacd6f41%2FBalie-Display-header-1-templ-2000PXbr.png&v=3&w=400&s=4fPIzpJLDcaMW-lfv0zjGhiu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c26fb39aa36fe9d6fe5369323f2decea3cb4c5416c8a6bde4db90853907677c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29328384
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40413
expires: Tue, 03 Oct 2023 06:28:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 10 KB
10 KB 171ms
97ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F4xKULHGDnaGa4C2QoE4IaW%2F5b7ed67228dd570c9c1440d37b30fb69%2FOpvouwbare_tassen8.png&v=3&w=400&s=OALQjK2mbCk4i0RV2XPqQJkH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dc5abcd3a595755edba426670bcdb9f99225ce74436414668f077b89e774f5e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30195401
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9766
expires: Fri, 13 Oct 2023 07:18:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 14 KB
14 KB 76ms
76ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2Fzar1ypr5qpcx%2F42fwHCy6GssssAoi8OmuqI%2F74d41c94284bc620acca509aa1868489%2Fetalagemateriaal-puur-natuur.jpg&v=3&w=400&s=5qiHQKuZvGL_dRgmtr0y_HnT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

760d944097b547b23ea5caf5c99c5f323add9100708fb2e954704b2244668a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30977771
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14314
expires: Sun, 22 Oct 2023 08:37:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 13 KB
14 KB 79ms
78ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F7DqrRrqM8wsKgqS0QK60og%2F2a4b591128ea8fbe841da88a515b8653%2FLichtbak-Poster.jpg&v=3&w=400&s=nu4BXzgITWYaNy81DBr_lRM8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fbef566005d2a663a0647ee5ce51bb23ea847ead1ce42095ff1ada5639a9eebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29166984
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13632
expires: Sun, 01 Oct 2023 09:38:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 6 KB
6 KB 78ms
78ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F64wzaAzYUXdCLIy2GxTuuy%2F7cc92ce06c7fd3f86d63f35b61b7e8b7%2FEnvelop-Onbedrukt-gekleurd_Featured.jpg&v=3&w=400&s=0mll1B2qWrp9tKlmhVjCAGGQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6fff88ab2b02bc97d02cf3ebd655fb254a9a5f1b3e0ca2f884b038d1f0795501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29668018
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5784
expires: Sat, 07 Oct 2023 04:48:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 28 KB
28 KB 87ms
87ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F7gx1ZtDJPbMJoQpCGuNOYH%2F316bb4541019ac3cce6575a352e2501c%2FProductbeeld-plexiglas.jpg&v=3&w=400&s=GX48N19uc9njcJxY0aXq9-Y0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

295e13ded0b540f6d53e20121b7271530425dd73c5ca9cc9f52045c7e60591dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30537912
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28614
expires: Tue, 17 Oct 2023 06:26:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CECF 105 KB
105 KB 84ms
84ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F80316%2F220330%2Ff8504c0ad5184ec88301d97172527f70_img_horizontal_1.png&v=3&w=1200&s=afLiMGxbqDaxPiFtweray_T5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

250d195bc836ba04598ee30b15927eb4507eda10555693012685f5eda5d15867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28810219
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 107222
expires: Wed, 27 Sep 2023 06:31:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CECF 0
127 B 49ms
49ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TUhQCobv7-4v4DY9O9yVCCPWJYMDR8RxlwivfIjINGYUbIv8YxSNTyUGZKmnQWhtGxVSzVbGreY8ycGV9bB6A0jhj1BDmmjhSF5IFnUnkm96EsZszWPQ_7iqCEBSF71IMu30qBQIWQ9TDobavZzcLMC9jc1k0qJCkNETTcn9K3ObAwIMe0ZDvFCYx59ai9FD4ji8sYjtaffuMTu25UQ6zdRwSghcjDrcCf1vK7xv8yIxTJiiDLCJUIYPg40aM1nc8_ttxQ&sds=2&rev=83376&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CECF 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:41:36 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame EB63 106 KB
38 KB 156ms
56ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Origin: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 20:08:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame EB63 8 KB
3 KB 209ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgOlgm-lgyepqrvzZKiBEMR7jBTfi3sz4OTL2AWaVA_AA243RZi0eH1oQSrtTFmSK5EbIKxiY1n58ki2NwDiBE7UZNWA&cry=1&dbm_d=AKAmf-BRiIJVyKdFc49m5zApruxtNvPWuX_Dt-xvxXZixxbtWR_6boEyD-IlU-5-KIe3aCdQ98gvt3_zF86hGKLR7Z_mUulThGdB88C_yogNfXyLTGzcdCs8oaqtvcnksU9X4SQlb8t3bZJrY3nGAim-Vln_tNlPT239m4c3dqIa6xY-ZGYb5oTqve4Js6E59O41g8hgyrEccHg5xLGubfWiOteLEg72a7axzme5zR8kx6yvEUNa_zKTpsMe1g9wjjxsetwMbSq8he0Dfpf5oO7X1HWDK2f88UEezHxTR3G5WgdUOl6UHIaQnJW_ZL2rCazd4CRkgPYS0aP_H29tF7yI_ojhw9DP5jHqwa4BhrVv5iY3I9M7Zex7tojD2tJMxmwbGC9Qc-kR34CTcbre1vgAN-d6layJw67BFn5RYXofyYwgIzctHHJPMC4NcCS6oo3HkmLiWN9twz1Sdb9eUmrIruGsE0j1c2yx_Ehv-qDZ1vbl4da1Z8VFwnJk5ZEDNb_74pBxpUgAfeI341FTrYi8Yk4X7CqTJuo_NUv-1QcTaj6EuPS2gQSNi4SXJaDA-LCozz30mJIYFHn3jjxTEOXy5-qMHJJYtFMYgFxGYuwgtPJy7DaRwvHJ9HTFlD9xloQfzUXnyAe9mxgYYi2e4EPUzuZZKHhThF8yD1v6yA0nwUH5cjK8hJKTivZ-0vJdGc_cZyfVDGcb0pxTgu_gE8gjfKl6hZGh2slRqrJkoaIKtaRqwKnL0i_bJLeKj_dmJFKO9ACMpQKP5ZZq5dvfocOFUPksJz9aneOGfUAAbTt4iIGuA_iHyAtMj0N0LmH7X8VARMxejBKpLNUTRhhbDkB3uJOuRiFbf3ESYaIxCqIwyrFUygjMNcBwpmGiV1_pDhE01DqPgy1a3AoDbJm4ufpiFmv-XD_HXJnoHZMbyDdp9922DRgiRy4c41qOYL7RW0G8cjm3V_hG4po8nFZXSv_Y-d5NBLyn9JkRB9pCv6CvQvWLMYkbvGxFsH9gs8bdpJg2ArYi0JatItDiDTmQj03XdcVkGf4Ff_cBdsoay2Jgo14H6CbAuwqlb2KO_RNu8uP52x-eEV3-hrngr485ZHb9zs14c0PyKH1R5Pv-gIgW2aG9vj8SjnjBu0SaHmyAaVpnN0skIdPBScqjCvTM-YK-65kbW_UQZCzHOrNbrhFzADAzEzTt2BXIqAsdOyzTDGL90jb4reIXsC8hYp85eeOjcvfctyvmh5imVK7IzCZaZbMvRWpcZpm3ELluBZWvZq1ykiPU00J4cJiBXhx_3Q-V5WKXE2nBnf-prtIIaE67pqFgqfqNc3NQ0DtWntN3xTF_83W4OnMCSLJF0QECfAnuF3aoqDBbVrpkZ2WvewtaV1cg8hmogu1n_1YQ457jDLpj0hIIsHmSTHu67vJFvAb4vaz-mSUo-FyRmoSgn1sC71Y7ayRH0iuekqfsdEuvPE0D9_0Xwvr1j9TdqqZLxsTozK_B1QNtgMN6vbSGq2R4cxWUJOAToqT2dXQ7TdVKgN9xvUKqRTQOi8kCs1sG26HQ-JiXKuzEruWSmrIxQTtv3fRC8w4z3mJprUvFMnVfSs016rCkZsothioD7l8i2m94yJvavrNjAU0OB5Xx2Onfd1wsmW8rpoWxozmWdhPlkSf-WK9Z0AHvTzQ3iBfQXQkP_kyYwyD0CU_YASPnsMSs2xkNwA9yDKVaSn7Be79qs9-nt9PQGX5eTJzTR2ow5OHzpxkowPHoBdcitdlwGh-IiqZiXO_RLjIo7B8bOVPOTzDcrbhqL96iXkiRnOAyDkBUZyxaMsFb8u0yKewQwWA00tosU7emgJ5fmCHzPPOROpAs1UrJtBlwTn79-G2cC6jcJMnY73JOOlmEsZ-h5KVUVlfbsoQCuXraYzZAcd0s7fhF6-wVc1Ek1aXYcZuZtf1ueDtHXG7MyHeSbkfOfjZkYtF2-IGeQmwT5IyyG7e2k2RwaYi22R5kH_VSo5zzR8MORM_QxBIJNitPrHp1GXPLe0QLT2bVV0RF3UedzpzgXhEyohynsGzEyY7I7GK9WQQ8G-sjDdS2B77PsCnDPv6VflegY68C2l3twLGxBPO88g8rzxapzthJvRrTt_nwOy8hSB957xpQiauuZBgObdwMbrdqWwFPM0Ab9v0_uDrJHiUlCsIfWonYA6u8PWtOBthmZUclKm5Ukz4veO5aUEcYkOLdac4sDygX9iHWMjkIxKc1rcEUh63w6VMhR6BL-hscUeicfCPukUGCUDIevcUXOco8lUW9c0DbmrvS8ip9rmSpz3adSlxJ7CcVoJ10qHNMVj-06XJifEiqCyjZ6qGmVuUh5i1xJuIllqhQLJqTkgSBJrif2GCSrALKB_8-nE_zfaNWuZd2zvQNG_Ggwq0PAFF0v6Mw4tDPMMd3MGYTVbFbgqNsiXEWiS5VHf-USZIuRi3FerdrXS8b0pS_71Te6IWr6nXE9vL-N_yhSvOa-4MatRI6qsq7lJJ7lMt5QCkgFIFcWakBXwW3DxBNuCsw_73PkbsX09mkEAOAFDE4Pori9QhGoau_S8pL4kLc5uVC_9U6kWVp-bqiBQmw_6nZIy8WUzs9Uc8hMdLqwjVxkm5q0P3sagXldGVFsYvq6Sc0aw4i6Agswiy-B9bhYxrnSfVWPzl2nXeiDdfYKDaarVAjNE4phKIcbwxlDNqXafZmx4jGXJ0HYKRI0HqJycwaRWtxo62_VfWUwnhIKtKgA_kTXP-lpzTSBJwGYKTnBOY3syqlPWqDWkV3icyn8UOwii6_7eZkyEqi5ELH2VStXMSPVuoQ9KVjPsHne_Dmqa_uRL2PSmgvWQwayYtMG8AkHyVLUf6PRubMAoWkS_vt1gxf8N9G2nRcYp5RbDYmzD7nqKLdTE1pLsknnKGvFlscm9O4tMZmDBHbRpek3LVGpPCbXxeyreAvfm-R17rqV7Hy0GSlzjViOmbeHwQBF1H5FzPJ3R0vg1jvel1KqmSvT4n6YxsG133eKZUTZMsKczIZ_S40YIvbEmSj-wFsP7DPJhHgd6PZqvVxRtYImhDIWZHp2YwAiwUEnYZlxbEKCdbutHPlfRdILxKVwPV6dl_K9qsadkUI3drd7rAFBhzTVh61o1OZpwdxxsKCLHSVIShCu5nFh23KO-eHCA1f1dYGtLTszrg9QCXHQ4RVF3V9jfgspgAjFjqecUG9orH4rRWrYJfmx-_t-A&cid=CAASKORo7MUIoh_s3xf3r_Ri_rePf0MbgUFWhqSWpnM_AUcnLmDqhu8LOVk&rfl=1%2Chttps%253A%252F%252Fntt.inews.id%242%2Chttps%253A%252F%252F948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame EB63 30 KB
11 KB 176ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:11 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2E82 106 KB
37 KB 190ms
119ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Origin: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 20:08:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame 2E82 8 KB
3 KB 177ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrEE3vDwUhK5RrVzSiHini0FMHBPnhn3ajRgNjLaolfELIcwPVkU4j8oNzIvMtqXEOYFRTKsXM8X1--ttBilslB4fLSw&cry=1&dbm_d=AKAmf-DMf6nD5bgWr_3LN8T73RK2ENIFnr2HoRnkFojufcCwCnchu5tFH1NQ6ivKIMuJtNZ4W5zwpCyDgmWqd12vlIODhFqe00it5tPWy8O8Yq_gCo1EndEsHFI2FLodkYkGdESE5J3sS-sZ5hZPx4Lsu791zT4Y1ToEn8dUPvWruG46J4-Zcm6iZ-FL-DweeocvFAB0p1f01jCRpw6Jrk-eVZb-0ku0MV90vT86LLNpIx8H-vTI4xE--QfxYKld5-0D6SedC5q03_PSAhLSDLnn-cuPkS7GHImvpVOFc-Zof6EUG5Sknm1afKRWKA_BqZqrok22GrIATWLUP_iyBiP0KaYXlPW_qzh0KZpBivdCQUmfMP2BV9x6_-IvjlKjbOwFuHSfW7i7tCO0ae0LvWqC1ySumKsJDHa-U4sZlbEDdD2x4Kh4qTcAwLfuwON2cEQAMttBHZDh11KWIXhec2PBaFInYiDbWlJGML2aefcFyJllZsNlwaFaKw4yQRgV2jMatlA_g013PGwp8bhQfxyl-P7Q5JIrHgh-iKYcBEHCRYDpmqb2MA_z5BhBD_Rgdxs0K0aLCowHXBPHmwbAQu2dLioB5X1oDRdQ9bIC9bQwyQs0m6XDGzYG-WZk8kyVGM7MxFpMTPM4lkM5U6Ogq9j0SRjC7k5DOASH7kmBHMP9NLtrNpRl8rmLfHHjZDtPABa4L79X-xYswjcreglHJrE8n2CoxJu_P1uC8PKGRUiU5bRHe_KVSA1VSW1chz4G4Eak-ouoZcE5nmSkMl0jgB89fih5kZCMrvxnuqs5ECNGb0FW-JOOOt-qboZn5My-mGx-cXOE_yFwQjPmN_nf36yE7YnJj6M6KBI6p3nWP5W0TmulHPKPXl9wV3qiuIcLSX_Rdzl16_uZ_43b7a-a1gyjbL4uk5-cl1KZdwkak3HQeDuyOO9mpTrkDPljQLdCb6t6f5ZtJx6-wEfd0bh5YAsK7h4o8aJa32OwkRy6uDg4p6PDai61QzNuoCtLrRq5MqPW210S6CBumOEJqgum1GUjbECHY_VYt08q9_nlbuKQl65wbE3k1NzUQxdDKFwVNzI9uypY9TlIGmuIjCg45GVu2cI6cC5lCm9B0pSe8S8-wXJ4Ca3nNehOmUmK9qUs-jXlkZgJdXHWAAY_ZuJ-IofFM46YC2DJU26jPLmRASXJ-wJfBC-7-TSJnqbIWSvvfCik7MekTOMa8ALQKv_VwA_PcfUhvtSjFUX4_XsZROina9uEYGvl5FASzKqRb1VK3gcqLLP5HBEBOZEWpjmxzKoa-Xl5Jyyb7pvj66-LC2XRmS3DR6s_g51KtXLum2mm64o6otLpZAUoCOQiLoY480IvHjpAt8VvDOysCdEVcJK3h3wS3WCg_xvFfL2omDsEDABPkpLpEJ4SosNX5_KEQjRdU7w_gqodxxRhSFELyGRpnwpT4EEB5mx-eOEP7-Gqx17c-WAffV8cER1-Ao9z1kaHcOH3R9-XzM8U1jx5fC-pJsH8RbYxAau78SK5LosNvYknmAs_h8XW2U_Oskiaev2WbEg07P-m63IawRxdTQCMottOLSqbuLBZ5w3IhyYxurvudFYu-fr7BoLG4-54FBo7S70tdh7yQXETpdPc3uMnrW2G2K7jZ4K6p50H1pJQgJPEaDwep2yVuVEQ0Iqp9N3aH_-Sr4WG_vuBm3dfVgDsYHmCqnNoypYLTDRlhgN1P7uBKjvWvfGYbG3bLMlDpG8FlgmFJV0hnbEqFm3erbDe2TcHaPtC_KinKTtJdLYZaw00a4WowOA-P-dDL-ybhStlxpDQGvhKfFQsnlGvHIO5QpXlWG6tLs0Ia8-7P9Wochj8KF25Y6otF0asFBQGkEgTDEQ4w0CXMPPDK-ReW_FIfNm5ilfubh5sHbf6Pr2DEDN5lrodOZF7jA4wTiG6lVqHnMK3MIgxCZUGltocFRdXP4jMTDVOSTKcBH1ZjRwta9xv-iSHC5BDaITfiG1I60cY_8kA38iTft_H5S5cYjMrqaXC8CF8KBEhjFeIW-h77qUU6X-SYK-VjlLEx3v276kWK8rDjxKqk6H86LmaYPkxwRS1OfSn1UG66vPv5ZeozJZ13r0u5SKag1133uvUlwyqvhUZ7FYHhUbd_d6_f9jitnWlGZyKj3cKWEtc7a1B6e4J3oA22bqSp36n55VLSXUBZtk8k36pW7z7eBOz6giQJHicAlHGSMDanrHXU5KXoLsbzrgJ7R_TeiXfkj_jt6Pwl_IrLaGhJpkvYOUCfoIzD83LdZNsZIy-neRE-0wRSpKHoIctqgKcAw7tXYiTxXfGf6rgG7p4293ULgRICjH_i2Gq6q2vlRf2xBnX2AlugdsJvp1DR5Bq7SW_GDvpPaMLCiv2_0lJs2CfThb_Z1fzjcsKzSnIw4NbSMIKsj7sM0BxxrI--1Jl1nt3X7Zb0Bbsj--vOmc5ejRhUp2geQFI8Gh3huenLgQlryf5tAnO9HMZmqVH9IdvBKu-SrxxKyCXqhMAqQteIdPSKUdzYMFtJAQI7vyVk3NfxqC8sD4mIfnxYAFoZ0izrWax0uTMyObL62Lzco_JkW19RN98e-lQU1fbNqleNh2G5VWDJ77p8lWaC-3tR81n5V7myFCemXWd558OWDwN8ju5gBxpl0qU-hQBwqJM0oFgTQoRqZci9qBYqvmCq2lE_tZWo4shDQdjdrpNH9dSGW5Zutk0lPmFC7Z-wX46UBCUF1Vsukl9WbhSMeQiJ6wO7fNUoWbzazw2-2ADLtnpYB_23xnoDgKVphNzo6PzMbInfwTM9trvQmHKkFNNPweXomm5y7BRrc32HvIGQkZjgUuF86b5SUbTchxh0DvVm5Uid1m6gupeKe4XtcF4FMZEGu3aEKCwSwBd6BL3p24Uwm7nNTCNfKzCoQxuwCrmjcBVLSRXrS1pHZRJvqtpoXO4eeR1zKwrqcbT1I589dsAhZB7pjy1FSqpaR4GttLI7D5elENaMGqTyWq1-K1kWgDZGkKACv4Jjbl6eAIsB7LQisPMRRZ3nz2Isug4JqpGgtm0lbWHUxqormP3YFzPYLf3N6HXGwNReyjduzZ4wr3EyH_6ZPYmzSpe1PQz9RqEUtZX1RHfAs7Pi75aY8Ccnm_kvIgSI1eiUb0UGwEbOyDZDoFahIyJiD3At-WceSO3kXAqAxjJPHPW1TZEifCFOgOddUyyBEX5qloKpnWAleIVd_LIEHw38jJ7-ZUyTBBMo-A&cid=CAASKORoYZd0cg9s1SvXDVTo5R69AS8dWmkZvpJUV8XXLWRS0CFgstVufrQ&rfl=1%2Chttps%253A%252F%252Fntt.inews.id%242%2Chttps%253A%252F%252F948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 2E82 30 KB
11 KB 145ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 18:22:11 GMT

GET
H2 200 prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js Show response
cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/ 315 KB
99 KB 48ms
47ms Script
application/x-javascript 64.185.181.185
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
Requested by: Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/hvr_man_inews.id/affhb.data.js.php?t=28919
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b-d.bitgravity.com
Software: v/6.5.0/6.5.14/vb4ams1-www /
Resource Hash: 8f60ca67e9c5c8d69de099e1c7c18d47e4766c4ddbd45a22cd92cde859686520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-version: 9
date: Mon, 03 Oct 2022 14:40:47 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 10:07:43 GMT
server: v/6.5.0/6.5.14/vb4ams1-www
age: 2179898
x-tata-request-id: 3dd588d0aa082eab4d88b6caf89c9091, 3dd588d0aa082eab4d88b6caf89c9091
vary: Accept-Encoding
x-cache: HIT,vb4ams1
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 100556
expires: Sat, 28 Oct 2023 19:41:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CECF 5 KB
1 KB 138ms
67ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2540509a5d6cbd7c0a12c0924e157f3df2b01e2e7011b0bb061b2f10600e8698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 19:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 19:26:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EB63 41 KB
15 KB 122ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:27:26 GMT

GET
DATA 200
OK truncated
/ Frame EB63 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f0dbd56d07e329e3345391cb6157882b522741712ea153b5e9a192a965b3403

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 83ms
31ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221028

Requested by

Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e667c6605e929d7ea78be2628f5bab68b49068479bfb0c60660be3a7b3d3dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 16832
x-jsd-version: 1.0.1506
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"664-Pvt1QvLtt88LPBfvGhSf5O3mvrk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 761626617bbf0bcc-AMS

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E82 41 KB
15 KB 85ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:27:26 GMT

GET
DATA 200
OK truncated
/ Frame 2E82 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc866c8eba9e01aef132925f6434ce29485ae1b8bb8a404e104c05d0d4d2cead

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/13272251373630232766/ Frame 9683 6 KB
2 KB 123ms
59ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29110aa1e9dd0e054ca04a50394c1b253cfb982162fee21777df182bf45642cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 94372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2343
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 17:28:44 GMT
expires: Fri, 27 Oct 2023 17:28:44 GMT
last-modified: Thu, 27 Oct 2022 15:05:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB63 0
0 161ms
75ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfBTGXT0MTJ2GwsEMyy_6kkDTihnS3atdOaXDol816KEUxGfWMxpc7wjBvDwOmFWDZU3nRr_KVieeuID-ddGiMno8-YfUfaJkBkQaXifYd5-JiNMNIaGJxfrOIYmwKyEWKDPbM7hiWiFieW_5-2tq2Km8N1_p0wZIZnaoElC34I8DvKcJ5NQmzp8dieFm9BZUP0i2iDNf-n_FgUESToaSPWcrLV8bLshYwPJEVK6BgFNP5m-6vUBMFxW_STINpznDdVR1sm8YQS0Dqir_xpWqvUOkGs_sieKUmH5g0f3QY4YyZAY-G5oWGZyFxDA8mjEeE186fhl0SMXKptOFD7Z7RW7CZB5sfOhCq4iTvD-OZQLZviq-_Jd1un-0HApCSkeOQ10kPc_Yo--5YrVxeCY0tUzCYu4wgjVBIizIGjxivsYu8T05TVdtGUZfNP9XjTmQFGbkZlL27NpexIme8Qdfyb2RK4rLv9OOhNZ4tH__-06My2RxOE0K-lgRyIigJ9bpjguVgZe4o7NsbWDi-CeaJ4KoCMIr2Dm2_a23ss6qgYiDrCt-7ls7gK4FEsBWj2aDftVBU9_m5smocs-GZN_UQc8oMvQZnC0ICDswu4UrLDPSvkiAywuqZ35znvEURLciiCvPhLZaKtuuXUGlMfvey0bSk5b8gLj-X9lOXI7RQYkxhchlG886GdAIibsu_P0UmSKajNIOlFHJrGSrG-1we_JO1EocgxYYZ9FDukmhQazD3-6m0F4fqvmNddqOEbzvt7ERMJOvpY20Qr6Gyu_1gDFf7N8ARlKbfke8PxKoJjTQi-7IOrhhqeFk0kLKLy7IqzJ8xerI5L-45BKdoSRJm23xTk9xs62L7nBKd7z6-It1mbmno-YNk9cHFbw40MHH1ATxHiqH7R9xXGOYuZU54LLq91ei8YCqk_rAeqbOlwBVQPZKJxYpURImCZoZETutDZ00n76Jt0XLPWR-DvkIlNbV0OuUMAaM-r4OVsta0_C6gSoOK-kVJc86XtUDwLVmyN9-WaixF_We2do6ka0QJd-3jzAq4xd-ZaJ3mgCdI35TOdc9s8kVeaZWVfQJcYdD5Jt2DQdvMEZkvaHI8xeU_UpaU54yZbVOE7C4EKD4qowGFWESHzPUTR2NjrVhQZbjNhvPAG1wMVSs1qSnp3YGjSolHAmw7OigUNnRCmHXYLNdh63CQ1rM-WuVCsz2isPmyIygK&sai=AMfl-YQr1vZjuP7d4jkGajyMCpNcsbYc-Z0Sw0DQvtO_IwB1ZRvLOmj-zGR7pARIbj8g664Hr_3PhqzLKN8_6-DaNlfeKLCBvGzRLObELUi2gMyZqGAxUevWsb_5DGRSPDDDDiypCK-fZxDljCy5MYZy3o480r0qcSCOi5PMAs8xtJTv_fiZDG304q0c9G0n7oKCr_cIxAotH88P3ckEkf8wuQVl7xP1nqA3JJVoBwo&sig=Cg0ArKJSzOWnip-r0pZVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&cbvp=1&cstd=301&cisv=r20221026.28302&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/17238473590949021267/ Frame DB61 6 KB
2 KB 109ms
62ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f26aa67f35cb600191d0e6c566c0b4fbbfbc015062c4e6bbd1f8038cc20ebf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2347
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 13:46:55 GMT
expires: Sat, 28 Oct 2023 13:46:55 GMT
last-modified: Thu, 27 Oct 2022 15:04:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E82 0
0 147ms
77ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcnMd2G1Ugq43T52lt1yrpMwykJHMJb7_GsfUBLEEMtRynDazGjemwYCYxpKJ7VIpaqqMLapXHSx11b6kBP2jHZPqCoGo1xf80WYs6-JqGWgcZZvBo3Vhf_NYYJTaHLl6PoPhaW2V-EHPSk1sKavv04mxOSCsp9oPifeOo04uZi1S6fZ562MBdZgpxMxYZT-5uBIKinaIlNq8rwqT7IOprkHFh3BHZVeAVhjI-t2GFU1xXtwBTWUr5F_lftuQgEOcJm69_qWGFux-TDVc50i3d9-rWL27wavkpFQ-IwiVHKlBtgbzJROcykzb6_qFbN6EsMhUoeQv1JdAE6Fw2Sfl4gtKggNG_NqfchNSQYtQ6ot2XEtnl3NbFU2ygHscY4Hnv7Nt3_s0Y45CiQwUKUW2huU2kS4rWLEwEj3eUOAolK_Sl8Nw33ZhpbbklCq57FMsLSdTh3Pd-p9B4ljCXSH5390Q9HxlI1C5TOlZwXF7ucuMzUryB-SoszFL0CCSWtKuj463o_yW9RHTee0xFhKuJis1IKlFrsphy_xgi2yMZVUqhyd1ERuhKOQLmsSEwI2UVN4eBkujel6DhxlV74H3HTEnyIR-CeYOiZ8WvvUFmy81PCnE6D71R3tFH-izPGPKu_l5C5F9sHe_wFV6I8H4KZCgMIoI3ZxDxKasUpBsCxvk-vrS4qYBaQfq7Vz7LT6ihpDLfswnHxnFvhfqsZaVMcfbgbBFayxuqPnDpcEqRri4zsbWPJlGmzk6RK7It8ErnaqbcLhY6IPsLOK_Si7GmziUcVbF10MOSD8UvrJ9iPM0Xf-oiNBg3OGn2nC6RNL6L09bkZZWwoPoxc70i_t_hKGzzvuRmGJjfd3kgAHMBV6FKrx8Q-BcuuLfrDyClufIK3feINpkUrbMScB_amyzT5scSwMNJMXKk-ILdCtf8KP-6d9CVLL3Mz3tODxo1HY_4C5Dgu-rqRAxvDHNrq5DkGGerq4oWIb27hyJWwC18IbO8O0qzlErGyshcEuspIvaDJ5qNrNLqOPTVTi3urBNbS0SwKyCLR3xDNjTJhvzYXvG0eAI876bY0EaLnzoZYo6QXKqk6rtkcAwhAmSJzQZT3NJ8L__hA_hE7-Xt2EQz8OlmoS6CvVKyppnUT5YmONxhErPXWpH8N9gxJmdyk-O153xhjoiBGg0omVkLDJe2mvMET0IK0FtfSeu3kt22RfWPG_hB5-dHv-U&sai=AMfl-YQMKjMB7fL1TeRZKT_XUW4yTAd4srGMGjnmXHH-gkuh2DEkc2qIYlMFQDRsx0y-K4DXc4v9gMBDJgEjE0M0BoW2HvExiQz5zo2Cyqr9XHL47UUFvun1KPSX-zzY2TUB2iVtGmPWvWFjh3wRmfQDAuZUQD7l9BzogEaKvT6ZJO7jxcEi1kwmjncwKW-UrBgPmfQFfWeqb4GDE9FzecMGdZuJwZADbKYW9UMKV6I&sig=Cg0ArKJSzAOcTlmHIE3XEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=291&cbvp=1&cstd=290&cisv=r20221026.92596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 19:41:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 19:41:36 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame CECF 13 KB
13 KB 131ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 166713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 21:23:03 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame CECF 12 KB
13 KB 127ms
67ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:52:35 GMT
x-content-type-options: nosniff
age: 341341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:52:35 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B045 22 KB
8 KB 58ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 310797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F0A4 22 KB
8 KB 59ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 310797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 9683 236 KB
63 KB 122ms
40ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:56:37 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/13272251373630232766/ Frame 9683 49 KB
10 KB 59ms
59ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aab625675768c125c92908baf08f91e11287dd9a1efe1c191c5cf61a92b5f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10530
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 15:05:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 17:28:44 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame DB61 236 KB
63 KB 117ms
46ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:56:37 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/sadbundle/17238473590949021267/ Frame DB61 51 KB
11 KB 59ms
59ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdd1b1695c32028d649563141e4fe5fdb59e12d0f1ede59b61d942c6c12e763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11019
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 15:04:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 17:29:31 GMT

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame B045 36 KB
16 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 15:43:18 GMT

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame F0A4 36 KB
16 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 15:43:18 GMT

GET
H3 200 728x90_atlas_1.png
s0.2mdn.net/sadbundle/13272251373630232766/images/ Frame 9683 141 KB
141 KB 62ms
62ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13272251373630232766/images/728x90_atlas_1.png

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc3ac1b652dbdff608025f730ae7793d42c57aa0a0a251ebaf2aeed3f811882d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13272251373630232766/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:28:44 GMT
x-content-type-options: nosniff
age: 94373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144267
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 15:05:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 17:28:44 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB63 0
0 131ms
67ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfBTGXT0MTJ2GwsEMyy_6kkDTihnS3atdOaXDol816KEUxGfWMxpc7wjBvDwOmFWDZU3nRr_KVieeuID-ddGiMno8-YfUfaJkBkQaXifYd5-JiNMNIaGJxfrOIYmwKyEWKDPbM7hiWiFieW_5-2tq2Km8N1_p0wZIZnaoElC34I8DvKcJ5NQmzp8dieFm9BZUP0i2iDNf-n_FgUESToaSPWcrLV8bLshYwPJEVK6BgFNP5m-6vUBMFxW_STINpznDdVR1sm8YQS0Dqir_xpWqvUOkGs_sieKUmH5g0f3QY4YyZAY-G5oWGZyFxDA8mjEeE186fhl0SMXKptOFD7Z7RW7CZB5sfOhCq4iTvD-OZQLZviq-_Jd1un-0HApCSkeOQ10kPc_Yo--5YrVxeCY0tUzCYu4wgjVBIizIGjxivsYu8T05TVdtGUZfNP9XjTmQFGbkZlL27NpexIme8Qdfyb2RK4rLv9OOhNZ4tH__-06My2RxOE0K-lgRyIigJ9bpjguVgZe4o7NsbWDi-CeaJ4KoCMIr2Dm2_a23ss6qgYiDrCt-7ls7gK4FEsBWj2aDftVBU9_m5smocs-GZN_UQc8oMvQZnC0ICDswu4UrLDPSvkiAywuqZ35znvEURLciiCvPhLZaKtuuXUGlMfvey0bSk5b8gLj-X9lOXI7RQYkxhchlG886GdAIibsu_P0UmSKajNIOlFHJrGSrG-1we_JO1EocgxYYZ9FDukmhQazD3-6m0F4fqvmNddqOEbzvt7ERMJOvpY20Qr6Gyu_1gDFf7N8ARlKbfke8PxKoJjTQi-7IOrhhqeFk0kLKLy7IqzJ8xerI5L-45BKdoSRJm23xTk9xs62L7nBKd7z6-It1mbmno-YNk9cHFbw40MHH1ATxHiqH7R9xXGOYuZU54LLq91ei8YCqk_rAeqbOlwBVQPZKJxYpURImCZoZETutDZ00n76Jt0XLPWR-DvkIlNbV0OuUMAaM-r4OVsta0_C6gSoOK-kVJc86XtUDwLVmyN9-WaixF_We2do6ka0QJd-3jzAq4xd-ZaJ3mgCdI35TOdc9s8kVeaZWVfQJcYdD5Jt2DQdvMEZkvaHI8xeU_UpaU54yZbVOE7C4EKD4qowGFWESHzPUTR2NjrVhQZbjNhvPAG1wMVSs1qSnp3YGjSolHAmw7OigUNnRCmHXYLNdh63CQ1rM-WuVCsz2isPmyIygK&sai=AMfl-YQr1vZjuP7d4jkGajyMCpNcsbYc-Z0Sw0DQvtO_IwB1ZRvLOmj-zGR7pARIbj8g664Hr_3PhqzLKN8_6-DaNlfeKLCBvGzRLObELUi2gMyZqGAxUevWsb_5DGRSPDDDDiypCK-fZxDljCy5MYZy3o480r0qcSCOi5PMAs8xtJTv_fiZDG304q0c9G0n7oKCr_cIxAotH88P3ckEkf8wuQVl7xP1nqA3JJVoBwo&sig=Cg0ArKJSzOWnip-r0pZVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=621&vt=11&dtpt=317&dett=3&cstd=301&cisv=r20221026.28302&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 19:41:37 GMT

GET
H3 200 300x250_atlas_1.png
s0.2mdn.net/sadbundle/17238473590949021267/images/ Frame DB61 140 KB
140 KB 72ms
71ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17238473590949021267/images/300x250_atlas_1.png

Requested by

Host: 948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b50c3a88f4021ce574f57fe7048514552a0db0b069af5c1b0dc92dc99189126a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17238473590949021267/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:29:35 GMT
x-content-type-options: nosniff
age: 94322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143539
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 15:04:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 17:29:35 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2E82 0
0 117ms
68ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcnMd2G1Ugq43T52lt1yrpMwykJHMJb7_GsfUBLEEMtRynDazGjemwYCYxpKJ7VIpaqqMLapXHSx11b6kBP2jHZPqCoGo1xf80WYs6-JqGWgcZZvBo3Vhf_NYYJTaHLl6PoPhaW2V-EHPSk1sKavv04mxOSCsp9oPifeOo04uZi1S6fZ562MBdZgpxMxYZT-5uBIKinaIlNq8rwqT7IOprkHFh3BHZVeAVhjI-t2GFU1xXtwBTWUr5F_lftuQgEOcJm69_qWGFux-TDVc50i3d9-rWL27wavkpFQ-IwiVHKlBtgbzJROcykzb6_qFbN6EsMhUoeQv1JdAE6Fw2Sfl4gtKggNG_NqfchNSQYtQ6ot2XEtnl3NbFU2ygHscY4Hnv7Nt3_s0Y45CiQwUKUW2huU2kS4rWLEwEj3eUOAolK_Sl8Nw33ZhpbbklCq57FMsLSdTh3Pd-p9B4ljCXSH5390Q9HxlI1C5TOlZwXF7ucuMzUryB-SoszFL0CCSWtKuj463o_yW9RHTee0xFhKuJis1IKlFrsphy_xgi2yMZVUqhyd1ERuhKOQLmsSEwI2UVN4eBkujel6DhxlV74H3HTEnyIR-CeYOiZ8WvvUFmy81PCnE6D71R3tFH-izPGPKu_l5C5F9sHe_wFV6I8H4KZCgMIoI3ZxDxKasUpBsCxvk-vrS4qYBaQfq7Vz7LT6ihpDLfswnHxnFvhfqsZaVMcfbgbBFayxuqPnDpcEqRri4zsbWPJlGmzk6RK7It8ErnaqbcLhY6IPsLOK_Si7GmziUcVbF10MOSD8UvrJ9iPM0Xf-oiNBg3OGn2nC6RNL6L09bkZZWwoPoxc70i_t_hKGzzvuRmGJjfd3kgAHMBV6FKrx8Q-BcuuLfrDyClufIK3feINpkUrbMScB_amyzT5scSwMNJMXKk-ILdCtf8KP-6d9CVLL3Mz3tODxo1HY_4C5Dgu-rqRAxvDHNrq5DkGGerq4oWIb27hyJWwC18IbO8O0qzlErGyshcEuspIvaDJ5qNrNLqOPTVTi3urBNbS0SwKyCLR3xDNjTJhvzYXvG0eAI876bY0EaLnzoZYo6QXKqk6rtkcAwhAmSJzQZT3NJ8L__hA_hE7-Xt2EQz8OlmoS6CvVKyppnUT5YmONxhErPXWpH8N9gxJmdyk-O153xhjoiBGg0omVkLDJe2mvMET0IK0FtfSeu3kt22RfWPG_hB5-dHv-U&sai=AMfl-YQMKjMB7fL1TeRZKT_XUW4yTAd4srGMGjnmXHH-gkuh2DEkc2qIYlMFQDRsx0y-K4DXc4v9gMBDJgEjE0M0BoW2HvExiQz5zo2Cyqr9XHL47UUFvun1KPSX-zzY2TUB2iVtGmPWvWFjh3wRmfQDAuZUQD7l9BzogEaKvT6ZJO7jxcEi1kwmjncwKW-UrBgPmfQFfWeqb4GDE9FzecMGdZuJwZADbKYW9UMKV6I&sig=Cg0ArKJSzAOcTlmHIE3XEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=606&vt=11&dtpt=315&dett=3&cstd=290&cisv=r20221026.92596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 19:41:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 207ms
89ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20181b6a88ef4bead0080d67c6e0ab9a23a758ce768f05f1411ecac5a406eea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11219
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B045 0
20 B 99ms
99ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByKOKcDBcY-iCE42g9u8PtZMrAAAAADgB4AQC&bg=!kZKlktbNAAZPh4lnb4c7ACkAdvg8WmQjmCuYeuPFBYXmWlsPhY5dcRhd3KjLxtsCMnnG_39k6VC08QIAAACuUgAAAAJoAQeZAuonlquFjirEnSlfZPCQqLmLS55aoj7XBm8cYzfFSg9D93O39Tu1FquVea3rb6L847lgasDUbKHISDd5Za1yh88El0f5TnqM7q0zzz5opFo0f_eTFZ_BALfO8UxGCyUdNRZR6xpjtmkjuSZ8dIdrdM4WE2Xgy01z6AJCcGhjaCroAMiPjx276bsNGs3JgPSIxoD8vfeLl6TWFkTlzpREl5ewk8e5OUQ32AgIak69-B9c-EfXzipvfudwuh0yJbDrvgpD85tTiFW5JOvxHPS425WfIPQkjsF9bBRXxcKvijlGL-BRecA3Fs75s9nqrQ8HcidMtCzRhhwYJwCMsRDNJqBNoPbIPhNj3dSFdn-FRl2ozwYVeKnJbR6HC7_brAKT89NeCCdiIxKbqMj_4wCDaOUoO5JdVRJU5pM8TQyKWClHUfkkP6mnUdkbLzYjNWZonV3wDMvx7bulToaj--rhcXyZn_D1nr_UXLnTGW9IEihW6Wdy36dKuRr9fA2cNWsHHwpwTnw42bTSkW4P1elxaivwOMteKY8AYAuStiTfY3LnuoGEhu7XroBqQWwhRP8J4WkqTgoWyq-pYzaUo1H7B2zzt7Dw26y9WgJn1n3PnpATuGThLk8IujzW733zw8nyFcXg4X8FIzJ1XB7wrqrh4A75Ff2mGicjPixH2m5EP_zlriftqX2lRusjrzIi9-TmVWDeOcfsO6s9-Nl4qBgW0Mks-0vHzEdi6W5UUyGFiHichMvjcqfxPw92OC40inepvp4nh5qyaFgu1DAZlHoCtuiJgJ-LNWAUBo-ELjyhGfl6eH6Fpz6QYIWkHOi9oapUR_lx5ekIkYKqPy7ln2vwSfPPwD7O-Kl1rNAVVAjZgSl7ttTHiGGwUvcsnQ3vnV4A61H39Sy7jpa_--4piU8ivz93Ghl6XvGA4Ag1JjPujcWnKdVn4I3WFYxDQaNFAyuOgbv71mKYlKJoyOdGW1JHuL0Vc_ucozrCGZt9sw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0A4 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ6TtcDBcY6n8Eryzx_AP7IewyAQAAAAAOAHgBAI&bg=!RkWlRQHNAAZPh4lnb4c7ACkAdvg8WrQ76IsJUr93DCuyzWDh8GHHRF3UysbqocdAdH2V3oyiorQbOQIAAACvUgAAAAJoAQcKAF6xZsl-EmxYw98TIfzMNC5qbkKGtGlPptb0kbjurOvbN94LMTya7QcuvYKwsHnMFnDyp87AT63Jb9LIBWBnSenmUbH8DHIdXURNn-7vQRWNmyuvvTXd6bNdEoqFNilLmQLxGlY0YyXaUXAcIS8Uv0ysN4GOgqB75kx3Z5rmLuQDfrgV901ZC8coHXlHMQd4vZIi-u9p6i8aYDVCHsbTz-MlzxKlDGfOsaNPwOZy_xzBBxj7kL9KfTsn4nTfNtT2-9s-zBouTxXu_XyJf3b9YwYQ3FLhqsSU9aydeKGv8t24hwCT7BORyy1zxaFRGvbXM2TcRTllktBsItb-eZ6xurRa1LftF-OeyOGu0GhP9na7deXkFpQrmxLxjeNgnjEOJjz6U0gBncb1PmK9msaDAIbczQH5oaWrgvDMqOeaGK8Yr26k6S1fxKPS3fKgV5X1eJHGy-jolcxaeyeRSiE9ukcDtaIySENgnHCaaQp-IZzI_Mor6kA1QsxkzLUM8S0aSOvQmi_IYBL5uDNZzxCBIW5ohphvGpMQhMIfdpVSteHbb8NON1XwRC89R874kXxqvc60TIU1yC9PjhESAQrLLSemmsxul4XcERrxegj9zOu0LyNiR0OMQeQFV2ng21XkT524qp1UUrJpRFVQn8nF-Ngh7CB9F-kEwanl1qS3uRN4JBZSX0_9Zot64plKCS_o1XdMZ6AQ_f3AXMIAfZmRUXhpZLaSNqnctDOU71OMBzBm4Zn6n1JWSgaJt65ZNgwnAtPeGrzHvzoUlhNZ40ukfqOJ4USZd2-MirCYT5fWpLZWT2Q1LjXPPNJt62f9kpR_UnqlpPsg50EQbVy3cL28tL-fPjFBhsWA2jib5zwf1wmZ_4B8KH-AVp4-VmUKa_vb9BpAwrecx2pT1sWCdsfuRlOFGJNact5x_5rsoiCtOSsjZnTJHfGt7eJ0EsEtcXq_IcEMvv_oWI9QbAVSVPAR2r4Ib3omT9j0at92O9q6B6JdV1-Yl1om-ZxK8pmSMfaF8fl7JKprAipQGj7Qr9zGSjGsH3ml3B2sFgz2g-Z29DeI_wNIsyYU7ZXJqQ1POnndsMO_rLjfaEsy2CV_7bPzntpAki_2Hh-6KvoR_Sla4QPzZzAp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 111ms
30ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 28 Oct 2022 19:41:36 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 529651
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 all
csm.eu.criteo.net/ Frame FEDC 0
127 B 34ms
34ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3493 13 KB
5 KB 59ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:36:18 GMT
expires: Sat, 28 Oct 2023 19:36:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 37E0 783 B
533 B 67ms
66ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ad70ed100d9ab2b87b74a20cce6e394b232519c8609386e5bf657dc8b0ea486

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mGAie7uovRdcuoGzvuK8pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-mGAie7uovRdcuoGzvuK8pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:37 GMT
expires: Fri, 28 Oct 2022 19:41:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 all
csm.eu.criteo.net/ Frame CECF 0
127 B 34ms
34ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 19:41:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 37E0 0
0 92ms
92ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102601&jk=3276164758618919&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3493 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 15:43:18 GMT

POST
H/1.1 200 628.json Show response
id5-sync.com/g/v2/ 216 B
622 B 107ms
32ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/628.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

af41b7e5cdbc5aae2057a2dc68566152f6494cc54bc6b975bfbc02b50b3f4cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ntt.inews.id
date: Fri, 28 Oct 2022 19:41:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
335 B 180ms
83ms XHR
application/json 63.32.244.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.244.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-244-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 75d9773f9d3b08947c54c2d4080321bbe12324632bb76e434435abb96f9f6879

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache
x-server: 10.45.6.181
access-control-allow-credentials: true
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 135ms
44ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 06a113e0da5d59d92a78b0644be5ea2d0aaa1dc645735602536486a12463d98b

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ntt.inews.id
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 27 Nov 2022 19:41:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F988 42 B
64 B 94ms
94ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAz0jqRf-B5zFeFCABhFM5lDEEaD0rXkmcC2qc2UXfRlOvIztQXWXzKUbs5notOd5FAYp0CKaxsTD1U-ETNTyicyA&sig=Cg0ArKJSzNILHwHBp36-EAE&id=lidar2&mcvt=1026&p=242,436,332,1406&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3215994126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666986096059&rpt=575&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0017 42 B
64 B 94ms
94ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRntwjk6J_2vQAEUW-ujK3EHudePyqRsNmAC6v9RR4hT8foPOBzACPk63_T9AADj5OGE4E9L8EjIbF8K6op8P2fDU&sig=Cg0ArKJSzL6yDcpy0BN_EAE&id=lidar2&mcvt=1028&p=65,591,155,1319&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3239413752&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666986096054&rpt=617&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3493 0
10 B 58ms
57ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?juQtPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB63 42 B
64 B 97ms
96ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPbwaGTe21ffcMsiUKqNwO32BO7accvN0N3QoZVEJCkvzWm5k0BV_yNw5wTXngXLl13E4YO7Epevh5temZJYFYzNs_-9p3sEZwOgsK8CpnL_uzkPBeWCEsE39Wp1aPr9cuQBfommM&sai=AMfl-YTd3My1kwyIdN6BAQtZCjMLvCNjtgHEPvpcSVYBeC2Zl5kgo9wxQ2-UEcPr_xO_YXtRxbGG0920h4L0N-sBroit7iPNdnJZO7fUFF0IQshozUnAn9zNpeuCQCVnJ0zJyvo&sig=Cg0ArKJSzPi5m3cmChFLEAE&cid=CAASKORo7MUIoh_s3xf3r_Ri_rePf0MbgUFWhqSWpnM_AUcnLmDqhu8LOVk&id=lidar2&mcvt=1000&p=1083,315,1173,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1852379673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666986096065&rpt=723&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E82 42 B
64 B 95ms
95ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcZhWhApLcw-a1Z8H-tdE1Q2IQS7cBJ5s5q5OQnwFMTkqpFlevXgO5PO6I0LU_wPndGOGx9UWPizfE4oFD33yhgFt-MCakaWs_TmN4Cbp5mtQPvv1tsi-gPd6lDd0KyW_8bh-zaOU&sai=AMfl-YQBBaRZABuF810b0NF06tUhOm0TUmpc4i_bRL8xOey6YnuoZJeSihTbTIzThwll3mrI9by5YPRNomBNPzdk7IiCmX2uD71ElW2JcLp1AxpZ2UeE59SPr45iLc_oF_o5ym0&sig=Cg0ArKJSzNEHRbgMOkweEAE&cid=CAASKORoYZd0cg9s1SvXDVTo5R69AS8dWmkZvpJUV8XXLWRS0CFgstVufrQ&id=lidar2&mcvt=1002&p=374,1084,624,1384&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4046664198&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666986096062&rpt=765&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102601&jk=3276164758618919&bg=!VValVhLNAAZPh4lnb4c7ACkAdvg8WhviRKvmQLeFPJo17mrVUCPBCrd6pHiywbz3uo-F2cbU_BoGuwIAAAB1UgAAAAJoAQcKAIvFPBZJVVgT3cSXWAv5MiUZ8uhO4Uzuxnlb5ftNC9eOx2pX9f4wo-j2DM5cobBUXpmVYeke72-89ZBDZpR1xYWUwkeI20wGS-ujDpi7t66WLY22-_Is5MAzhyuVRDB82Y-ku98wfFETd1xcliuvKyvh8V0L7uRGmwk1D0u-Uh8n6lj3BauJDjy6bHromQKrTegVORV6vIFy209r-Myf3959b7V2CI7kYeNbkr7_MB27hCaMXEyJNDBx_1AnPBCOZ2nHfRZ6UwrMHpPM4UbYb8bT8OGQLKVXOINB7QPZLJmBhVUx2dz_5HBtoaTM-Gz8rKaeIjjePu-n8N2rtkYSvYPu3YtUusVy5Tzl4Biq6FDlF306IRYfRMnCE_rlVT1wKRbyyFad5n1Il1Uha0q7jLMtE3HoaooFbWnyNdDAy3FGLBGHeu9WaFpbcAnQBbTB8Lf7DZ8kxdmtngjljyNyIZTn-_ASneQyDc-8Ws6ViHRereWYbvr71ZzGq9NXx_mB0t1EvaGqvxVClLt1YWDtQ5uX0fejApy4I7nuWtEO8RZJfO5DqZQ1wE4qbpdILrLWl_TLgZEyNA4Lpx_JauphfPBPqU7gMpH4oT4kdmD5qnzg-EiF_rFPj-t2SOSpnNZyvTTkGWOtBjVabBOOPdpqjqelxx-uejLvmOYrqJAGqvB5TyTvxxjK7Ly_7_taF8M1hYbEksy5dz654mMYcIME6U5AoaSnutqgFx6Yn345jEQikGXNDYqIEYoM6Ocdkngy7InzXnsaxKvpDys_KB_yrFqdsXZVlzQL0MhxCMcz69nxe-4uTS1YLWZFLf87XF8-depaw1d6NIKaBDhLjlDoFdGExR2358i2ankaTiHYDZ9BIY8CGzGQ0tRO_9Iy2HZi7EpBqPoFb8DgcyM9Ry7acmF3DI05CcbBeu4UfwLIhEODceAduQflek3Amd485MUaGuSU54Fxuflv4OwQDyQagr9zTjm05GyXJHIAl-zGa0SuIzZ1uQNGi6p6mIE7NnbafbdgqY6tV-leqfm-GT_vBOJznFqRXqND6_6ClYpMCV72oCp-FIDox8Z5GZgmh4r7V1L36AcMfkJPbe8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 vertikal Show response
sindikasi.okezone.com/widget/portal/inews/ Frame E690 10 KB
10 KB 283ms
217ms Document
text/html 2600:9000:2057:4400:9:965a:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.9 (Unix) /
Resource Hash: b6bdb51f930baa2c02e4828d245c475c297660126f4efddb3e44bf48bc4db71f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 19:41:39 GMT
server: Apache/2.4.9 (Unix)
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id: t2hrqaE0treJXtOCArqWwelmFxt6XWpa5xvmBRQTXJoRxC5mTV_YeQ==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

GET
H2 200 styles.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/ Frame E690 36 KB
2 KB 309ms
200ms Stylesheet
text/css 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 37497
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-8uD94D-oYB"
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=158987
content-length: 1761
x-amz-cf-id: 1UD13nf8acOYVR5t7jcVROAuf5ON9a3AjSY5aqx1skTAK68ZDjd7Ag==
expires: Sun, 30 Oct 2022 15:51:27 GMT

GET
H2 200 all.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/ Frame E690 58 KB
13 KB 621ms
512ms Stylesheet
text/css 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/all.css
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 73625
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-3fi2KfM5qy"
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2494335
content-length: 12604
x-amz-cf-id: fdmeW0Z-3ska43-3hZ1vxxUiPwWoGDk-wGwSxfwSpZjbW7Ejt8m-wQ==
expires: Sat, 26 Nov 2022 16:33:55 GMT

GET
H2 200 master_27N61xCFE9_792_zodiak_aquarius.jpg
img.celebrities.id/okz/800/823wcX/ Frame E690 16 KB
17 KB 1003ms
937ms Image
image/webp 2606:4700::6812:1d64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/823wcX/master_27N61xCFE9_792_zodiak_aquarius.jpg

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f55e089bbc516d5eed09f838de2296ea51e216028b0b34ea099755b28eeb344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 31243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16760
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-kLYTfZKdGv"
x-frame-options: SAMEORIGIN
vary: User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315327239
accept-ranges: bytes
cf-ray: 761626704ec7b885-AMS
link: <http://img.celebrities.id/okz/800/823wcX/master_27N61xCFE9_792_zodiak_aquarius.jpg>; rel="canonical"
expires: Mon, 25 Oct 2032 10:35:38 GMT

GET
H2 200 celebrities.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 2 KB
2 KB 309ms
201ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/celebrities.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 1745
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-YBT1KxLyB6"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=158990
accept-ranges: bytes
content-length: 1732
x-amz-cf-id: ZLLWHVd34SdQ1VUKZ5lCR7mJWaHljkTz_PcBB314b5RM_JERTm-6zQ==
expires: Sun, 30 Oct 2022 15:51:30 GMT

GET
H2 200 PMK.jpg
img.idxchannel.com/media/439/images/idx/2021/04/20/ Frame E690 11 KB
11 KB 632ms
535ms Image
image/jpeg 2600:9000:206f:a400:15:c3e:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.idxchannel.com/media/439/images/idx/2021/04/20/PMK.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a400:15:c3e:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: 74dd82882b9887c755a84b2a5f896f6360a19169fbb67ffc798bc0c41e7cd8ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 08:48:29 GMT
server: nginx/1.17.2
x-amz-cf-pop: FRA56-C1
etag: W/"607e955d-c74c"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 11230
x-amz-cf-id: 8Eg7HbnLeu7sA6cH9WMmNiADHkOenJUOw6H38WKVwzsEliQgwlXhrw==

GET
H2 200 idx_simple.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 5 KB
5 KB 615ms
508ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/idx_simple.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 13405
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-ynhC4ViFMt"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=158673
accept-ranges: bytes
content-length: 4649
x-amz-cf-id: pqj_E0ABKqLfRpQxEbSRodZRetj0XrPFclfUnjZ9EF41iOP8YR4oQg==
expires: Sun, 30 Oct 2022 15:46:13 GMT

GET
H2 200 IMG-20221028-WA0037.jpg
www.mnctrijaya.com/uploads/news/ Frame E690 104 KB
105 KB 780ms
675ms Image
image/jpeg 2600:9000:2057:a400:e:c3de:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mnctrijaya.com/uploads/news/IMG-20221028-WA0037.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a400:e:c3de:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e5f8254bb9f11390fd58c688d634572e252007e348719aa1d8dea34952a592f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 15:21:58 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: "635bf396-1a14c"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 106828
x-amz-cf-id: oWiQzAHOc3kwZ3IAdQpsOQCrxsXhrE3HdqGPMN8lKmNXXu2u7piCrQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mnctrijaya.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 10 KB
11 KB 303ms
196ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/mnctrijaya.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 13116
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-qAx-oOOL5R"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2494343
accept-ranges: bytes
content-length: 10422
x-amz-cf-id: kjF8nArozTt38yusWDD0kCqCeqq7FzUIQwvjEO9SIA1VA_uoUxchqA==
expires: Sat, 26 Nov 2022 16:34:03 GMT

GET
H2 200 1666882245965089364-635a9b0d2aea69dd2695d004.jpg
i.buddyku.id/ugc/2022/10/27/1666882245965089364/ Frame E690 41 KB
42 KB 137ms
33ms Image
image/jpeg 2600:9000:211e:e00:1c:7874:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.buddyku.id/ugc/2022/10/27/1666882245965089364/1666882245965089364-635a9b0d2aea69dd2695d004.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e00:1c:7874:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63d3f58970004cec2ade40b3c679e26f2c3f11ac76a7197049aff2dfec38a16e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:03:55 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 14:51:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 16945
etag: "affd2b69f9e645d8f42b238ecab52f92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: .jpg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 42280
x-amz-cf-id: 2Q3RqKHZ0zU2rwWeFAb9a8cV23Z2hxeNZmx_H1sGexnobNr55H4Eag==

GET
H2 200 buddyku.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 3 KB
3 KB 513ms
512ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/buddyku.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 01473cfcbee7a16017e14a60249ad7fda667b2811c0a51b3207bf8d9707f9a3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 5483
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-IcrYddWUxz"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1587743
accept-ranges: bytes
content-length: 2693
x-amz-cf-id: lKIbnQ7dq0oz0DNWwZZTogqrlsUMRYZAOhHza_oEIYM5YE-yIVHKOQ==
expires: Wed, 16 Nov 2022 04:44:03 GMT

GET
H2 200 tega-pria-ini-cabuli-bocah-5-tahun-saat-bermain-dengan-anaknya-dV01MTDkhP.jpg
img.okezone.com/dynamic/content/2022/10/28/340/2696737/ Frame E690 4 KB
4 KB 330ms
207ms Image
image/jpeg 2600:9000:206f:7800:1f:824e:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/dynamic/content/2022/10/28/340/2696737/tega-pria-ini-cabuli-bocah-5-tahun-saat-bermain-dengan-anaknya-dV01MTDkhP.jpg?w=300

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7800:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

06b89a241c028fc8be635e4271393b25f9c50b925ee19bf5558ab8385c9f08e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 3967
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Oct 2022 14:51:14 GMT
server: nginx/1.20.1
etag: "635bec62-f7f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, s-maxage=10
link: <http://img.okezone.com/dynamic/content/2022/10/28/340/2696737/tega-pria-ini-cabuli-bocah-5-tahun-saat-bermain-dengan-anaknya-dV01MTDkhP.jpg?w=300>; rel="canonical"
x-amz-cf-id: -eJi3HFUWN2JSLV9NKDSfiYrzV4RKd0SN42efHS4uH1QeeeyWMrG4w==
expires: Sat, 28 Oct 2023 19:41:39 GMT

GET
H2 200 okezone.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 3 KB
3 KB 508ms
508ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/okezone.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 665820ac1bd1cc62b68f8cc6b54485c4721681f161fb9871ba318fca8e1620a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 2761
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-tyMZq5pz7-"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2494356
accept-ranges: bytes
content-length: 2748
x-amz-cf-id: I_1jkE7zUP2eodn4jqhG2E35BfwSduVnbJFzXuA3Xw_e77IJ702xJA==
expires: Sat, 26 Nov 2022 16:34:16 GMT

GET
H2 200 tawarkan-rp513-miliar-untuk-habisi-salman-rushdie-yayasan-iran-disanksi-as-obt.jpg
pict.sindonews.net/dyn/620/pena/news/2022/10/29/42/926071/ Frame E690 22 KB
22 KB 155ms
40ms Image
image/jpeg 2600:9000:206f:5400:1f:4c6b:cc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pict.sindonews.net/dyn/620/pena/news/2022/10/29/42/926071/tawarkan-rp513-miliar-untuk-habisi-salman-rushdie-yayasan-iran-disanksi-as-obt.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5400:1f:4c6b:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d7ccc3332fe30fc77fda71de158ae4538caf2c79208a3c1efc92f5a902fde40b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Oct 2022 19:40:13 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 19:34:31 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 86
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 22470
x-amz-cf-id: re92k0274F-YvIg9G9fNBTLdtyvbAB0JCK7WuyPuMxHJkDDSb2kD6A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sindonews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 4 KB
4 KB 196ms
196ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sindonews.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 4018
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-scGGmu-WOv"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2494335
accept-ranges: bytes
content-length: 4016
x-amz-cf-id: nPwBsjDT_4nYSpyZgQqyr8d-dLBWI5d3V58csmV_JyNEqmnfBNHiBw==
expires: Sat, 26 Nov 2022 16:33:55 GMT

GET
H2 200 master_7de932g2Yb_1761_pelatih_barcelona_xavi_hernandez_memberi_instruksi_di_pinggir_lapangan_pada_laga_kontra_bayern_munchen_foto_reuters_andreas_gebert.JPG
img.sportstars.id//2022/09/5uQ01t/ Frame E690 103 KB
104 KB 133ms
63ms Image
image/jpeg 2606:4700::6812:b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportstars.id//2022/09/5uQ01t/master_7de932g2Yb_1761_pelatih_barcelona_xavi_hernandez_memberi_instruksi_di_pinggir_lapangan_pada_laga_kontra_bayern_munchen_foto_reuters_andreas_gebert.JPG

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5faab476eb0fb13b1bfb87be1e33f53af1e740f4b6f28367a6f3990998da6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 396
cf-polished: origSize=125842, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105930
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Sep 2022 22:42:25 GMT
server: cloudflare
etag: "63210751-1eb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761626715d980be9-AMS
link: <http://img.sportstars.id//2022/09/5uQ01t/master_7de932g2Yb_1761_pelatih_barcelona_xavi_hernandez_memberi_instruksi_di_pinggir_lapangan_pada_laga_kontra_bayern_munchen_foto_reuters_andreas_gebert.JPG>; rel="canonical"
expires: Sat, 28 Oct 2023 19:41:39 GMT

GET
H2 200 sportstars.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame E690 2 KB
2 KB 505ms
505ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sportstars.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 1845
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-Py3HXLPLBk"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=158658
accept-ranges: bytes
content-length: 1832
x-amz-cf-id: 8lqMeLWWDAjmZ9nQWqsO3Zoe9iqNjt9rbCM-sy_rRkuLqe6D4h9XCQ==
expires: Sun, 30 Oct 2022 15:45:58 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/ Frame E690 87 KB
31 KB 460ms
352ms Script
application/javascript 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/jquery-3.6.0.min.js
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 89501
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: W/"PSA-aj-vSq_cOaZon"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=158165
content-length: 30812
x-amz-cf-id: NmRWBs8r8dPJicm88Va5fCuUBl1NYCU-gVAWsxoMGZ8VY7DAU2nXDg==
expires: Sun, 30 Oct 2022 15:37:45 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.4.4/ Frame E690
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

140 KB
40 KB

38ms
38ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1409078
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GF620M603RVMAYQSX54962VN-ams
server: cloudflare
etag: W/"2310e-YgoXHzBgFVHspCsWstmF72fEP1g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 761626707977b752-AMS

Redirect headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GGG18DFY3ZV9ZQ4K2CVGCQCK-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 593
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.4/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 761626703932b752-AMS

GET
H2 200 bpe.html Show response
www.visionplus.id/besportse/photose/ Frame 2E69 22 KB
4 KB 665ms
215ms Document
text/html 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-153.mncplaymedia.com
Software: nginx /
Resource Hash: ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
content-type: text/html
date: Fri, 28 Oct 2022 19:41:39 GMT
etag: W/"631e95c9-57ed"
expires: Fri, 28 Oct 2022 19:41:38 GMT
last-modified: Friday, 28-Oct-2022 19:41:39 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan Show response
www.rctiplus.com/life/3068061/ Frame AAA6 13 KB
5 KB 607ms
493ms Document
text/html 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / Dark Phoenix
Resource Hash: 2e6b7902d6ce083b322da8eb4c2322d17a72c3072cece90894f85e78288bb6b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1666986099
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 19:41:39 GMT
EagleId: 4f85b19a16669860993471036e
Server: Tengine
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
Via: cache21.l2de2[459,459,200-0,M], cache20.l2de2[460,0], cache3.de3[462,461,200-0,M], cache6.de3[463,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Powered-By: Dark Phoenix
X-Robots-Tag: noindex
X-Swift-CacheTime: 0
X-Swift-SaveTime: Fri, 28 Oct 2022 19:41:39 GMT

GET
H2 200 xred.png.pagespeed.ic.jpXU9Y2YLq.png
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/ Frame E690 122 B
629 B 197ms
197ms Image
image/png 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/xred.png.pagespeed.ic.jpXU9Y2YLq.png
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-original-content-length: 135
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 122
x-page-speed: Powered By okezone.com
last-modified: Thu, 29 Sep 2022 13:29:34 GMT
server: nginx/1.20.1
etag: W/"0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/red.png>; rel="canonical"
x-amz-cf-id: xVX8yq7DQuarNB1yyt9TGtdEU_YUNEYCwsI9wjmosAJNPXjmfNGAgw==
expires: Fri, 29 Sep 2023 13:29:34 GMT

GET
H2 200 Roboto-Medium.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame E690 175 KB
176 KB 433ms
364ms Font
application/octet-stream 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Medium.ttf
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f

Request headers

Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin: https://sindikasi.okezone.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 13:00:28 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: "61b743ec-2bc60"
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
content-length: 179296
x-amz-cf-id: 7bRZEiLMIvvhbPdtXMenTXSkVt7nTwa4oK9JoOFUtv-E0mdjGI8LYw==
expires: Sun, 27 Nov 2022 19:41:39 GMT

GET
H2 200 Roboto-Bold.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame E690 166 KB
167 KB 298ms
229ms Font
application/octet-stream 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Bold.ttf
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe

Request headers

Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin: https://sindikasi.okezone.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 13:00:33 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: "61b743f1-297ec"
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
content-length: 169964
x-amz-cf-id: uxG7uBwbnsHvh_Jc9cHRfWsrsOe9rUf919DrSTX2PmcqIY_-PxGa7Q==
expires: Sun, 27 Nov 2022 19:41:39 GMT

GET
H2 200 Heebo-Regular.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/ Frame E690 32 KB
33 KB 263ms
196ms Font
application/octet-stream 2600:9000:206f:600:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/Heebo-Regular.ttf
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca

Request headers

Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin: https://sindikasi.okezone.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 13:00:27 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
etag: "61b743eb-8110"
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
content-length: 33040
x-amz-cf-id: 0ztv-96JL_FM38N6sPPoL8p9CA-28jXTiuAK79qVxI_pWSbZ1QqZQg==
expires: Sun, 27 Nov 2022 19:41:39 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame AAA6 132 KB
48 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd4fd8102ede7d489bbf2410235e15a02e74231e6f534cdf4c9745069caadea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49027
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 19:41:39 GMT

GET
H/1.1 200
OK rcti__news.png
static.rctiplus.id/fta_rcti/logo/ Frame AAA6 11 KB
11 KB 117ms
31ms Image
image/png 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/fta_rcti/logo/rcti__news.png

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Sat, 15 Oct 2022 04:27:20 GMT
Via: cache3.l2de2[0,0,200-0,H], cache14.l2de2[0,0], cache14.l2de2[1,0], cache1.de3[0,0,200-0,H], cache3.de3[1,0]
Age: 1178059
X-Swift-CacheTime: 1478502
X-Cache: HIT TCP_MEM_HIT dirn:12:569991309
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 01:45:38 GMT
Content-Length: 10963
Last-Modified: Thu, 29 Apr 2021 05:19:32 GMT
Server: Tengine
ETag: "608a41e4-2ad3"
Ali-Swift-Global-Savetime: 1665808040
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 4f85b19716669860999442337e

GET placeholder.jpeg
static.rctiplus.id/fta_rcti/logo/ Frame AAA6 0
0

GET
H/1.1 200
OK 3068077.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame AAA6 15 KB
16 KB 114ms
32ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/media/500/files/fta_rcti/news/3068077.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

88091ee873c71a722f4380726cce8e3942f709fe147cee7e43ef189e545a9ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Fri, 28 Oct 2022 19:38:22 GMT
Via: cache2.l2de2[0,0,200-0,H], cache15.l2de2[2,0], cache15.l2de2[3,0], cache13.de3[0,0,200-0,H], cache2.de3[1,0]
Age: 197
X-Swift-CacheTime: 2591923
X-Cache: HIT TCP_MEM_HIT dirn:13:99215456
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 19:39:39 GMT
Content-Length: 15505
Last-Modified: Fri, 28 Oct 2022 19:37:25 GMT
Server: Tengine
ETag: W/"635c2f75-6abe"
Ali-Swift-Global-Savetime: 1666985902
Content-Type: image/jpeg
Access-Control-Allow-Origin: *, *
Timing-Allow-Origin: *
EagleId: 4f85b19616669860999427699e

GET
H/1.1 200
OK 3068076.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame AAA6 12 KB
13 KB 197ms
115ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/media/500/files/fta_rcti/news/3068076.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7b54d3b9fd901c07a67b83e1ecde2705211a3122c9b35d769eb4bc08691f73b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Fri, 28 Oct 2022 19:38:22 GMT
Via: cache11.l2de2[0,0,200-0,H], cache20.l2de2[1,0], cache20.l2de2[2,0], cache10.de3[0,0,200-0,H], cache2.de3[50,0]
Age: 197
X-Swift-CacheTime: 2591923
X-Cache: HIT TCP_MEM_HIT dirn:12:167026896
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 19:39:39 GMT
Content-Length: 12602
Last-Modified: Fri, 28 Oct 2022 19:13:12 GMT
Server: Tengine
ETag: W/"635c29c8-5a2a"
Ali-Swift-Global-Savetime: 1666985902
Content-Type: image/jpeg
Access-Control-Allow-Origin: *, *
Timing-Allow-Origin: *
EagleId: 4f85b19616669860999427698e

GET
H/1.1 200
OK 3068075.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame AAA6 18 KB
19 KB 172ms
91ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/media/500/files/fta_rcti/news/3068075.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

5129cee565306ee6efb3ed2462d28a09e2c05815ed94713cb831355970ce1460

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Fri, 28 Oct 2022 19:13:08 GMT
Via: cache10.l2de2[0,0,200-0,H], cache12.l2de2[1,0], cache12.l2de2[1,0], cache2.de3[0,-3,200-0,H], cache3.de3[59,0]
Age: 1711
X-Swift-CacheTime: 2591956
X-Cache: HIT TCP_MEM_HIT dirn:13:523313159
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 19:13:52 GMT
Content-Length: 18274
Last-Modified: Fri, 28 Oct 2022 19:11:12 GMT
Server: Tengine
ETag: W/"635c2950-b5a8"
Ali-Swift-Global-Savetime: 1666984388
Content-Type: image/jpeg
Access-Control-Allow-Origin: *, *
Timing-Allow-Origin: *
EagleId: 4f85b19716669860999442340e

GET
H/1.1 200
OK 3068074.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame AAA6 17 KB
18 KB 145ms
64ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/media/500/files/fta_rcti/news/3068074.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

daf8bda546b76d423d8ac10331562e1a8c47d83a88ff1433172c037a6db8b744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Fri, 28 Oct 2022 19:13:08 GMT
Via: cache21.l2de2[0,0,200-0,H], cache25.l2de2[0,0], cache25.l2de2[1,0], cache5.de3[0,0,200-0,H], cache4.de3[2,0]
Age: 1710
X-Swift-CacheTime: 2591930
X-Cache: HIT TCP_MEM_HIT dirn:12:676936749
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 19:14:19 GMT
Content-Length: 17247
Last-Modified: Fri, 28 Oct 2022 19:11:12 GMT
Server: Tengine
ETag: W/"635c2950-af1c"
Ali-Swift-Global-Savetime: 1666984389
Content-Type: image/jpeg
Access-Control-Allow-Origin: *, *
Timing-Allow-Origin: *
EagleId: 4f85b19816669860999422971e

GET
H/1.1 200
OK 3068073.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame AAA6 16 KB
17 KB 164ms
84ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/media/500/files/fta_rcti/news/3068073.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6ed18cb7125a29518b47772306b11e75336f54246ea34786f457d2a8e81037e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Fri, 28 Oct 2022 19:13:08 GMT
Via: cache3.l2de2[0,0,200-0,H], cache10.l2de2[1,0], cache10.l2de2[1,0], cache2.de3[0,-1,200-0,H], cache1.de3[53,0]
Age: 1710
X-Swift-CacheTime: 2591925
X-Cache: HIT TCP_MEM_HIT dirn:12:518063184
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 19:14:24 GMT
Content-Length: 16482
Last-Modified: Fri, 28 Oct 2022 19:11:11 GMT
Server: Tengine
ETag: W/"635c294f-b12a"
Ali-Swift-Global-Savetime: 1666984389
Content-Type: image/jpeg
Access-Control-Allow-Origin: *, *
Timing-Allow-Origin: *
EagleId: 4f85b19516669860999428743e

GET
H/1.1 200
OK 3068072.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame AAA6 21 KB
22 KB 33ms
33ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/media/500/files/fta_rcti/news/3068072.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

182bec74e17d704ee3deb54cb6445013561d36cb0893183beaf04b59c3daa0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Fri, 28 Oct 2022 19:13:08 GMT
Via: cache19.l2de2[0,0,200-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache5.de3[0,0,200-0,H], cache3.de3[1,0]
Age: 1712
X-Swift-CacheTime: 2591922
X-Cache: HIT TCP_MEM_HIT dirn:13:685947507
Connection: keep-alive
X-Swift-SaveTime: Fri, 28 Oct 2022 19:14:26 GMT
Content-Length: 21623
Last-Modified: Fri, 28 Oct 2022 19:11:11 GMT
Server: Tengine
ETag: W/"635c294f-d676"
Ali-Swift-Global-Savetime: 1666984388
Content-Type: image/jpeg
Access-Control-Allow-Origin: *, *
Timing-Allow-Origin: *
EagleId: 4f85b19716669861000052395e

GET
H2 200 analytics.js Show response
analytics.rctiplus.com/tracking/ Frame AAA6 3 KB
2 KB 336ms
263ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rctiplus.com/tracking/analytics.js?id=RA-000001-1
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15, Dark Phoenix
Resource Hash: 98bb3195555bd91343a7d160c9c41bb1c02c6ac1e53f65d4bc80c34eef6fa930

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.15, Dark Phoenix
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCt1%2BS3oHr80Tgs5HNvm13ryFu2wEK0SX3NMW%2FCpazo4LDTKbqCjwbSNriz5wRkxV3ERnfpEI89tNrYB%2FZBVVTY8Ny3BfQo70Hd4waLGsB6D71l7d2DPDn21GcJeYKOjnb8AceYMVkrYPqSnGiMSCkL4bAFS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-robots-tag: noindex
cf-ray: 761626749b8eb82b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 config-widget.js Show response
www.visionplus.id/besportse/photose/shareconf/ Frame 2E69 2 KB
2 KB 215ms
214ms Script
application/javascript 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/besportse/photose/shareconf/config-widget.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-153.mncplaymedia.com
Software: nginx /
Resource Hash: 255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
last-modified: Friday, 28-Oct-2022 19:41:39 GMT
server: nginx
etag: "631e9507-802"
content-type: application/javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 2050
expires: Fri, 28 Oct 2022 19:41:38 GMT

GET
H2 200 config-widget.js Show response
www.visionplus.id/besportse/photose/ Frame 2E69 2 KB
2 KB 215ms
215ms Script
application/javascript 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/besportse/photose/config-widget.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-153.mncplaymedia.com
Software: nginx /
Resource Hash: b9121d34e7a3588ef5e6b58d05a4f0ceb22af79c1d978e3711f343814123bd34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
last-modified: Friday, 28-Oct-2022 19:41:39 GMT
server: nginx
etag: "6358e5f2-798"
content-type: application/javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 1944
expires: Fri, 28 Oct 2022 19:41:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2E69 109 KB
43 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a4e4670edc8969c23703b1ab3ae5fa5841a79a653e51421254380d31c63c7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43616
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2E69 109 KB
43 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154114411-1

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

433d94d40b6256484ab7e6645b0585c5be0819c026877b8182cf83d953158798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43637
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 2E69 86 KB
31 KB 128ms
58ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 16:26:27 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2E69 80 KB
27 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3fa1cf36aecef8716a9c1ddd0e278a591721cc8a688fc931077be1e47fc7638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27417
x-xss-protection: 0
server: sffe
etag: "1377 / 167 of 1000 / last-modified: 1666955192"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H2 200 app_logo.png
www.visionplus.id/besportse/photose/img/ Frame 2E69 8 KB
8 KB 454ms
451ms Image
image/png 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/besportse/photose/img/app_logo.png
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-153.mncplaymedia.com
Software: nginx /
Resource Hash: ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
last-modified: Friday, 28-Oct-2022 19:41:40 GMT
server: nginx
etag: "631e9507-1e63"
content-type: image/png
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 7779
expires: Fri, 28 Oct 2022 19:41:39 GMT

GET
H2 200 ph_3-2.jpg
www.visionplus.id/besportse/photose/img/ Frame 2E69 4 KB
4 KB 216ms
214ms Image
image/jpeg 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/besportse/photose/img/ph_3-2.jpg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-153.mncplaymedia.com
Software: nginx /
Resource Hash: bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
last-modified: Friday, 28-Oct-2022 19:41:40 GMT
server: nginx
etag: "631e9507-10a0"
content-type: image/jpeg
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 4256
expires: Fri, 28 Oct 2022 19:41:39 GMT

GET
H2 200 Ellipse-Play.svg
www.visionplus.id/watch/video/img/group1283/ Frame 2E69 2 KB
2 KB 268ms
266ms Image
image/svg+xml 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/watch/video/img/group1283/Ellipse-Play.svg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-153.mncplaymedia.com
Software: nginx /
Resource Hash: 3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
last-modified: Friday, 28-Oct-2022 19:41:40 GMT
server: nginx
etag: "60e6e573-659"
content-type: image/svg+xml
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 1625
expires: Fri, 28 Oct 2022 19:41:39 GMT

GET ph_2-3.jpg
www.visionplus.id/besportse/photose/img/ Frame 2E69 0
0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame AAA6 49 KB
20 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 19:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 21:01:58 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame AAA6 4 KB
2 KB 139ms
32ms Script
application/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 4383107
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: 25l-YBcaGuuH7s91lB0EX-RpFSfdeCn3W6rOMtr4EBY8Ro0wnMBe2Q==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame AAA6 43 B
551 B 108ms
33ms Image
image/gif 99.86.4.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=600&frame_width=279&iframe=1&title=RCTI%2B&time=1666986100078&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.rctiplus.com%2Flife%2F3068061%2Fakmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan%3F1666986096215&random_number=4587881803&sess_cookie=e448ce7c184201d456d75c80de8&sess_cookie_flag=1&user_cookie=e448ce7c184201d456d75c80de8&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-123.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 02:09:38 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 63123
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: HM-cD1W80D9wB3eOcNrDniviKffbUzlcu7ODpbKu05RlYgjkOufG_Q==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame AAA6 0
48 B 548ms
169ms Image
text/plain 35.85.87.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068061/akmal-marhali-sebut-dirut-arema-fc-paling-bertanggungjawab-atas-tragedi-kanjuruhan?1666986096215
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.87.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-87-192.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
server: Server

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 2E69 4 KB
2 KB 33ms
32ms Script
application/javascript 99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 04:16:26 GMT
content-encoding: gzip
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 55547
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: RuV_V8jwyYM4e1fTVVNbVJT5i2eH8n26CH-n2q4X8zsLthQVGHSxbQ==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2E69 116 KB
44 KB 83ms
82ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRZJRWG

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d8bd59a227dc89dbe5180b525f977fd7554ef76e5ccd2775f7bb16a21cf4ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45448
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame 2E69 4 KB
2 KB 32ms
31ms Script
application/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 4383107
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: W-qjYfb9Fg6Mwb_tCpZNpENQlkahSuoE2w8Qu338-hihnkkMzrlZ5A==

GET
H2 200 motogp_assen.jpg
cluster-images.visionplus.id/static/website/ Frame 2E69 65 KB
65 KB 508ms
489ms Image
image/jpeg 202.147.193.153
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cluster-images.visionplus.id/static/website/motogp_assen.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.153 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-153.mncplaymedia.com

Software

nginx /

Resource Hash

39dfe16f2f0c8b4d4163463c3f555a93f5932d173a407e543d1e8aa2d08d49b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified: Mon, 12 Sep 2022 08:18:44 GMT
server: nginx
content-encoding: gzip
etag: W/"631eeb64-1058e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800
link: <https://cluster-images.visionplus.id/static/website/motogp_assen.jpg>; rel="canonical"
x-xss-protection: 1; mode=block
expires: Fri, 04 Nov 2022 19:41:40 GMT

GET
H2 200 5ce1.jpg
static.mncnow.id/images/series/32173cac/ Frame 2E69 34 KB
34 KB 146ms
56ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/32173cac/5ce1.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 22 Oct 2022 01:28:14 GMT
via: cache17.l2de2[0,0,200-0,H], cache15.l2de2[1,0], cache4.de3[0,0,200-0,H], cache3.de3[2,0]
age: 584006
x-swift-cachetime: 85347
x-cache: HIT TCP_MEM_HIT dirn:13:848833696
x-swift-savetime: Fri, 28 Oct 2022 01:45:47 GMT
content-length: 34352
last-modified: Fri, 11 Mar 2022 08:03:17 GMT
server: Tengine
etag: "622b0245-8630"
ali-swift-global-savetime: 1666402094
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19716669861002532652e
expires: Sat, 29 Oct 2022 01:28:14 GMT

GET
H2 200 6274.jpg
static.mncnow.id/images/series/a0318f17/ Frame 2E69 27 KB
27 KB 178ms
88ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/a0318f17/6274.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 22 Oct 2022 04:02:02 GMT
via: cache8.l2de2[0,0,200-0,H], cache25.l2de2[0,0], cache11.de3[0,0,200-0,H], cache3.de3[3,0]
age: 574778
x-swift-cachetime: 94575
x-cache: HIT TCP_MEM_HIT dirn:13:653425272
x-swift-savetime: Fri, 28 Oct 2022 01:45:47 GMT
content-length: 27687
last-modified: Mon, 07 Mar 2022 10:41:44 GMT
server: Tengine
etag: "6225e168-6c27"
ali-swift-global-savetime: 1666411322
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19716669861002532655e
expires: Sat, 29 Oct 2022 04:02:02 GMT

GET
H2 200 7a0a.jpg
static.mncnow.id/images/series/446a6208/ Frame 2E69 43 KB
43 KB 179ms
89ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/446a6208/7a0a.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 22 Oct 2022 04:02:01 GMT
via: cache5.l2de2[0,0,200-0,H], cache26.l2de2[1,0], cache8.de3[0,0,200-0,H], cache3.de3[3,0]
age: 574779
x-swift-cachetime: 94574
x-cache: HIT TCP_MEM_HIT dirn:12:264892516
x-swift-savetime: Fri, 28 Oct 2022 01:45:47 GMT
content-length: 43640
last-modified: Fri, 11 Mar 2022 10:18:29 GMT
server: Tengine
etag: "622b21f5-aa78"
ali-swift-global-savetime: 1666411321
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19716669861002532656e
expires: Sat, 29 Oct 2022 04:02:01 GMT

GET
H2 200 489b.jpg
static.mncnow.id/images/vod/863f579e/ Frame 2E69 36 KB
37 KB 207ms
117ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/863f579e/489b.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 22 Oct 2022 04:02:26 GMT
via: cache16.l2de2[0,60,200-0,H], cache23.l2de2[61,0], cache9.de3[0,0,200-0,H], cache3.de3[3,0]
age: 574754
x-swift-cachetime: 94599
x-cache: HIT TCP_MEM_HIT dirn:12:692838455
x-swift-savetime: Fri, 28 Oct 2022 01:45:47 GMT
content-length: 37076
last-modified: Tue, 28 Dec 2021 04:52:28 GMT
server: Tengine
etag: "61ca980c-90d4"
ali-swift-global-savetime: 1666411346
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19716669861002532657e
expires: Sat, 29 Oct 2022 04:02:26 GMT

GET
H2 200 949d.jpg
static.mncnow.id/images/vod/7847cc87/ Frame 2E69 51 KB
51 KB 229ms
140ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/7847cc87/949d.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 22 Oct 2022 04:02:26 GMT
via: cache3.l2de2[0,0,200-0,H], cache25.l2de2[1,0], cache14.de3[0,0,200-0,H], cache3.de3[3,0]
age: 574754
x-swift-cachetime: 94599
x-cache: HIT TCP_MEM_HIT dirn:13:683321369
x-swift-savetime: Fri, 28 Oct 2022 01:45:47 GMT
content-length: 51712
last-modified: Fri, 11 Mar 2022 10:34:55 GMT
server: Tengine
etag: "622b25cf-ca00"
ali-swift-global-savetime: 1666411346
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19716669861002532660e
expires: Sat, 29 Oct 2022 04:02:26 GMT

GET
H2 200 f924.jpg
static.mncnow.id/images/vod/058df7c5/ Frame 2E69 36 KB
36 KB 230ms
142ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/058df7c5/f924.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 22 Oct 2022 04:02:02 GMT
via: cache2.l2de2[0,0,200-0,H], cache12.l2de2[1,0], cache3.de3[0,0,200-0,H], cache3.de3[4,0]
age: 574778
x-swift-cachetime: 94575
x-cache: HIT TCP_MEM_HIT dirn:12:381718908
x-swift-savetime: Fri, 28 Oct 2022 01:45:47 GMT
content-length: 36795
last-modified: Fri, 11 Mar 2022 05:04:16 GMT
server: Tengine
etag: "622ad850-8fbb"
ali-swift-global-savetime: 1666411322
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19716669861002532661e
expires: Sat, 29 Oct 2022 04:02:02 GMT

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 2E69 0
47 B 451ms
170ms Image
text/plain 35.85.87.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.87.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-87-192.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
server: Server

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame 2E69 43 B
551 B 45ms
32ms Image
image/gif 99.86.4.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=590&frame_width=284&iframe=1&title=Vision%2B&time=1666986100176&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&random_number=5751063578&sess_cookie=1f8f4645184201d45d0cf78a55b&sess_cookie_flag=1&user_cookie=1f8f4645184201d45d0cf78a55b&user_cookie_flag=1&dynamic=true&domain=visionplus.id&account=s+Whw1O7kI20L7&jsv=20130128&user_lang=en-US
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-123.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 02:09:38 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 63123
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: 4QhLkG1O5TVNpYVfgmJtksuGQlg3LYJkZsrkU0G4ZVhg6Q8JAC-wnQ==

GET
H2 204 b
sb.scorecardresearch.com/ Frame 2E69 0
284 B 33ms
32ms Image
text/plain 99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666986100177&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&c8=Vision%2B&c9=
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666986096214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: SfhY4ldL3NRY9PkETOxNg-_aN9TU2viFV37_Cyw1CsH9KfDv3mNt0Q==
x-cache: Miss from cloudfront

GET
H2 200 overview Show response
radiox.rctiplus.com/audiobook/718/my-introvert-husband/ Frame 3C32 1 KB
2 KB 972ms
959ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14 Dark Phoenix
Resource Hash: 23b77bd6c0586fbc21f65de01014700ea352cb8d46f3de1489c3d92ec7f4bd73

Request headers

Referer: https://www.rctiplus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 761626765ddcb82b-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 19:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWVomZRAwgysMUJBj%2Fr%2FKOYL60b2mJMJ98zNyzXWqQl%2Fv4RF8MaeJ9whuwkL0QkLfVDOL0TLmF%2BsolcxUjahwV9v7zgKCo5MRT016IGVpjaWXA6RwSdyyf02U1Z6kMaaWHvHKlyNprZU5ehUIvPZkxCw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.14 Dark Phoenix
x-robots-tag: noindex

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2E69 49 KB
20 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 19:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2382
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 21:01:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2E69 109 KB
43 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154114411-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd5cda237af8f758604072881ebd2ce498f8ced8b3a20404f359d0efc1e6915b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43647
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H3 200 pubads_impl_2022102701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2E69 379 KB
128 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130801
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Oct 2023 19:14:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2E69 2 B
22 B 64ms
64ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1451159512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEBAAUABAAAAACAAIC~&jid=1024855608&gjid=821374391&cid=1160388462.1666986100&tid=UA-111351533-7&_gid=2133907034.1666986100&_r=1&gtm=2ouaq0&z=253852900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2E69 1 B
21 B 65ms
65ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1451159512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=741580465&gjid=900199780&cid=1160388462.1666986100&tid=UA-154114411-1&_gid=2133907034.1666986100&_r=1&gtm=2ouaq0&z=2061373230

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2E69 1 B
21 B 64ms
64ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1451159512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=786031074&gjid=444377548&cid=1160388462.1666986100&tid=UA-111351533-1&_gid=2133907034.1666986100&_r=1&gtm=2wgaq0TRZJRWG&z=64067433

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2E69 2 B
22 B 65ms
64ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1451159512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=290280595&gjid=1001126578&cid=1160388462.1666986100&tid=UA-111351533-7&_gid=2133907034.1666986100&_r=1&gtm=2wgaq0TRZJRWG&z=771827567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 2E69 1 B
21 B 65ms
64ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1451159512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=1881292193&gjid=1479906500&cid=1160388462.1666986100&tid=UA-154114411-1&_gid=2133907034.1666986100&_r=1&gtm=2wgaq0TRZJRWG&z=463537196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 2E69 1 B
22 B 96ms
34ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111351533-7&cid=1160388462.1666986100&jid=1024855608&gjid=821374391&_gid=2133907034.1666986100&_u=YEBAAUAAAAAAACAAIC~&z=1606283428

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 2E69 1 B
22 B 83ms
32ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111351533-7&cid=1160388462.1666986100&jid=290280595&gjid=1001126578&_gid=2133907034.1666986100&_u=YEDAAUABAAAAACAAIC~&z=1784672641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 2E69 107 B
122 B 129ms
65ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.visionplus.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2E69 107 B
122 B 188ms
69ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.visionplus.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2E69 37 KB
15 KB 107ms
107ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3135910157453937&correlator=2877750143702925&eid=31068458%2C31068501%2C31070619%2C44768257&output=ldjh&gdfp_req=1&vrg=2022102701&ptt=17&impl=fifs&iu_parts=7108725%2CVplus-Widget-Banner-iNews&enc_prev_ius=%2F0%2F1&prev_iu_szs=243x110%7C300x250%7C243x100&ifi=1&adks=4109564508&sfv=1-0-38&sc=1&cdm=www.visionplus.id&abxe=1&dt=1666986100459&lmt=1666986099&dlt=1666986099884&idt=551&adxs=21&adys=476&biw=-12245933&bih=-12245933&isw=284&ish=590&scr_x=-12245933&scr_y=-12245933&ucis=ampk8sc4ltje&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666986096214&top=https%3A%2F%2Fntt.inews.id&frm=8&vis=1&psz=268x-1&msz=243x-1&fws=256&ohw=0&ea=0&ga_vid=1160388462.1666986100&ga_sid=1666986100&ga_hid=1451159512&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89915961d662123dfed7570fda8b4520b2bd1a7812f60155f3c4311c9d81dafd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15446
x-xss-protection: 0
google-lineitem-id: 6136770363
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409513375
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D82 6 KB
3 KB 84ms
68ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:40 GMT
expires: Sat, 28 Oct 2023 19:41:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D9C 0
0 94ms
93ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzR260CRy5YNT3BY9a6fUGlsydPhkfuQzZmT0Sn8aT-dHdWyWwozl81g3bC-Y69JvvM0we0Jg3Kno14kYlbsaEyKYZvWjn_TSE6UCvluQTcohA57qSXSj7ck1AkmA0SZcNt-zqmdNpVj6CDsisG4g4ITHOKknLeO_SupksY7jhNDP9q9_y-0i73w3AVAtycKvK0yCHiWSD8T2gFnRYrxKYQ7DFkUpM9UcMn3kYF6GOEgmJuCfbv-xdc6wm9esIF6J5NmJSJrUNxPHeq9uvE2koSgMRSSTUh49jwoCN21ubiYTdUXqT8_Uiy-qjZCSjZOvkvATZBPEjq-SkaGD5NA&sai=AMfl-YRdBs99oCpC0qU0LF92s7qatGHy-SKm2yFiJQ9Ds87nVT5RPB_Piihf3J8rM0nLZ1wsyAQeEX3Mxi7t2iKPCOiO3yy0tBeRCFdpgIcn&sig=Cg0ArKJSzGqYT_5sFNSTEAE&uach_m=[UACH]&adurl=

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 8D9C 23 KB
9 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 8D9C 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:57:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D9C 0
0 66ms
65ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRuXN69pVU9qB6arp17ko5_2GfdryYtgYT9XEZ9_aHZ0uQUwuDZRuHU_pXrhEUB4fPKH6WBeClz3XVv1iVOCPa7bkLjA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D9C 153 KB
47 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H3 200 4729967900352923802
tpc.googlesyndication.com/simgad/ Frame 8D9C 52 KB
52 KB 60ms
60ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4729967900352923802

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6afea708204fa3e2ae89d6a9dc173523398d0242b8de6bf8ca3f1f5aed247f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:04:06 GMT
x-content-type-options: nosniff
age: 376654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53343
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 02:58:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 11:04:06 GMT

GET
DATA 200
OK truncated
/ Frame 8D9C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16056fa1267634768f6e8885dfbb917bcf4949e04912dbb60a3593114d284884

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D9C 0
0 157ms
94ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL2YA2iwB6GGzV_GWmBe5zQ5MRo7MxzIm0LrcWs-1uolbPFXcceqP6fE56tEE7LzupMOIFM9265FxRDxfA86c2_mT-onZvRHulZTHQvMmYCtVKzAiJtrfkfBrvKANW06jFiwPHNlu_xITmKLzb1NfGhbf3hi0SWlahIJ9EbmLWdH_8RhBaURDcNGhWSnOEe1Sy2IgNR3B_jVO64xYD68JDWlll6Wef0oyAzcniICQjVTrwes2dRGQOgXroA5I7MA_AVH0HeVvMk_-fwNlTdPxLVRV6iWXU2XHlURb_xzVhh7mFn-7ZaXSsJlsrJcgWFFQhSMOz9AxUho0Gx9xFQltl&sai=AMfl-YSOpM6vKsZyJNE4erG3m1e2y_Fop7vgroXpTPWxZ2JSzjRwsjs9P6Hm0_hH4O-nAOj7QIuS80G5mndbBaHFsI6QCv_pBWvIz_XUSBnR&sig=Cg0ArKJSzLimcxs7p8NtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 19:41:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2E69 14 KB
11 KB 91ms
91ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a26ea40118779e36e37d5de6a85aa7b284628224b08d850b0b86b81d3e92d177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11104
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E69 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 19:41:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F236 13 KB
5 KB 59ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:36:18 GMT
expires: Sat, 28 Oct 2023 19:36:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 640C 783 B
534 B 70ms
69ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd9ee2a2db2660507f8edb9da723620aeacc721166fe10a25e7d44b476330fc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mFnxPh22wx-noVgE0TWeKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mFnxPh22wx-noVgE0TWeKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 19:41:41 GMT
expires: Fri, 28 Oct 2022 19:41:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3C32 17 KB
6 KB 158ms
95ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: radiox.rctiplus.com
URL: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://radiox.rctiplus.com/
Origin: https://radiox.rctiplus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7616267cea430c01-AMS

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3C32 132 KB
48 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Requested by

Host: radiox.rctiplus.com
URL: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

083259df910dfc76a9b2f72cc8c4f370a9a82ae51c739157245b48a9565f7b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://radiox.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49027
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 19:41:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 640C 0
0 93ms
92ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102701&jk=3135910157453937&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame F236 36 KB
16 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 15:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 15:43:18 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3C32 49 KB
20 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://radiox.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 19:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 21:01:58 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame 3C32 4 KB
2 KB 32ms
32ms Script
application/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://radiox.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 4383108
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: 4tBqxs2WxFvJ3FVFWPAp4T_Zla3bcsBxCHi7chwiDr2u-tkPp9cHug==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3C32 181 KB
65 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JR2L0ZYPG7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2d7b6e47a73417a0bbbed85dc55afe0a306f23ca5636384035a3b0dab3d61a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://radiox.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 19:41:41 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame 3C32 43 B
551 B 34ms
33ms Image
image/gif 99.86.4.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=0&frame_width=0&iframe=1&title=ROOV%20X%20RCTI%2B%20-%20My%20Introvert%20Husband&time=1666986101385&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.rctiplus.com%2F&host_url=https%3A%2F%2Fradiox.rctiplus.com%2Faudiobook%2F718%2Fmy-introvert-husband%2Foverview%3Ftype%3Dreal%26utm_source%3Dmnctv_ytend%26utm_medium%3Dsocial%26utm_campaign%3Daudiobook_718&random_number=7638534534&sess_cookie=d7859634184201d4a89312de9c9&sess_cookie_flag=1&user_cookie=d7859634184201d4a89312de9c9&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by: Host: radiox.rctiplus.com
URL: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-123.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://radiox.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 02:09:38 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 63124
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: gIEFtCj4G9pYAYBzXpGaYRfnOmKUFMlzXxnWcnDvYQIbgjUu12tNug==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 3C32 0
47 B 177ms
176ms Image
text/plain 35.85.87.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: radiox.rctiplus.com
URL: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.87.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-87-192.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://radiox.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
server: Server

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F236 0
10 B 58ms
58ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3Hpxag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 rum Show response
radiox.rctiplus.com/cdn-cgi/ Frame 3C32 0
179 B 58ms
28ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://radiox.rctiplus.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://radiox.rctiplus.com/audiobook/718/my-introvert-husband/overview?type=real&utm_source=mnctv_ytend&utm_medium=social&utm_campaign=audiobook_718
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Oct 2022 19:41:41 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://radiox.rctiplus.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7616267f5bb6b73d-AMS

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2E69 0
0 95ms
95ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102701&jk=3135910157453937&bg=!CwilCEzNAAZPh4lnb4c7ACkAdvg8Wopqj1TXTVuiQb9qwUnuVltFoIZXIRTpQBRpqjtdyPQwLwICGAIAAABzUgAAAAJoAQcKALYkOcV-J2ml8tGSD-omW84onyzXPUk-9WhxTTfludLxMK3KloaDyUyIFznfJOIBphBFf1mp2H7tIFhmS_IzkSXdgn1JnIjmsNL3dInafnXwajBp--O4jxvsg7OURQvYG1jPLhyuVJIpFluH6Wx44JfImRCnM2npiM1g8Qm5UjKX9iit7W_zXaS8HoA_UWrsgWtubiVyEhpZJr2SjEEArnyWVHBVJy8IiZOLvWc-fgy6ZAJd96Ty25kCv5prp7g80uOoGVTM97bMA4iN2auNuQhFH4VZL1Ol6UZbRB-Ckds6h5x99slM7negt2zun8YfpKQy4oOvgZ20f2h6rc5i0GaCLI0eF6IIm5NgGMrWJwdOo-v4RXiOwJ7JKWwbxy--YAzatJ-p1ELQZRIt44YJ7B2d7P9Lp1B83q_dNNEzqxuH7L92Ma3l_qlsTyfle7Z0GlxGD6a85bIx_Xf9CUH3YCxKMprev0CccqVXh3V_kqhvCT2MGw6kiFR7Pr2hQlh99bmiFeR5oDiUoQE5O_O4aT1xbyNtT_5-wpQzMkN5u2aJUSS0Q4Z4xSop2nqzmQFzCPC9j5idQC8LJ37UWSBIM0v4_J82gAHG8sEP0SiAslxEtmtPYFq-J9Rt6ZMjs1BG4UHedIHsCnzqWD7mLdErzESnKHnXGD9eal8i08QrrjP7fBZLxIwupSCl7ylZmMFwtCfrzAFH3qqLERjegVkOKgBe9-7C9UWp0e7yT5qtNvDZ8fRHVrnbpU-zSbvDvViibNyO6EVaPFtYHU6_48hy47HqRj61COhneorbfzstPTFbxyUJGDv7KtdoUgqoavUedK6d5tELe-zpRMEIKpKSvh9JG5b7150QPnQmJR4Ff8dCQrDe_0P4Alk_2GL63yW0U2Cxs2bzI9jykbUY7kB2r7uIj7D-hohTrP7lZ4_6h8C9cKpSAMUoZL4rEtWE-TBNfzxzS8LPrY9g22Ehq523beYavYJIegXUXs9wMKFQ80jucsK5WYwhpkFU93OwLSef5vMDJzdKfnnMaB6GkyRs46gZ_3MvgbxwUeOwTkuNuFW0Q_wEtmyWS16H3hjyP8_GW5cVxNGsACoidG1c-zlz2gQ1QbNfhYZDKkDuCiRLiwycodFT3unlBlNzNg7MkefHCqDkPUDHhOSSgsj2qTm2rK5d6RvwLvXl59Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: static.rctiplus.id
URL: https://static.rctiplus.id/fta_rcti/logo/placeholder.jpeg

Domain: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/img/ph_2-3.jpg

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 16:39:06	Name: UID Value: 125f2db5e5d777c34b63d411666986095
ntt.inews.id/	1969-12-31 23:59:59	Name: pbjs_debug Value: 0
ntt.inews.id/	1970-01-20 07:46:18	Name: _pbjs_userid_consent_data Value: 3524755945110770
.inews.id/	1970-01-20 07:46:18	Name: pbjs-pubCommonId Value: e28269f9-0013-4ac7-bc66-b25b6f6f82f0
.inews.id/	1970-01-20 16:39:06	Name: _ga_10CQL436CK Value: GS1.1.1666986095.1.0.1666986095.0.0.0
.inews.id/	1970-01-20 16:39:06	Name: _ga Value: GA1.2.1152857890.1666986095
.inews.id/	1970-01-20 07:04:32	Name: _gid Value: GA1.2.2069587307.1666986096
.inews.id/	1970-01-20 07:03:06	Name: _gat_UA-109056487-1 Value: 1
.ntt.inews.id/	1970-01-20 16:39:06	Name: _ga Value: GA1.3.1152857890.1666986095
.ntt.inews.id/	1970-01-20 07:04:32	Name: _gid Value: GA1.3.2069587307.1666986096
.ntt.inews.id/	1970-01-20 07:03:06	Name: _gat_UA-109056487-4 Value: 1
ntt.inews.id/	1970-01-20 07:03:13	Name: XSRF-TOKEN Value: eyJpdiI6IlhXYm5qXC8ySmorSXBLMkhlSkpCVTdnPT0iLCJ2YWx1ZSI6InJINEI2VzAxYmFPeEs5NWl6QzhBXC9uNkoyMWdTNWttNXlCTFo1cFJ2UFpXeDBNaHdEQ2x3U3RGSUNtWnVzZFkzRTV3SEVwYjJUcURwdFJXNE5iK3FMenlER3Jxd2ZoeXNnZ2tub0FoMXZhMlkrTHdhOHQyeWxMM25PN0dXN2c5SSIsIm1hYyI6IjdlNjU0NTY4ZWFlNTdmMGJiMDc3YjA2ZWIxYjQwODFjZjZkNDkyMDk4MjNiNDMyMDY4Mzc3NTEwMTNmOTA2MDAifQ%3D%3D
ntt.inews.id/	1970-01-20 07:03:13	Name: inewsportal_session Value: eyJpdiI6IlVyQjFMWjFPWiswTFZLaWdmelo2U3c9PSIsInZhbHVlIjoiZnZYTmFNTkdSdlpsXC9CbWFzOTdKS0crZ1hPTHJYbXN1OTJ2bHd4XC9YK1ozSkRYY0tjNFhzeExCVFwvSDBPR1ZHNFlTYjNXNVNaZGs4S2UxRHNZK2tZZzFSdUpPNWllN0pLOEJscVZVS1dlcFFZdjhwVWxZZG9LZmF2Z1g3eW5HQ20iLCJtYWMiOiIxYzIxYTk2OTU3MjM5NzliYmIyOTY0MjRiYzFmYzllMTRmY2VlYjA0YTE2OTg3ZWZjOTUyYjVjODQ3YTgyMDliIn0%3D
.inews.id/	1970-01-20 16:24:42	Name: __gads Value: ID=f2439d3aa7bae87d-22f951e07bd6005b:T=1666986095:S=ALNI_MZZcz0hKC_z4iWAv4uqwdU1X7atsA
.inews.id/	1970-01-20 16:24:42	Name: __gpi Value: UID=00000b1862e1c5be:T=1666986095:RT=1666986095:S=ALNI_MZp_lRlnnVOhJwgWS5OvQLUO7jOqA
.doubleclick.net/	1970-01-20 16:24:42	Name: IDE Value: AHWqTUlyt2Cd1k2l9TSzez5vAwOdLWbv4TFXZ7N9oi20PFh4TMu0tsSVfwJk6HkovbY
.casalemedia.com/	1970-01-20 15:48:42	Name: CMID Value: Y1wwcPUh2wULPKxA5PGZtQAA
.casalemedia.com/	1970-01-20 09:12:42	Name: CMPS Value: 5235
.casalemedia.com/	1970-01-20 09:12:42	Name: CMPRO Value: 5235
.adnxs.com/	1970-01-20 09:12:42	Name: uuid2 Value: 6231346269210506253
.adnxs.com/	1970-01-20 09:12:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1n8?__!]tbPl1M>e)ZlrFUfJ+tGXxp?Q2WIFKxzs':`CTn[ROX[MW!cTX^U@k.*mhP3If)y3KL9D3I?+rmEAL?
.inews.id/	1970-01-20 09:12:42	Name: ssidInews Value: U2FsdGVkX1/CFcJJ6YZIFgRovD7yjHkX87cqgA9cW5tvA1zaFsTbTJkU4vfkglybXBE3zCDm1UJQZKM1yByY3g==
.casalemedia.com/	1970-01-20 09:12:42	Name: CMTS Value: 2202
ntt.inews.id/	1970-01-20 16:24:42	Name: cto_bidid Value: kii9C19pbGtuOHVUNDVCbnElMkZlSFlpOVhKJTJCaFRtYUdBUE4zbzBSJTJCTXpEZ2NCOHlTSU1sTnNjS29DekNwb1NXSVJKOFAlMkIzcnVEaWZCJTJGZ3I1diUyRmNQTFVYbXFkUSUzRCUzRA
ntt.inews.id/	1970-01-20 16:24:42	Name: cto_bundle Value: I0FhZ18lMkZ5bTNBbncxYlUydFhqdXlJUTVxRCUyQkIwVFQ1alQlMkJmamxUQ2l3UU4yVTluQTc0aXp0bXJnZkxyZHR2aVE3T3QySCUyRldwUEZSRXBTeEFEUVpkJTJGa0ZQd2w3N3pCRXklMkZicTg2d0lEZkN6dGppOHRQTVNHJTJCYXdFVkljcmEwaWtrak45
ntt.inews.id/	1970-01-20 07:03:09	Name: _lr_retry_request Value: true
ntt.inews.id/	1970-01-20 07:46:18	Name: _lr_env_src_ats Value: false
ntt.inews.id/	1970-01-20 07:46:18	Name: id5_storage Value: %7B%22created_at%22%3A%222022-10-28T19%3A41%3A37.711250944Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
ntt.inews.id/	1970-01-20 08:29:30	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-28T19%3A41%3A37%22%7D
.inews.id/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1667072497754
.visionplus.id/	1970-01-20 16:39:06	Name: _ga Value: GA1.2.1160388462.1666986100
.visionplus.id/	1970-01-20 07:04:32	Name: _gid Value: GA1.2.2133907034.1666986100
.visionplus.id/	1970-01-20 07:03:06	Name: _gat_gtag_UA_111351533_7 Value: 1
.visionplus.id/	1970-01-20 07:03:06	Name: _gat_gtag_UA_154114411_1 Value: 1
.visionplus.id/	1970-01-20 07:03:06	Name: _gat_UA-111351533-7 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.inews.co.id/media/600/files/img/ntt.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://ntt.inews.id/?utm_source=inewsntt Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://ntt.inews.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ade3bf5d989815bc1b18337f11eccbc.safeframe.googlesyndication.com
948c4c561cc891222172a628b459a3f6.safeframe.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
analytics.rctiplus.com
api.rlcdn.com
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdn.okezone.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cluster-images.visionplus.id
cm.g.doubleclick.net
code.createjs.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbs.ph.affinity.com
i.buddyku.id
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
img.celebrities.id
img.idxchannel.com
img.inews.co.id
img.okezone.com
img.sportstars.id
inewsntt.id
match.adsrvr.org
mug.criteo.com
ntt.inews.id
pagead2.googlesyndication.com
pict.sindonews.net
pix.eu.criteo.net
platform.twitter.com
radiox.rctiplus.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sindikasi.inews.id
sindikasi.okezone.com
static.cloudflareinsights.com
static.criteo.net
static.inews.co.id
static.mncnow.id
static.rctiplus.id
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.mnctrijaya.com
www.rctiplus.com
www.visionplus.id
api.rlcdn.com
static.rctiplus.id
www.visionplus.id
104.244.42.136
13.32.27.65
142.250.185.194
142.250.186.130
15.197.193.217
162.19.138.83
178.250.0.157
178.250.2.148
185.80.39.216
2001:4860:4802:34::36
202.147.193.153
216.139.248.131
23.35.236.201
2406:2600:4::b
2600:9000:2057:4400:9:965a:8240:93a1
2600:9000:2057:a400:e:c3de:61c0:93a1
2600:9000:2057:d200:c:5e3e:d280:93a1
2600:9000:206f:5400:1f:4c6b:cc00:93a1
2600:9000:206f:600:11:320f:7780:93a1
2600:9000:206f:7800:1f:824e:58c0:93a1
2600:9000:206f:a400:15:c3e:78c0:93a1
2600:9000:211e:2800:f:e29d:1c40:93a1
2600:9000:211e:e00:1c:7874:a680:93a1
2600:9000:214f:4a00:1:b1a4:2f40:93a1
2600:9000:214f:a00:c:4bf0:5680:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6811:190e
2606:4700::6812:1d64
2606:4700::6812:b80
2a00:1450:4001:800::2008
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9d
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:26f0:3500:11::215:14dc
2a03:2880:f245:e0:face:b00c:0:4420
2a06:98c1:3120::3
2a06:98c1:3121::3
35.85.87.192
37.252.172.249
63.32.244.82
64.185.181.185
79.133.177.229
79.133.177.230
79.133.177.231
99.86.4.123
99.86.4.2
004df7a63391acd684396fdba7c360490ec8e119bab45eb2b8b9f2b27a4f9e74
013dba738c2ef768c6a2339406a490ace9f450cab1a7d5e3142ba2a2074dcbf8
01473cfcbee7a16017e14a60249ad7fda667b2811c0a51b3207bf8d9707f9a3d
0278e05948f95ba94656b45a5547d33f57ed6e54e6a0f24bb731d51b24ba05c5
06a113e0da5d59d92a78b0644be5ea2d0aaa1dc645735602536486a12463d98b
06b89a241c028fc8be635e4271393b25f9c50b925ee19bf5558ab8385c9f08e1
083259df910dfc76a9b2f72cc8c4f370a9a82ae51c739157245b48a9565f7b49
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0d96d17e0808e153cc1bea4b5608862917b322df6d84d75abe13373596a1d646
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
107cd8b4fd2286d6891309790c30e191fcf7955a9d24af52c76b288b2e6a6ff3
10980d61a054f279e0d593a30d004e37a24bfa1ae1130b766fc7138e84c5905d
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c3cd78874d03008bd2d81d65b41c683e18dca113e63e38cf690e97033f7087
12eb096a7e01e8496f2a796e0d22e8f4555c695dc307290f6dab408e8d7ee01c
1521e234e96ef5150b56b60c5288e85ab18efbad583aeb6125739caf92d1001f
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
16056fa1267634768f6e8885dfbb917bcf4949e04912dbb60a3593114d284884
182bec74e17d704ee3deb54cb6445013561d36cb0893183beaf04b59c3daa0ea
1aaa0852e64e0974d0d684ddf2c2023969430bab106fdcca0bd09c1274f257fc
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f
1dd559e191ad2988517dcdd3001d5c3d4c9df406ff10b59172685d12212d8138
20181b6a88ef4bead0080d67c6e0ab9a23a758ce768f05f1411ecac5a406eea1
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
23b77bd6c0586fbc21f65de01014700ea352cb8d46f3de1489c3d92ec7f4bd73
24758169dd6ea3dca49bbacb4076ffc3b2448b50ed0c98cc7a10a167be0431be
250d195bc836ba04598ee30b15927eb4507eda10555693012685f5eda5d15867
2540509a5d6cbd7c0a12c0924e157f3df2b01e2e7011b0bb061b2f10600e8698
255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
26f08a503e5ae3e0b71454740be5a1646b971c387d35660f6f0914159cd17724
29110aa1e9dd0e054ca04a50394c1b253cfb982162fee21777df182bf45642cb
295e13ded0b540f6d53e20121b7271530425dd73c5ca9cc9f52045c7e60591dc
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afd80dd7d92497bacd3831ed176ace1538b0e5512c8519754610d6f1ab197f6
2ba526a508ff52afa5358c83c97eff0206984c608c0ca75d5b422dfb9c22e879
2e6b7902d6ce083b322da8eb4c2322d17a72c3072cece90894f85e78288bb6b3
36852a6f8fe58b46478b6c4eb9a6e725392fe4ec2dd3352a6a93941663bd657e
3886d733935925b50dc10065ab88c7addeeaa6d04368cb0b3141163c23cd9f2b
399df4ffb74468b7e1771d90241c65fa17b40df94a37414a4c86ef1a189048a7
39dfe16f2f0c8b4d4163463c3f555a93f5932d173a407e543d1e8aa2d08d49b7
3ad70ed100d9ab2b87b74a20cce6e394b232519c8609386e5bf657dc8b0ea486
3cdd1b1695c32028d649563141e4fe5fdb59e12d0f1ede59b61d942c6c12e763
3d8bd59a227dc89dbe5180b525f977fd7554ef76e5ccd2775f7bb16a21cf4ef1
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1
3e5f8254bb9f11390fd58c688d634572e252007e348719aa1d8dea34952a592f
433d94d40b6256484ab7e6645b0585c5be0819c026877b8182cf83d953158798
446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a
482f89ec31e57302372b11a3d7392ce139d9fa7e9b1148a0cadc0096d0547a2a
4aab625675768c125c92908baf08f91e11287dd9a1efe1c191c5cf61a92b5f95
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e269fbe64af2bd3bc6e30be1e98b710ada034b343c515c9060873a2325d17ce
4fbd81088593e3b0a44e53bbaac8420401a35d553e37ed59a7ca23267b029f90
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5129cee565306ee6efb3ed2462d28a09e2c05815ed94713cb831355970ce1460
55a0bf1642d1bd7a234f600647e44646e616fee58bb74db6a7796555e36124bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c76feb47fcf244ff18d7e708bdc5a3e1a146a41456a1949890c6714f3aea1f
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
58406bdb89d442965b8ee73be2adfe68135734ce95ff80839130c0db7e93d186
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5add5d287e6b6f9b99b7f301c985443c82a183b9e769f759c70752d563c8fd1d
5bbffa7322a01459d23bac2cfca73edab07ccf4071858026533384ff4415797d
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d3f58970004cec2ade40b3c679e26f2c3f11ac76a7197049aff2dfec38a16e
64d315994da14bb2f433e0abf69714d6ec19be4a4a21e702d51c6586fb10fce3
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
657a91f8fb81963b23b45732abbd8712eede2d140681eb3754eba862ec1ca075
662ac00075123b7f5d3762d2b99737218a4699a7e930071535649b0c03d992b2
6639c89c562db38912bcc62216b60dffd7ad9c7b74b0a39636a531dc86704c4c
665820ac1bd1cc62b68f8cc6b54485c4721681f161fb9871ba318fca8e1620a1
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe
6ed18cb7125a29518b47772306b11e75336f54246ea34786f457d2a8e81037e4
6f26aa67f35cb600191d0e6c566c0b4fbbfbc015062c4e6bbd1f8038cc20ebf0
6fd21af5cc4f03938b58e90547b064fdeffeaf160ad534957d96c453dcc09b94
6fff88ab2b02bc97d02cf3ebd655fb254a9a5f1b3e0ca2f884b038d1f0795501
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7405346c27ac86dfa9c7f8ae8e48de433573f951990ab34f80026d033c79c446
74dd82882b9887c755a84b2a5f896f6360a19169fbb67ffc798bc0c41e7cd8ca
74fd74d010b59678e8cdd1d6702978a5a5585c5bee01efa016dfa0fbb069711e
75d9773f9d3b08947c54c2d4080321bbe12324632bb76e434435abb96f9f6879
760d944097b547b23ea5caf5c99c5f323add9100708fb2e954704b2244668a24
79adf9e5964c0c296744a2b06115685671557209f81382520499c7e62c8bc9d7
79e4cb833a7960f3d8c453e4f675bb2ca02c12c1bfadf0bb1c4b7f58aaf11427
7a9fccc53c5bbfb0423017d4e08833868354aa92e33b3f7c88f9b1e586de35c0
7b54d3b9fd901c07a67b83e1ecde2705211a3122c9b35d769eb4bc08691f73b1
7bb4cac10236d97d976d9c18e8c7e8e2f38cc177f5a857eed4c269b372a7a321
7e667c6605e929d7ea78be2628f5bab68b49068479bfb0c60660be3a7b3d3dd2
7edc0cb931e1b025ba217ba5484c5717c952e55ba0c62d5f8eff4a31f9d29f38
823df4d4f681a392ef918e106005063d7567466259efc12b0687117b4526d7a8
83694e7247249842602652bc461d57231a0f105d6d43b922649f8e476b2988b9
8374e43ee6f7512f5d01e7fdf1b0110d754afffdcce407c5f6f78c287b88afef
83bc7f39d7324eaeff30ed92ba481e3e7df76caf527c64ad75ad382695537cfa
84c7322f4f885921d401998ef0591b2816e1412d8bee03ba2e3bc10de8d94401
86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097
88091ee873c71a722f4380726cce8e3942f709fe147cee7e43ef189e545a9ada
88968ee29b6ae40aa82d4a5fc20e3a7b3ac853c51044ac3d5ef1cfc90af7761a
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89915961d662123dfed7570fda8b4520b2bd1a7812f60155f3c4311c9d81dafd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b28b11c55732748a3cdb27bf098f990a52631b2d6295a2f3511c871e95a1e13
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d47b4c2593df99176a3f38c179227f8d717f8809b6fa72af241871aee2cf88a
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eec4c634ff559c18a211db765d67d4a3a99f7423aea7ca2e2566bebc9f43b73
8f55e089bbc516d5eed09f838de2296ea51e216028b0b34ea099755b28eeb344
8f60ca67e9c5c8d69de099e1c7c18d47e4766c4ddbd45a22cd92cde859686520
91224a2be7a33f3e5c162dcffd319a9d4a804446efdc095cfd9d9c7130fe2cd6
937aaa154deed9b1e222398561218f8fac221943d4c0e7790e5014d4e67288fd
9474333d7aa7245993d7b1e587cbaa03f01caf631c11e356cd18694e93ee1242
95f36d2c3212d5e41caa894cddd8aa4d4904f70b27fde249382cd641b2e483cd
967b13c657d05d28926c464daa81fea65e885b115c26b68e144034398e41f5ba
97cae52e82c98d08065ab910fab3cca6312087b28166c64e4f4835047764bdd3
98bb3195555bd91343a7d160c9c41bb1c02c6ac1e53f65d4bc80c34eef6fa930
99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6
9a4e4670edc8969c23703b1ab3ae5fa5841a79a653e51421254380d31c63c7f2
9af02dc140425ce2947dc03ebfd19271127747d2578ba8aaab72e500a3f53f13
9b12d33f398124e56fb7e04ce3aefa2741dbd716abeb8d5033edfc48a0b624ff
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9f0dbd56d07e329e3345391cb6157882b522741712ea153b5e9a192a965b3403
9f63073f8d2d0342d31fd4074be34f73595862c5ae2041466056171e12d69938
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a179ff3fe8c70e211932b694602858d21c9a0562058639eccd6eaaaba6306b80
a1b5849b2b7261637d488dade2254dd3cd72460a42115f20a05ac2c2d91d6bd5
a26ea40118779e36e37d5de6a85aa7b284628224b08d850b0b86b81d3e92d177
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48720f34b8333900287903d50275de90ae3d9929e6d35ec3948089badb7258d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
a6ce02617a10530cf0538138cd4c0540a8f917aee304338f42d38bedc1e2e8af
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abecc8df83a51a762faaacfd465ef9069eceb1ac0c1dc8fa44ae56f219897c72
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
adb7832ac189f82a3a012eb3d1624195068432a1cada70167247da82cb8e5656
af41b7e5cdbc5aae2057a2dc68566152f6494cc54bc6b975bfbc02b50b3f4cf1
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b105220d8c044084da36f099681f5558fde5163076a4e994e05fda234187839d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b372a44f8dcf99b5a328b030e230bbd6a592e2ac1cdd77240adbeaf3fa74af30
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b50c3a88f4021ce574f57fe7048514552a0db0b069af5c1b0dc92dc99189126a
b573aeae6c5504229688d1ff3d72b734f1f5e146ec18414d055efe267f99c0bb
b6bdb51f930baa2c02e4828d245c475c297660126f4efddb3e44bf48bc4db71f
b82cbdaa2cc09331a02e98cc02272b4c6e338ca4098abeed6cbc65e655d69618
b9121d34e7a3588ef5e6b58d05a4f0ceb22af79c1d978e3711f343814123bd34
ba6249673e2c78e2f79a748fd186ac1fa14b4fd389996d108f808509ade07608
bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033
bd5cda237af8f758604072881ebd2ce498f8ced8b3a20404f359d0efc1e6915b
bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03
bfc9928792050fbde5a1a1786a7d389c946a4f1ad23f69175fdb9171e0836006
c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c1ea18d11886b00baca4d0974e5d4b057eb7a068f6c04c81aa6a0205894c5215
c2564630d22bffeac0e4b88f758105ac5dbf214d7b6cecc4115bc11a7c0beb52
c26fb39aa36fe9d6fe5369323f2decea3cb4c5416c8a6bde4db90853907677c2
c289874df4757fcc9027ccbd38b7d7f7805ce67a37a048b86069089b02942f4f
c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c
c4b2eb3e7b2d3f5d7ecb2e62185f2acc9a8043b76a59554537970a03b4ccf15b
c5058692aa5abcc28747afbfa11c85be8622ac493dba233b7c1949f928e4a566
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2
cc3ac1b652dbdff608025f730ae7793d42c57aa0a0a251ebaf2aeed3f811882d
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca
cd12c8f0f4e8a4d5f1903239c3be91906dff284068edd49c1a7f728ccb5dd264
d0b1b13de5aed0702a746fc178a7889296fbe79e5b4bee6793e65d729ff0e794
d0fea9c53e716be3a1533132706858c49afa9386dce14c34e602634de7e5fb13
d2d7b6e47a73417a0bbbed85dc55afe0a306f23ca5636384035a3b0dab3d61a1
d5722dd6b464726069fab1c1821c6681abe2a5a143fcd58fc109aecebdb44460
d6afea708204fa3e2ae89d6a9dc173523398d0242b8de6bf8ca3f1f5aed247f1
d7663ee1989dfd44fd9c92ec602e35e61237b52c30272e584ad5807f88e8aa02
d7ccc3332fe30fc77fda71de158ae4538caf2c79208a3c1efc92f5a902fde40b
d887163975d331ecb96feb1f8470dd4d943de0f2e0303627182a7111702be2bb
d94a580a9519b03cb06fa57722ac3f0b81ac6326e3fbc64a2145dd85a0191eb5
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
d9b79a57f428a5baf8ee33e293e29d0c80fc6bc35e41a7de31fd300043b35846
d9bf54acfc2f866510bdb2ad1677da3086c72aeb69c979fca880d0fa07b24e1d
daf8bda546b76d423d8ac10331562e1a8c47d83a88ff1433172c037a6db8b744
dbfdc38f5f89b3ba3b06024d23c576ece8f5d05ed3fbb7537099ecc206283bc4
dc5abcd3a595755edba426670bcdb9f99225ce74436414668f077b89e774f5e3
dcd189b3bb4c3ea32c3613315081a69074fc0964337f04f3e5d783a23e0183c7
dd4fd8102ede7d489bbf2410235e15a02e74231e6f534cdf4c9745069caadea1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1cb0961cc3ad7eaa0740b49dc2e286cf4cf386bd86d523eae4bf4d954965217
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa1cf36aecef8716a9c1ddd0e278a591721cc8a688fc931077be1e47fc7638
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e422403281420a90feba7e93d1f0466fa665920be93d27b8bac2c2bde5cddd8c
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d
e5ba3f57c4b22922d41bed7f247fbfcd228bb7a8fbc575a0872114a1807d54db
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e85839289d5f6329c7233cd33a93ee054935bcdff7285e739b49b392decabd02
eca0dcbdaed5985a680233abe61ac188e947b85f2b48165cce08a8887db495db
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4
ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f089ee5ec465c07bbae50fd32ad44489d511bb66f27d1c166bca2a091ea4f740
f0a086c3cb3b3d4d09ae9ba96af6506ebebec54a7181ec8bdb23f2ee2aa31d0a
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a
f31219ecb01defc9ebb8aa29a6d0ce82e0f23a6eb146d79b470cc83906a23f76
f36c040c1a8864016cb97dbb8232971d8edce7d3abc0c1dd1f6f99a660d180e5
f3a1d9b56ca3fe9f2986f33516b17b42565d93548760107c2940ad38cfa53827
f3c663a7c68483722dd841b8a6aed8b2e41fb1678863490a9ffbd5e5ce809032
f3e4b0b9cb7e4899eb18daa7e4d1217500ddeb9e12d1279b93c1ac7e4bf8c790
f5a9f6010307729a4ff2ea25ef1e832fd1f524c3a4d74febfc3a1f65333e75b8
f5faab476eb0fb13b1bfb87be1e33f53af1e740f4b6f28367a6f3990998da6c7
f60cdcea15ced6599782416f2a1674bc6e3ce93b0d8575511a5937d273f91d3d
f694ee2c9d59f662b923098dcd9fad758c1033f33d80ff72f992b8356bf527eb
f69b89737fd40509b450eb354bf0e4778f281372d6504d30465a97cb338df8d2
f90cd04dc1006016008bd0871afff0f43d86119da3e193c01bbeb565c73abcd6
fbef566005d2a663a0647ee5ce51bb23ea847ead1ce42095ff1ada5639a9eebf
fc866c8eba9e01aef132925f6434ce29485ae1b8bb8a404e104c05d0d4d2cead
fd9ee2a2db2660507f8edb9da723620aeacc721166fe10a25e7d44b476330fc4
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feb1cf7d72afdeb62e3a3973f203c731647a570163df294ce1be39443e8ccb7a
fecd547b9fe117a46b02f53ee26b3bd82817b2a6170f5c0d454bb9c5fa3fd425
ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4
ffb71469816e7541203d7fc634d6f98a77e5ce2709d8abe7e468a87f6d35e86a

ntt.inews.id Open in urlscan Pro 2600:9000:214f:4a00:1:b1a4:2f40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

344 Requests

96 %HTTPS

68 %IPv6

45 Domains

71 Subdomains

67 IPs

10 Countries

5237 kBTransfer

10466 kBSize

35 Cookies

204 Outgoing links

Page URL History

Redirected requests

344 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ntt.inews.id Open in urlscan Pro
2600:9000:214f:4a00:1:b1a4:2f40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

344
Requests

96 %
HTTPS

68 %
IPv6

45
Domains

71
Subdomains

67
IPs

10
Countries

5237 kB
Transfer

10466 kB
Size

35
Cookies

344 HTTP transactions
5 data transactions