www.celebrities.id Open in urlscan Pro
2606:4700:10::6816:21af Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.celebrities.id/
Effective URL:
https://www.celebrities.id/
Submission: On August 30 via api (August 30th 2021, 9:58:10 am UTC) from SG

Summary HTTP 332 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 36 domains to perform 332 HTTP transactions. The main IP is 2606:4700:10::6816:21af, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.celebrities.id.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on March 3rd 2021. Valid for: a year.

This is the only time www.celebrities.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 81	2606:4700:10:... 2606:4700:10::6816:21af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
17	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	13.224.93.123 13.224.93.123	16509 (AMAZON-02) (AMAZON-02)
4 12	13.224.93.76 13.224.93.76	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	47.246.43.227 47.246.43.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1 9	202.147.193.147 202.147.193.147	17670 (MNCKABELM...) (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	13.224.93.26 13.224.93.26	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f16:bc:... 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:2cd3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3033::6815:ded	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	148.72.153.139 148.72.153.139	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
7	202.147.193.157 202.147.193.157	17670 (MNCKABELM...) (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom)
22	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	143.204.98.68 143.204.98.68	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	23.111.9.64 23.111.9.64	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2600:9000:215... 2600:9000:2156:5800:18:69f:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.125.178.116 13.125.178.116	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:e::6	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	18.157.193.56 18.157.193.56	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
332	53

81 2606:4700:10::6816:21af (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.celebrities.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.celebrities.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.93.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-123.zrh50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.224.93.76 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-76.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.227 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 202.147.193.147 (Jakarta, Indonesia) 1 redirects

ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID)
PTR: ip-193-147.mncplaymedia.com

www.visionplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
visionplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.93.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-26.zrh50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1 (Columbus, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2cd3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

rstatic.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:ded (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bukamatanews.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 148.72.153.139 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: usloft5321.startdedicated.com

static.republika.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 202.147.193.157 (Jakarta, Indonesia)

ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID)
PTR: ip-193-157.mncplaymedia.com

static.mncnow.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net

compass.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (United States)

ASN33438 (HIGHWINDS2, US)

backfills.ph.affinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5800:18:69f:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

adopdmp.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.125.178.116 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-125-178-116.ap-northeast-2.compute.amazonaws.com

data.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:e::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5edn6r.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.214 (Russian Federation) 1 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.193.56 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-193-56.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	celebrities.id 1 redirects www.celebrities.id img.celebrities.id	3 MB
52	googlesyndication.com 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com tpc.googlesyndication.com 0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com pagead2.googlesyndication.com c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com ade.googlesyndication.com	341 KB
38	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net static.doubleclick.net	506 KB
25	youtube.com www.youtube.com	788 KB
19	2mdn.net s0.2mdn.net	332 KB
12	google.com www.google.com adservice.google.com	15 KB
12	scorecardresearch.com 4 redirects sb.scorecardresearch.com	8 KB
10	googletagservices.com www.googletagservices.com	328 KB
10	google-analytics.com www.google-analytics.com	58 KB
9	visionplus.id 1 redirects www.visionplus.id visionplus.id	32 KB
8	googlevideo.com r1---sn-4g5edn6r.googlevideo.com	1 MB
7	mncnow.id static.mncnow.id	162 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	71 KB
7	googletagmanager.com www.googletagmanager.com	297 KB
6	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	8 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	republika.co.id static.republika.co.id	103 KB
4	adop.cc compass.adop.cc adopdmp.adop.cc data.adop.cc	13 KB
3	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	142 B
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	360yield.com 2 redirects match.360yield.com	791 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	cloudflare.com cdnjs.cloudflare.com	41 KB
2	google.ch adservice.google.ch	1018 B
2	google.de www.google.de adservice.google.de	272 B
2	rctiplus.com www.rctiplus.com analytics.rctiplus.com	6 KB
1	ytimg.com i.ytimg.com	4 KB
1	e-volution.ai rtb2-useast.e-volution.ai	233 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	459 B
1	adriver.ru 1 redirects ssp.adriver.ru	342 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	ggpht.com yt3.ggpht.com	2 KB
1	affinity.com backfills.ph.affinity.com
1	bukamatanews.id cdn.bukamatanews.id	69 KB
1	akamaized.net rstatic.akamaized.net	11 KB
332	36

	Domain	Requested by
44	img.celebrities.id	www.celebrities.id
37	www.celebrities.id	1 redirects www.celebrities.id
25	www.youtube.com	s0.2mdn.net www.youtube.com www.celebrities.id
22	pagead2.googlesyndication.com	www.celebrities.id googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.celebrities.id 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com tpc.googlesyndication.com c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
19	s0.2mdn.net	www.celebrities.id 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com s0.2mdn.net
17	securepubads.g.doubleclick.net	www.celebrities.id securepubads.g.doubleclick.net www.visionplus.id www.googletagservices.com 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
12	sb.scorecardresearch.com	4 redirects www.celebrities.id www.rctiplus.com www.visionplus.id
10	www.googletagservices.com	securepubads.g.doubleclick.net www.celebrities.id 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com compass.adop.cc c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
9	www.google.com	www.celebrities.id securepubads.g.doubleclick.net tpc.googlesyndication.com c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com www.youtube.com
8	r1---sn-4g5edn6r.googlevideo.com	www.youtube.com
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.celebrities.id c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
8	www.visionplus.id	www.celebrities.id www.visionplus.id
7	static.mncnow.id	www.visionplus.id
7	www.googletagmanager.com	www.celebrities.id www.googletagmanager.com www.visionplus.id www.rctiplus.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	www.celebrities.id c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com www.youtube.com
5	static.republika.co.id	www.rctiplus.com
4	googleads4.g.doubleclick.net	www.celebrities.id
3	365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.celebrities.id www.rctiplus.com www.visionplus.id
3	certify.alexametrics.com	www.celebrities.id www.rctiplus.com www.visionplus.id
3	certify-js.alexametrics.com	www.celebrities.id www.visionplus.id
2	ade.googlesyndication.com
2	match.360yield.com	2 redirects
2	cdnjs.cloudflare.com	s0.2mdn.net
2	c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	compass.adop.cc	securepubads.g.doubleclick.net www.celebrities.id
2	adservice.google.ch	securepubads.g.doubleclick.net
2	fonts.googleapis.com	www.celebrities.id s0.2mdn.net
1	i.ytimg.com	www.celebrities.id
1	rtb2-useast.e-volution.ai	c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	1 redirects
1	ssp.adriver.ru	1 redirects
1	s.tribalfusion.com	www.celebrities.id
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
1	r.turn.com	www.celebrities.id
1	ad.turn.com	1 redirects
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	data.adop.cc	www.celebrities.id
1	adopdmp.adop.cc	compass.adop.cc
1	backfills.ph.affinity.com	365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
1	0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.bukamatanews.id	www.rctiplus.com
1	rstatic.akamaized.net	www.rctiplus.com
1	analytics.rctiplus.com	www.rctiplus.com
1	visionplus.id	1 redirects
1	ajax.googleapis.com	www.visionplus.id
1	www.google.de	www.celebrities.id
1	www.rctiplus.com	www.celebrities.id
332	58

This site contains links to these domains. Also see Links.

Domain
www.okezone.com
sindonews.com
inews.id
www.idxchannel.com
www.rctiplus.com
visionplus.id
mnctrijaya.com
www.roov.id
emshop.id
thefthing.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.mncgroup.com
www.mncgroup-vp.com
www.mncpeduli.org

Subject Issuer	Validity	Valid
*.celebrities.id GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-03` - `2022-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.rctiplus.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-01` - `2021-10-03`	a year	crt.sh
*.visionplus.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-11` - `2021-12-11`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-09-10` - `2021-10-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.republika.co.id Sectigo RSA Domain Validation Secure Server CA	`2020-01-06` - `2022-02-01`	2 years	crt.sh
*.mncnow.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-05` - `2021-12-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.adop.cc Amazon	`2020-10-24` - `2021-11-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ph.affinity.com Go Daddy Secure Certificate Authority - G2	`2021-04-07` - `2022-04-16`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.celebrities.id/
Frame ID: F3D0DC194255D22513296C951C10AB12
Requests: 110 HTTP requests in this frame

Frame: https://www.rctiplus.com/idx/news
Frame ID: 1456EA2A58B91EC6A3C8AE82FAC12269
Requests: 17 HTTP requests in this frame

Frame: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Frame ID: C6EB4D119027AA5C6FD30C64F32818EB
Requests: 42 HTTP requests in this frame

Frame: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C635208A05D98E1400CA133E829F149A
Requests: 1 HTTP requests in this frame

Frame: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A4DC8A53748E8A5767005D21AF0A1DB
Requests: 1 HTTP requests in this frame

Frame: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B6788717B0680318EFC62D4159BA79BF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK4igNf-N_R9_hha4X03M_1Yt4N_szEG0VpocICy9FNr2BNmnVOqnTgCVS3Yx27-xdDc7Y6ct7mWlDd7iDSUXihzWvbdCeGTxaLdIxeQtANReO4WdqTOH-Rz-Mikhd8J95A5HPIh9EFus7rlHQR8fFy5_j_2eB8uyGpkS-TnX3uDASs0-7e89WKsjeunMHZF3pGK1BShi5S_R2XLXuyE68vvHAo5i5Xa8I34ZLbHtNcFuUoPQXaKj_8uv7EuszZQk-Cx4ARTLyPP83yn5oYKxWr1P44SgNYYrwH7Q2BMYWrWLpNRi_1_6dri4px4YK-6qS8zbx&sai=AMfl-YS9EwJecdjuQfMdCSeF-pJfRL2r87KIDx3hXlAxAeulMf8nkPflkEXPYkSD7bNFTK5nr8Gy_hRK-VrBBT7d5hDRzCGpuzKrq86E3RgVXJZrMpc2ztqLsi6WhSAeRDo&sig=Cg0ArKJSzPHgu9NUYxVzEAE&adurl=
Frame ID: D72DFC229ACDFB202B2D490E812A91C5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuGL5irxV5tMGuXILyqyRZF6NFdyGwrhZuegl9lhuZ4ulMhpwiOebn34afR4iAoKTRbxP0sd7Jk05J7YfnK9ie80UKQprA89yD8c6rDrM3E3xA0-RSzdua6o0GwGb0mJ_dlD87MXLAoQ2QtHIQiCHVx7iP-4e5QwrcblQjUZx6YBzqRSFhg175kcY3tr-QwLaX96AdYrLnph_b_WE4A3egH2SZoPxn-qfZEAGn7IOKVilVRaBEPD2_TU617u7vr6FvPS2xvFj0Ez51JIPDmY3oMv9IGoxXb6wj_YL8nQP0un60o59Jpu0avRmIPK7DipfrEaiZ&sai=AMfl-YT7HQB_XGeGivbvbm7Nv5XDwohJO1XaHbu6e-HgJXeta4JG1L3k47ILQlU8YJkz4ibXmmCKSBZoewH7zVp6wLjnp5QEmSUaBsnTT3puLzjoiEnlrOAJbsvWCDkJV-o&sig=Cg0ArKJSzJ-QYHDbL-yOEAE&urlfix=1&adurl=
Frame ID: DA3844378D85E16E773D78341B125292
Requests: 5 HTTP requests in this frame

Frame: https://0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0D4730885D581CB52E8ABAA8C39973E9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwnWOraqEJE6FJTgjglJtPjDtDNN13DUJzBMTmJJdwBi5qxAs5bkzpqVS82whTn9S9QOu8Ms2-dwE1w3f_8VoKhQ6XWXd_HmlqucfFxAC2GSpf5OO_87IclXKD4-X4Q2KIN-5W3NJzbUucz8uw9tr3OliyzGw_6aAkoiUtdyOobXbYmvpf6sid72baaGO36FlwG-vmOc-J6AHh0i_iiqDagBbW33APv69p_ImeaONrFYg9dSxucC4R0OXuQFk-xTcUh6N20M2VAarPfxLg2kk_K397FXJTbU_wHtlZggxPiG9gv7zZkA2xl1VLYusZUya4tlkwulR-2pi8CnJp&sig=Cg0ArKJSzNXvkekpKXgsEAE&adurl=
Frame ID: C22C6190DD7DDA974224D3B16B73CD18
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDEnYwBGIbeq6kBMAE&v=APEucNUgJ8cZOeVh_-mGUoT7-9AafkRdSbT6NXwnjAUL69NXje0JEQ7s6QZmkTRBXUsK0LyPEg1v7-b2wJyi825c1OP66WruMA
Frame ID: 07A2E0D3FDBCF8A585F678D247D219D5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwPj4McP9caXPjgTixjD_uF4UrJqmiB0Sshrgs4bR0t3039yhvD_dhtSUeHPt6b0Y2EQZgiTulK4EmFbs7jVJM1EARxrOmzxg8mlek7390HDy_MRK4sj9HcLO75W71w-bR8Y_-T-MGQUXcOlbjm1oj25xNfQ&dbm_d=AKAmf-ConxEh2yiO0Ufkfj5Mjpmlv7-LcNgHwnAliweZB0ir-_5ViWk1PLCml8NL_oOINkFT1tmKquVfmiNlOs7V038qpNHCs5bZhlpEG0dNOG8OsHfZv71M49qObGO0KFm_0e9uLdPOZR5VoN5satDyh4CiFCIOx8UA0ErbfJURdAD-zzgVB2ChM4VjXD331cGKZbmN93Cnz9ZJEn4myy316GNcBXWhIDoNWmNwjJFHnCYfNUDstmB-K5Ne0noO4H5xf-WqsKni0L3X5h5WlmnE8InKxqqR3FAgnKTNMprHftFx4ywSCQR-KTi0HNj24JdQTl57XzNa-Gl7JS29uaTDXCI_fmaABsha-V36IzRRAnYW3VBqb80wF6EGU_qCZPZ8S0tdJGuHIN4DIYB5wRnaJzK5s3drGwfemg976zuJVODFqLNMANiPy-hrBV6ySACBWAhIL7CySVOUerjcxUc5Gax6wc125SPxc95kdlrBC4JgCK6B_Vt3gjXyDni2bl6yE2ifY-nyQ1jyXA-ZALeGIgHQQ0ey2eVEV182Mb9pS4wQol3nxiQEY98GH1U-86QVJrpgdsGhpiYI6RaJ-V1nW06ACPGKuAAzKGtAeGQY0l74iYQ1ttsHn1UEwEKK1Gfpiz-3YjojW4iNAc5_xPFOdiMyGC6xo1bRgeZ28-gJJTwlxO8im2N2N1MdDSMVbdt6W-RCDWUq6m9vBGzlYPxVGD3kaJnC5-3m7c7sq0rjw3OUdoZi-NPTnc1m_4hDh7RV0jGP1pAr1YsWKFxz54qDJlOH7bQw8XSinuOVf3QzWiFgCerG0XEb7bn3GFVizJr0GUgSPx8XFiwJqDBZtVQh36CJ9q-fEzkgWyTwJ19HenIPkzDJpZ3BjNkDTKe88GX1IzordvplRWhSYMX6WqnuXQExiHnPl4w_PGe6lu4IWGE6n_CyUefmootFEh_ThaOfiLo-tXkUl47hlyk6UnoyY6a24G0VxUqsPUv70lcCUqZ2yts6x_Et1kOZ81Bj-wzr3hZOQ2ZYR-B0_gPxyWCzihILIb8V_Hb6aLS6XrR-CQanxGsIBMvVIoXUYXerJPbOsdyJv1iyXznUep8-OQbKGVrZwV1qiyhrW3Uq_3I7MLr-kFIIOoahdsPH3UGjpc6vhvtP-kY0zayJVKSp3aaDVazNnZZUAQ7OA8WBUWUptIqPocrEZzotwN2MlmDjKyE3WzfYwlYrR-8ZjZNV7xsmKmnYJcBETu4P56xCwUjuHf28hzq_SlJ6AVRi9WTqjHMZ-ce7stLTMv5F7xkZLFf8uFrB-mT5HbL960Lq98tD0Zbbm17uGTLh0c1A1YFu_OEGrOExX60wLJJlvYRecHw4Cjb2Sy5zHDWTAo1O-6dP9ce16fYCbwCCp9Ub2_Ja3r73OTwZqTSyOGGxJSKNss__J8wGeoC-9QCOlwMInbHoZjnuPhs2UosDmnaQrz3oI2ztdT8xpSFckRQMbZXQJx2UfNLYoq8W7L9fs7-GCvdsQG7Koh3LZTfg5UmAzvlKNV_5dlTGuz3N10rro3_4TgreKRVD07rnTtfd5cdGF0RfpZ3oiJIkgwL6Uu7bv7Y6_cj1Y3FV9HrtUtvmEfXhlC6e8Z7SAVuT5NdWkkEEzIerPORj5MiS_8QBSHS2lXH1pEGdvCJkJixn1JlCncTHfJsbkI1qEkDwset4fLgrKWP94_g0GK8OUOlWYNAdmAIenpEmt0E_tAvWgygg3AXl3x_c8M9pur8iTeGL6_BWZJY6qBIsNV-btyFrAJNWcCZrizJVguxWmgq1phaY-eChPOMFLFPHExHw_P67kmRTNviPoe4XLMYpamXRlKm0TkJmcHlddXbqf5YFqE7AFj3I39IPfrp5gHp0mLQ-2MEZVBVZQ3wxxTe6vSAUraQFMDMvSYQ6pC4Ku3QBS8rxT4ihNb0bm52cnHeHGD8-nVXSS2ZWAfl9rCHrlOsTB7UNx7tRFQEpMpiXIgd6fPWPf7TaZh8NXHE78p1UdTiXEv1p0bMHXLOSbOs_o2wuOpVsK0ktFl47fBaxDoG4VVqSIiFH6B7oayYcSZ4R71fbfF4M9w4Px8rV8k721Ado4Y353IwtT8JOzytbGauaUiOAdqY0H9Duxu70wUv-A5YmAGpW7vlgcJ4bD5_BaMCLtaIjVnAyMQymZrFnP_MGFJfMeb0zELJ3qCUs21RXerrGmNxwt03N8MXOgFpmYynZTJKibXZuSVuxPJrnoX3_eAoi_amBQ47AHY6JntY__3ff90nrnlBiw_lOmmJfSZGHiPvMv51pZbJ81QhNo4skTDEDp5ooBBxaCeS0x3S7tuhRth1Uw5R_gMyBYoiiJHIwiAsXhcwFGbcSheWcaxLQeLcIg5g2FdUOLCGbPGTbS5zeUYSCKCmuwm4uB120tCOfbq1RqKvM2Mj5DPJdGdoKZaXpjLM5WIzUB9iH6eYOGVW51nN7-DFiENSk1RnIK2B-QyRPYr9-mQ-FbPOyqGNifN3G281rUBN-fm8UR1eAUyvEQ4kCzpB9l89fdRapQUt6IDsAjwpjmvo3DkDoVyD2zuS-NUgOmbWoIH4Qp-Y4FLUJxIrT38TSvgbUmDLH5Qi09YZ3u45dTTjsEjeLl4Tzk_av97NeOGD6ovdb5zWgzIPLY_Grpspzk_mba0X8bOK5POzWrq-d4zQEt97pnbuoYSMjh4_luQAbFFEy5OIQPab258kB_7lMQYHhPaJAN5p_BQc3tJbEhSvKn0BlkaEJkWn1xSMCmezrJL3fjd6BvUlM5uLFpuskcnWLipGJ2Jr4M5sxRMOPMSMNubqCMBzMQ8fP1W6MttmSJkzRj6Jsfo99gqxJijfOdPRgMBfxPC2ECRwBg5vd8hyOeWWEueE453iPTPLpe-6agsX0elR_vojnLvOi4LU4b5m7ZWmHPV7KyGSFfSqgAlo2kdwLGF_qxUTIyybDBfwHRcTN48hflY8QMGsG5juREascKvdS0sFmX7sWaKms4S7rDvrCXdt4&cid=CAASFeRo6srPzGLA_lYRo-7wISBRf8rAIw&rfl=2%2Chttps%253A%252F%252Fwww.celebrities.id%252F%240
Frame ID: 5DE13C1A4A8F467938F216882E7D988D
Requests: 15 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/7b77764a-6a10-4c05-bef5-64c62273dcc3?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=7b77764a-6a10-4c05-bef5-64c62273dcc3&type=re&loc=https%253A%2F%2Fwww.celebrities.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: E59BCB4D48EF521A01060DD05320D38D
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12921970129917788491/index.html
Frame ID: 7C830D266D669F06F0DB998DFA2D3597
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 932031CB7D6093434B214B6029A3178D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/331325/4933374390/1629357604197/index.html
Frame ID: 62A05A4475C8FAF8C90290730E966AC2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AC44F4B05A1A1E53085410B0BB25FD76
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9B223E8070973EDE67DF9BDEAFF00B8
Requests: 1 HTTP requests in this frame

Frame: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6D71FD1C3175FD1833A802E2700E4604
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
Frame ID: EFFE61111D5FFDE3AF8DF6AA2C32FB8B
Requests: 40 HTTP requests in this frame

Frame: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: E0C09899DF60A4F1B9CB46CEC5128DEF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIY4ayKrgEwAQ&v=APEucNUTTVPSfHP6K3yfGpT9ASAq8Pi_jEkW0M22ba2LwyMqLUrABnEuf73DiuVMw2WUPXqFkJ7FiQqNgCjfu81CEQBZNCjE_g
Frame ID: 14765147F973762E44D6F09D46C578CF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Frame ID: DBFBE3C2A2F1C01DDB6D702DC934C143
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3FECFCE585BC365D3DDF25216985CAFA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E65C27141BE8E44554FF90D6F39C5509
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E1D266BFD604989422D7C94FF25B7A30
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAF0BB37D72BCB284764A374EF1B42F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E06817DC0F68A2209D998F56E8BEDD27
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86A5EF1135B5490581C544B38C6B3494
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berita Artis Indonesia, Hollywood, dan Bollywood Terbaru Hari Ini | Celebrities.id

Page URL History Show full URLs

http://www.celebrities.id/ HTTP 301
https://www.celebrities.id/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

332
Requests

99 %
HTTPS

65 %
IPv6

36
Domains

58
Subdomains

53
IPs

8
Countries

7524 kB
Transfer

13180 kB
Size

2
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.okezone.com/
Title: Okezone

Search URL Search Domain Scan URL

URL: https://sindonews.com/
Title: Sindonews

Search URL Search Domain Scan URL

URL: https://inews.id/
Title: iNews

Search URL Search Domain Scan URL

URL: https://www.idxchannel.com/
Title: IDX Channel

Search URL Search Domain Scan URL

URL: https://www.rctiplus.com/
Title: RCTI+

Search URL Search Domain Scan URL

URL: https://visionplus.id/
Title: Vision+

Search URL Search Domain Scan URL

URL: https://mnctrijaya.com/
Title: MNC Trijaya

Search URL Search Domain Scan URL

URL: https://www.roov.id/
Title: Roov

Search URL Search Domain Scan URL

URL: https://emshop.id/
Title: MNC Shop

Search URL Search Domain Scan URL

URL: https://thefthing.com/
Title: The F Thing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/celebrities.id

Search URL Search Domain Scan URL

URL: https://twitter.com/celebdotid

Search URL Search Domain Scan URL

URL: https://www.instagram.com/celebritiesdotid/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCl5kPeb6GB7JYs_jNXVj6hw

Search URL Search Domain Scan URL

URL: https://www.mncgroup.com/business-unit
Title: MNC Group Business

Search URL Search Domain Scan URL

URL: https://www.mncgroup-vp.com/en
Title: Profile MNC Group

Search URL Search Domain Scan URL

URL: https://www.mncpeduli.org/about
Title: MNC Peduli

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.celebrities.id/ HTTP 301
https://www.celebrities.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://sb.scorecardresearch.com/b?c1=2&c2=%23&ns__t=1630317466448&ns_c=UTF-8&cv=3.5&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&c7=https%3A%2F%2Fwww.celebrities.id%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=%23&ns__t=1630317466448&ns_c=UTF-8&cv=3.5&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&c7=https%3A%2F%2Fwww.celebrities.id%2F&c9=

Request Chain 113

https://visionplus.id/statics/app_logo.png HTTP 301
https://www.visionplus.id/statics/app_logo.png

Request Chain 128

https://sb.scorecardresearch.com/cs/9013027/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 146

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&ns__t=1630317467474&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Vision%2B&c7=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&c9=https%3A%2F%2Fwww.celebrities.id%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630317467474&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Vision%2B&c7=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&c9=https%3A%2F%2Fwww.celebrities.id%2F

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1&C=1

Request Chain 202

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSyrnZdfMO53ys381hbfcQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1

Request Chain 287

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOZsOD8UwFKjvVcQ0vHikYQ&google_cver=1&google_push=AYg5qPIQg22xBjU4sxHwD7WrLAlLuyz4fcnB-QnZpkB7LEifp98byS9kzcjZF3Tu0epOpF1g1pVa_PGlFMPAoBu1YoyqPZQCHgMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA1NjgyNjg1ODI3Nzk3NTc1Mg== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEG84ueCnh98ayD5UiwfZDZI&google_cver=1

Request Chain 289

https://a.tribalfusion.com/i.match?p=b6&u=CAESELdVp1_ro54HoGHc-FLWm7o&google_cver=1&google_push=AYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELdVp1_ro54HoGHc-FLWm7o&google_cver=1&google_push=AYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 290

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEL5KieQbOM_1xcKAVuMWMP4&google_cver=1&google_push=AYg5qPK466E1yswwuJMgSpZDU7BlDDmzFX2Ztkaqp6x6XCRQbT44I91T9WA-63PdYVTCwPPJ7gn-9wtvQiNWjazsWn7D9E9BWtj3Tg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPK466E1yswwuJMgSpZDU7BlDDmzFX2Ztkaqp6x6XCRQbT44I91T9WA-63PdYVTCwPPJ7gn-9wtvQiNWjazsWn7D9E9BWtj3Tg&google_hm=QVMybHpLZVpJS1dfd19GUGQyMVZNcEE=

Request Chain 291

https://match.360yield.com/match/ebda?google_gid=CAESEBRsGUNeBx2tqrZT9ohozJU&google_cver=1&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf309Yt-JihvfhIVw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBRsGUNeBx2tqrZT9ohozJU&google_cver=1&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf309Yt-JihvfhIVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YsWy8p5_R_WsXVwGRiqOLw&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf309Yt-JihvfhIVw

Request Chain 292

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPKh0SFE1Xsrq9J7a0djNAs&google_cver=1&google_push=AYg5qPKMuELRAm1HUtDVvZ_HpScqeJPML_u288S6yI-WuDWQYzJiHn2CsddspvGHhFJU2SWFQEIQTwQz0-RhwcrLaUZoNWIxo2odHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKMuELRAm1HUtDVvZ_HpScqeJPML_u288S6yI-WuDWQYzJiHn2CsddspvGHhFJU2SWFQEIQTwQz0-RhwcrLaUZoNWIxo2odHA&google_hm=NjU1NDI2NjkzMDI2MTgzMzA5OA%3D%3D

Request Chain 320

https://sb.scorecardresearch.com/c2/9013027/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

332 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.celebrities.id/
Redirect Chain

http://www.celebrities.id/
https://www.celebrities.id/

56 KB
12 KB

1409ms
1387ms

Document
text/html

2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87f54a27defe2fce6522ab62e8eacc8a1c8e18d0210ed61650411f193232803

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.celebrities.id
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding User-Agent
expires: Mon, 30 Aug 2021 09:57:45 GMT
cache-control: max-age=0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
strict-transport-security: max-age=31536000; includeSubdomains;
x-served-by: MPI
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 686d28165a2d4303-FRA
content-encoding: br

Redirect headers

Date: Mon, 30 Aug 2021 09:57:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Aug 2021 10:57:44 GMT
Location: https://www.celebrities.id/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 686d28161ca95c50-FRA

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
625 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 08:49:24 GMT
server: ESF
date: Mon, 30 Aug 2021 09:57:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 09:57:45 GMT

GET
H2 200 materialize.min.css
www.celebrities.id/assets/dekstop/css/ 11 KB
3 KB 657ms
656ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/materialize.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28121ba48d6aef573b0ab9c0eb73c3d63250b1c98a3b10adb188dba9b41bc5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/materialize.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602ce474-2c4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a2c4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 base.min.css
www.celebrities.id/assets/dekstop/css/ 6 KB
2 KB 651ms
650ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/base.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16999b5ac31a53bf0ce2bcd42316113ee7c09404190ea4582512ec51477e4966

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/base.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Sat, 27 Feb 2021 03:02:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6039b645-1700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a2e4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 header.min.css
www.celebrities.id/assets/dekstop/css/ 9 KB
2 KB 676ms
675ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/header.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3114a61f0b8a8c410deb9fa4485cca447acfdc780220e875afd062137f7a3cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/header.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Fri, 26 Mar 2021 09:09:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605da4c2-25ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a304303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 body.min.css
www.celebrities.id/assets/dekstop/css/ 81 KB
13 KB 669ms
668ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/body.min.css?v=10

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1feb0419db2624bbc7272f0c0acc97ee84acb48c7e6d444a5f973fef67a0a181

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/body.min.css?v=10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Mon, 30 Aug 2021 03:54:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"612c5692-14483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a324303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 footer.min.css
www.celebrities.id/assets/dekstop/css/ 3 KB
943 B 696ms
695ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/footer.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16611b345bbc58d2c621e71f9ade0e93c34ad82b702202b4906f7e18309be6ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/footer.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Fri, 12 Mar 2021 13:56:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"604b72fd-c25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a334303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 font-awesome.min.css
www.celebrities.id/assets/dekstop/css/ 57 KB
12 KB 706ms
705ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2208aa582e5d35622541e1d651acc36f40837d1ef65fd581dc031ffd962229

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602ce474-e48a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a374303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 swiper.min.css
www.celebrities.id/assets/dekstop/css/ 13 KB
4 KB 699ms
698ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/swiper.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d099b0a366ac52985cb242a87dcea74b1493340e8be56ac72b76ba823f3d011e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/swiper.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Fri, 19 Mar 2021 10:26:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60547c65-3557"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d281f0a384303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 logo.png
www.celebrities.id/assets/dekstop/image/ 11 KB
11 KB 27ms
18ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/logo.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

527a5b41bd0b1439e40087f9912b527ab67e1d6aedd1f83206ad31ddde239a50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 324
cf-polished: origSize=15528, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 11039
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-3ca8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:52:22 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28238f714303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 master_707LZp5dS0_318_lulur_kunyit.jpg
img.celebrities.id/okz/800/OAV380/ 54 KB
54 KB 759ms
697ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/OAV380/master_707LZp5dS0_318_lulur_kunyit.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ed0b74a265f1f388ac886c309e2ed816fa91f5b11c71887ff25e31160aa644d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=56157, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 55514
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Aug 2021 05:57:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d8494303-FRA
link: <http://img.celebrities.id/okz/800/OAV380/master_707LZp5dS0_318_lulur_kunyit.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_00cqBh88q0_1021_mayang_yudittia_pakai_baju_pengantin.jpg
img.celebrities.id/okz/800/G373PA/ 32 KB
33 KB 738ms
676ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/G373PA/master_00cqBh88q0_1021_mayang_yudittia_pakai_baju_pengantin.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a990956c0559ce3119e5167b1f3ce23383ebb8281f4aa66e74385aabb5a4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=33827, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 33076
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 07:45:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d84d4303-FRA
link: <http://img.celebrities.id/okz/800/G373PA/master_00cqBh88q0_1021_mayang_yudittia_pakai_baju_pengantin.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_P0154Qg7sW_1659_engkan_herikan.jpg
img.celebrities.id/okz/800/IxL356/ 55 KB
55 KB 745ms
683ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/IxL356/master_P0154Qg7sW_1659_engkan_herikan.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f85cb25fd27073a73550affd050eb97db90b8472d2c3ff7ec405c890876b37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=56595, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 55913
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 07:02:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d84b4303-FRA
link: <http://img.celebrities.id/okz/800/IxL356/master_P0154Qg7sW_1659_engkan_herikan.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_No9K18rj53_1910_bocoran_ikatan_cinta_30_agustus_2021.JPG
img.celebrities.id/okz/800/8D2Wg9/ 40 KB
41 KB 735ms
674ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/8D2Wg9/master_No9K18rj53_1910_bocoran_ikatan_cinta_30_agustus_2021.JPG

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff4c52d2af6ab3b4e6967562a79a5a3ef4c2f92043a23b8a55ad5125ac6aaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=42096, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 41467
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 06:15:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d8504303-FRA
link: <http://img.celebrities.id/okz/800/8D2Wg9/master_No9K18rj53_1910_bocoran_ikatan_cinta_30_agustus_2021.JPG>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_7195U1DhJi_563_heboh_chef_juna_pamit_dari_masterchef_indonesia.jpg
img.celebrities.id/okz/800/184PTv/ 43 KB
43 KB 1225ms
1190ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/184PTv/master_7195U1DhJi_563_heboh_chef_juna_pamit_dari_masterchef_indonesia.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bc4d55f9e40b0e324502a79443dcbc026639adc7b4c2552160376cf733c119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 44086
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 04:39:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d84a4303-FRA
link: <http://img.celebrities.id/okz/800/184PTv/master_7195U1DhJi_563_heboh_chef_juna_pamit_dari_masterchef_indonesia.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_9fwjZd5017_1979_inilah_infografis_profil_agnez_mo_yang_sukses_go_international_dan_meraih_banyak_penghargaan.jpeg
img.celebrities.id/okz/800/Yc52h5/ 175 KB
175 KB 691ms
690ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/Yc52h5/master_9fwjZd5017_1979_inilah_infografis_profil_agnez_mo_yang_sukses_go_international_dan_meraih_banyak_penghargaan.jpeg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78087ce5a74feea08ecbe04670f3c52b310df50fb6068ca061df4787097147bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=189496, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 179159
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 16:48:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d8524303-FRA
link: <http://img.celebrities.id/okz/800/Yc52h5/master_9fwjZd5017_1979_inilah_infografis_profil_agnez_mo_yang_sukses_go_international_dan_meraih_banyak_penghargaan.jpeg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_cPU0S393O9_1585_inilah_infografis_medina_zein_hobi_koleksi_tas_mewah.jpeg
img.celebrities.id/okz/800/g64Lb2/ 91 KB
91 KB 1014ms
1014ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/g64Lb2/master_cPU0S393O9_1585_inilah_infografis_medina_zein_hobi_koleksi_tas_mewah.jpeg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d73ebdc8c04ca18ab091dd2037d638c66e6572c401bc93fd66f6d4e5635ebb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 92708
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 16:31:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28281b0d4303-FRA
link: <http://img.celebrities.id/okz/800/g64Lb2/master_cPU0S393O9_1585_inilah_infografis_medina_zein_hobi_koleksi_tas_mewah.jpeg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_7pM111C1Tz_1971_inilah_infografis_tina_toon_digugat_rp10_miliar.jpeg
img.celebrities.id/okz/800/8TC69P/ 121 KB
122 KB 727ms
726ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/8TC69P/master_7pM111C1Tz_1971_inilah_infografis_tina_toon_digugat_rp10_miliar.jpeg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b52537ff5e7bf9d5bca3dc970504d564e9ff4f2452fa9276b2c53e83b09e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=130520, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 124051
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 14:58:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28281b1a4303-FRA
link: <http://img.celebrities.id/okz/800/8TC69P/master_7pM111C1Tz_1971_inilah_infografis_tina_toon_digugat_rp10_miliar.jpeg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_5K536rHhz3_464_inilah_infografis_netizen_korea_selatan_korsel_dan_china_desak_lucas_didepak_dari_wayv_dan_nct.jpeg
img.celebrities.id/okz/800/wc5L85/ 182 KB
183 KB 701ms
700ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/wc5L85/master_5K536rHhz3_464_inilah_infografis_netizen_korea_selatan_korsel_dan_china_desak_lucas_didepak_dari_wayv_dan_nct.jpeg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d70d60cb02044ea018840b8e1cb0cf364696310213d30e47889c73d5d3f675b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=195886, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 186284
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 14:45:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28282b374303-FRA
link: <http://img.celebrities.id/okz/800/wc5L85/master_5K536rHhz3_464_inilah_infografis_netizen_korea_selatan_korsel_dan_china_desak_lucas_didepak_dari_wayv_dan_nct.jpeg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_6T4qOc1d15_926_inilah_infografis_zahra_nur_khaulah_atau_ara_yang_dikeluarkan_dari_jkt48_akibat_langgar_golden_rules.jpeg
img.celebrities.id/okz/800/08W0gg/ 230 KB
231 KB 643ms
642ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/08W0gg/master_6T4qOc1d15_926_inilah_infografis_zahra_nur_khaulah_atau_ara_yang_dikeluarkan_dari_jkt48_akibat_langgar_golden_rules.jpeg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac8ab7f90ba98eb6d59983b09d5e01e30159a638e6d29128bdc04872890f5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=jpeg, origSize=276030
content-disposition: inline; filename="master_6T4qOc1d15_926_inilah_infografis_zahra_nur_khaulah_atau_ara_yang_dikeluarkan_dari_jkt48_akibat_langgar_golden_rules.webp"
vary: Accept
content-length: 235746
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Aug 2021 15:46:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28283b6e4303-FRA
link: <http://img.celebrities.id/okz/800/08W0gg/master_6T4qOc1d15_926_inilah_infografis_zahra_nur_khaulah_atau_ara_yang_dikeluarkan_dari_jkt48_akibat_langgar_golden_rules.jpeg>; rel="canonical"
cf-bgj: imgq:100,h2pri

GET
H2 200 master_2jCl36K0Y4_310_danang_da.jpg
img.celebrities.id/okz/800/3k1KV7/ 33 KB
34 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/3k1KV7/master_2jCl36K0Y4_310_danang_da.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ac4bfde5635c1dd8367076d6e5d88a7206d841171e28a52435a0e48d9346236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 44
cf-polished: origSize=34893, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 34069
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:49:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2823d8514303-FRA
link: <http://img.celebrities.id/okz/800/3k1KV7/master_2jCl36K0Y4_310_danang_da.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_G69e7SN6E2_2145_penumpang_krl.jpg
img.celebrities.id/okz/800/85D4gB/ 41 KB
41 KB 18ms
18ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/85D4gB/master_G69e7SN6E2_2145_penumpang_krl.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a86453d40b43cc2b6c1c05e68a69d1bfd324a690ed353845928254395168a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 44
cf-polished: origSize=41914, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 41481
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:41:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28283b6f4303-FRA
link: <http://img.celebrities.id/okz/800/85D4gB/master_G69e7SN6E2_2145_penumpang_krl.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_S3y12Go69L_1854_robotkopi.jpg
img.celebrities.id/okz/800/Y3C66Y/ 18 KB
19 KB 705ms
704ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/Y3C66Y/master_S3y12Go69L_1854_robotkopi.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4425a1d0673859a098bbe515681147bdca5ed3062f98ba74bd7b372024098bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 34601
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 18816
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-pUstLk-MXK"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=314738764
accept-ranges: bytes
cf-ray: 686d28285bbd4303-FRA
link: <http://img.celebrities.id/okz/800/Y3C66Y/master_S3y12Go69L_1854_robotkopi.jpg>; rel="canonical"
expires: Wed, 20 Aug 2031 12:16:19 GMT

GET
H2 200 master_6773qeTZo8_1568_roya_heydari.jpg
img.celebrities.id/okz/800/58Jz3K/ 42 KB
43 KB 19ms
16ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/58Jz3K/master_6773qeTZo8_1568_roya_heydari.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f74fd19d40d63cd84300374b85569977308c408d07971d63160c1a2c2f3a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45
cf-polished: origSize=43858, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 43151
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:43:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d282b5ba34303-FRA
link: <http://img.celebrities.id/okz/800/58Jz3K/master_6773qeTZo8_1568_roya_heydari.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_p9JjJZ1996_723.jpg
img.celebrities.id/okz/800/S1F1t9/ 19 KB
19 KB 15ms
13ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/S1F1t9/master_p9JjJZ1996_723.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48c06082cb31ddfbd2638a6c5f78faa180a4a3fa355672137b5a6bc0a2d608c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45
cf-polished: origSize=20118, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 19055
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Apr 2021 03:18:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d282b7be14303-FRA
link: <http://img.celebrities.id/okz/800/S1F1t9/master_p9JjJZ1996_723.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_o18G02q0LX_1092_sisca_kohl.jpg
img.celebrities.id/okz/800/1lH7Z7/ 31 KB
31 KB 15ms
15ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/1lH7Z7/master_o18G02q0LX_1092_sisca_kohl.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2032cc9893f54975ce0116eaf05e77ba80e3c555a1015bd67ce83bbe97e016b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45
cf-polished: origSize=32506, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 31736
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:34:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d282b8c104303-FRA
link: <http://img.celebrities.id/okz/800/1lH7Z7/master_o18G02q0LX_1092_sisca_kohl.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_542D9JQo0Q_1514.jpg
img.celebrities.id/okz/800/m122gm/ 9 KB
9 KB 662ms
661ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/m122gm/master_542D9JQo0Q_1514.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e170ad1f13066ae14d5ec30429a3be3940778a6dd975094320d240478b65198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 15110
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 9150
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-1-83uu8i0C"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=314772258
accept-ranges: bytes
cf-ray: 686d282bac444303-FRA
link: <http://img.celebrities.id/okz/800/m122gm/master_542D9JQo0Q_1514.jpg>; rel="canonical"
expires: Thu, 21 Aug 2031 14:42:07 GMT

GET
H2 200 master_4YS2qk36u1_380_aurel_hermansyah_hamil_anak_perempuan.jpg
img.celebrities.id/okz/800/le870i/ 28 KB
29 KB 929ms
929ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/le870i/master_4YS2qk36u1_380_aurel_hermansyah_hamil_anak_perempuan.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18894931a6a8e57be3d62c9fbc2c563aa14b1e0a606574892e71b6c986557480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 29136
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:28:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d282c6df44303-FRA
link: <http://img.celebrities.id/okz/800/le870i/master_4YS2qk36u1_380_aurel_hermansyah_hamil_anak_perempuan.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_Mz6V0q3j43_1921_gaya_jennifer_lopez_pakai_jubah_dolce_gabbana.jpg
img.celebrities.id/okz/800/o59e6J/ 50 KB
50 KB 731ms
730ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/o59e6J/master_Mz6V0q3j43_1921_gaya_jennifer_lopez_pakai_jubah_dolce_gabbana.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07143d40e4dbc6890e461d985eab15593ba37aa662d060963ab9ce76b233ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=51892, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 51152
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 07:02:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d282c9e554303-FRA
link: <http://img.celebrities.id/okz/800/o59e6J/master_Mz6V0q3j43_1921_gaya_jennifer_lopez_pakai_jubah_dolce_gabbana.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_10EkRKT417_288_sekolah.jpg
img.celebrities.id/okz/800/86t6Gv/ 36 KB
36 KB 991ms
987ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/86t6Gv/master_10EkRKT417_288_sekolah.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6616a314f5b3069586a85f0c553bf24f1717e168b55b790fe69ca52e4a96520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 195333
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 36846
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-JjnVNWHlz7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=314907287
accept-ranges: bytes
cf-ray: 686d282ccebf4303-FRA
link: <http://img.celebrities.id/okz/800/86t6Gv/master_10EkRKT417_288_sekolah.jpg>; rel="canonical"
expires: Sat, 23 Aug 2031 04:12:36 GMT

GET
H2 200 master_x8721KUX0u_506_pesepakbola_muslim.jpg
img.celebrities.id/okz/800/z3Q7d3/ 35 KB
36 KB 1063ms
1062ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/z3Q7d3/master_x8721KUX0u_506_pesepakbola_muslim.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b640745fbcafad5568d185b436f7b094396b41bde381b8902568249e970fbeee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 36139
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 12:29:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d282ccec24303-FRA
link: <http://img.celebrities.id/okz/800/z3Q7d3/master_x8721KUX0u_506_pesepakbola_muslim.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_J9M5r1P4O8_2104_david_noah.jpg
img.celebrities.id/okz/800/Bwv642/ 12 KB
12 KB 874ms
873ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/Bwv642/master_J9M5r1P4O8_2104_david_noah.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de892c1c47ad0c87b7e7f667feca457d4a79f81455cd8ac5221faf47f5fa5391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 25792
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 12490
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-0bXva89jVb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=314641259
accept-ranges: bytes
cf-ray: 686d282fce5f4303-FRA
link: <http://img.celebrities.id/okz/800/Bwv642/master_J9M5r1P4O8_2104_david_noah.jpg>; rel="canonical"
expires: Wed, 20 Aug 2031 02:18:48 GMT

GET
H2 200 master_JlRY5b4560_2024_instagram_kembangkan_fitur_terbaru.JPG
img.celebrities.id/okz/800/78amT6/ 18 KB
18 KB 737ms
734ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/78amT6/master_JlRY5b4560_2024_instagram_kembangkan_fitur_terbaru.JPG

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dfdb3dcf041889201221787e2d829bfbcb2c16ef58f5ef624689302aa0d9462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=19001, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 18349
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:22:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2830b8b84303-FRA
link: <http://img.celebrities.id/okz/800/78amT6/master_JlRY5b4560_2024_instagram_kembangkan_fitur_terbaru.JPG>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_Xf60O1Xz64_356_jangan_gusar_kalau_punya_pasangan_genit.jpg
img.celebrities.id/okz/800/MPL589/ 43 KB
43 KB 653ms
653ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/MPL589/master_Xf60O1Xz64_356_jangan_gusar_kalau_punya_pasangan_genit.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dee1b91d9349b743141fa228783f87e02fc2be7996251972f1813788d799482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=44756, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 44116
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:18:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283129da4303-FRA
link: <http://img.celebrities.id/okz/800/MPL589/master_Xf60O1Xz64_356_jangan_gusar_kalau_punya_pasangan_genit.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_u5340HV3vh_1009_film_radhe_shyam_rilis_poster_terbaru.jpg
img.celebrities.id/okz/800/3qe68Z/ 47 KB
47 KB 786ms
782ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/3qe68Z/master_u5340HV3vh_1009_film_radhe_shyam_rilis_poster_terbaru.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fe91a234bf12d1d3bfdac5b49bd9669525bb5486769f0246fc79a6a93df70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=48110, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 47816
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:13:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28324cea4303-FRA
link: <http://img.celebrities.id/okz/800/3qe68Z/master_u5340HV3vh_1009_film_radhe_shyam_rilis_poster_terbaru.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_S8s4qK33F1_204_viral_makan_diluar.jpg
img.celebrities.id/okz/800/v7J31q/ 37 KB
37 KB 675ms
674ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/v7J31q/master_S8s4qK33F1_204_viral_makan_diluar.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee15f832f81926fff08ddd9e9b777047cdcb25238cabb39905e717ff97d3395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=38119, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 37509
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d2832feb74303-FRA
link: <http://img.celebrities.id/okz/800/v7J31q/master_S8s4qK33F1_204_viral_makan_diluar.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_41t12goW4f_674_shin_min_ah.jpg
img.celebrities.id/okz/800/z258lc/ 33 KB
33 KB 661ms
660ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/z258lc/master_41t12goW4f_674_shin_min_ah.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7819c64cb4abaf9e6a00cad4bcd80ec76241ac96e709f7ae85c1fbcbdc64c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=34702, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 33696
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:10:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283368544303-FRA
link: <http://img.celebrities.id/okz/800/z258lc/master_41t12goW4f_674_shin_min_ah.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_pt40I37Ct5_2055_david_noah.jpg
img.celebrities.id/okz/800/8eUt32/ 30 KB
30 KB 813ms
813ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/8eUt32/master_pt40I37Ct5_2055_david_noah.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295fcbd1064ce4bb952dad41d6f4587106396e28efeff9da70ee82270cc04eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 30893
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Aug 2021 08:49:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-ajvB7w3d5n"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28353d144303-FRA
link: <http://img.celebrities.id/okz/800/8eUt32/master_pt40I37Ct5_2055_david_noah.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-streaming.png
www.celebrities.id/assets/dekstop/image/ 26 KB
26 KB 652ms
651ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/widget-streaming.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e458f8c82e2df08ddc3ef7058ba420a244df4d799fc624bb395d36969941ccfb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/widget-streaming.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=26500, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 26464
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Thu, 15 Jul 2021 03:40:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60efae40-6784"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:46 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282408ca4303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 RCTI.png
www.celebrities.id/assets/dekstop/image/ 4 KB
4 KB 707ms
707ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/RCTI.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ff5a99b881a72f25dc80a7e9096736288c5eece39b50349cffed0857405fc87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/RCTI.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=3694, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 3639
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 14 Jul 2021 10:56:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60eec2fb-e6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:46 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282408d44303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 MNC.png
www.celebrities.id/assets/dekstop/image/ 2 KB
2 KB 729ms
729ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/MNC.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f62706fc2e526effcb392237354c44eeb6445468e39fcf8524fad5923ce04e35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/MNC.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=2312, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 2311
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 14 Jul 2021 10:56:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60eec2fb-908"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:46 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282408d24303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 GTV.png
www.celebrities.id/assets/dekstop/image/ 5 KB
6 KB 664ms
663ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/GTV.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6e812cc651e24c39e2d6f73c0cdeceddffe9f3b285e6cd25ed820104bf3bee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/GTV.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: User-Agent, Accept-Encoding
content-length: 5208
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 14 Jul 2021 10:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60eec2fc-1458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282408d34303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 iNews.png
www.celebrities.id/assets/dekstop/image/ 4 KB
4 KB 680ms
679ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/iNews.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

363c3bc1ac19ffc068c4dba32517a4a40cabfd704270b42fc9283f10bba3c269

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/iNews.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: User-Agent, Accept-Encoding
content-length: 3964
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 14 Jul 2021 10:57:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60eec2fc-f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282408ce4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 sinetron-ikatan-cinta-tembus-rating-tinggi-arya-sa.png
www.celebrities.id/assets/dekstop/image/ 178 KB
178 KB 1617ms
1616ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/sinetron-ikatan-cinta-tembus-rating-tinggi-arya-sa.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17cdf4aa92406d8526415ad620b80f4630d036a13438a28754bd5f60be01ac82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/sinetron-ikatan-cinta-tembus-rating-tinggi-arya-sa.png
pragma: no-cache
cookie: __asc=2644eb4717b967e536c31f3f16f; __auc=2644eb4717b967e536c31f3f16f; _gid=GA1.2.1232049928.1630317466; _gat_UA-191911166-1=1; _ga_8C4W0ZLTTR=GS1.1.1630317466.1.0.1630317466.0; _ga=GA1.1.1829247102.1630317466
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: User-Agent, Accept-Encoding
content-length: 182149
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Tue, 27 Apr 2021 08:51:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6087d07b-2c785"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28281b084303-FRA
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 mediaquery-HDPI.min.css
www.celebrities.id/assets/dekstop/css/ 12 B
212 B 699ms
696ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/mediaquery-HDPI.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788716458f3ebb8c72175fbb536313d1c63fe4253b7ffe17b18309d660053bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/mediaquery-HDPI.min.css
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: User-Agent, Accept-Encoding
content-length: 12
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "602ce474-c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d2831ab0f4303-FRA
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H2 200 mediaquery-MDPI.min.css
www.celebrities.id/assets/dekstop/css/ 12 B
76 B 739ms
727ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/mediaquery-MDPI.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788716458f3ebb8c72175fbb536313d1c63fe4253b7ffe17b18309d660053bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/mediaquery-MDPI.min.css
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: User-Agent, Accept-Encoding
content-length: 12
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "602ce474-c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28324cec4303-FRA
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H2 200 mediaquery-SDPI.min.css
www.celebrities.id/assets/dekstop/css/ 12 B
505 B 696ms
696ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/mediaquery-SDPI.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788716458f3ebb8c72175fbb536313d1c63fe4253b7ffe17b18309d660053bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/mediaquery-SDPI.min.css
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: User-Agent, Accept-Encoding
content-length: 12
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "602ce474-c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28358dbd4303-FRA
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H2 200 mediaquery-mobile.min.css
www.celebrities.id/assets/dekstop/css/ 12 B
95 B 678ms
674ms Stylesheet
text/css 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/css/mediaquery-mobile.min.css

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788716458f3ebb8c72175fbb536313d1c63fe4253b7ffe17b18309d660053bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/css/mediaquery-mobile.min.css
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: User-Agent, Accept-Encoding
content-length: 12
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "602ce474-c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28360f4b4303-FRA
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H2 200 master_109Ih5g3Dh_2192_ikatan_cinta.jpeg
img.celebrities.id/okz/800/06ds2u/ 47 KB
47 KB 647ms
647ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/06ds2u/master_109Ih5g3Dh_2192_ikatan_cinta.jpeg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4475283f8579db9c45fda75116c0de1fff190cd7af01f3ad1541c0ca4e1b4259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=48452, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 47837
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 06:23:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28354d194303-FRA
link: <http://img.celebrities.id/okz/800/06ds2u/master_109Ih5g3Dh_2192_ikatan_cinta.jpeg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_LI93z3L49N_593_ikatan_cinta.jpg
img.celebrities.id/okz/800/5Ow00l/ 35 KB
35 KB 692ms
692ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/5Ow00l/master_LI93z3L49N_593_ikatan_cinta.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43825f37f7e40683ee445d67694a9da47013b9d36e40d8c8d2db7a2518fd6930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=36164, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 35462
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 16:12:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28354d2d4303-FRA
link: <http://img.celebrities.id/okz/800/5Ow00l/master_LI93z3L49N_593_ikatan_cinta.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_U774fz8if9_460_ikatan_cinta.jpg
img.celebrities.id/okz/800/XrF419/ 44 KB
44 KB 699ms
698ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/XrF419/master_U774fz8if9_460_ikatan_cinta.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ed5869ca71844a2d3c1fda1b1f703c6ca01253045c4f884e73a447890667d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=45455, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 44758
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Aug 2021 15:05:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28372a584303-FRA
link: <http://img.celebrities.id/okz/800/XrF419/master_U774fz8if9_460_ikatan_cinta.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_50OT8B47Ms_618_deddy_corbuzier.jpg
img.celebrities.id/okz/800/4r57cf/ 26 KB
26 KB 699ms
699ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/4r57cf/master_50OT8B47Ms_618_deddy_corbuzier.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d0fdf19a843ade02b57a836592c64b21468db1d8851e40eb234761ae3eeb26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 43435
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 26198
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-qp_AFrMJdA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=314791275
accept-ranges: bytes
cf-ray: 686d28372a5a4303-FRA
link: <http://img.celebrities.id/okz/800/4r57cf/master_50OT8B47Ms_618_deddy_corbuzier.jpg>; rel="canonical"
expires: Wed, 20 Aug 2031 11:44:32 GMT

GET
H2 200 master_Eg1121LR1w_1378_agnez_mo.jpg
img.celebrities.id/okz/800/g31Hz4/ 58 KB
58 KB 645ms
644ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/g31Hz4/master_Eg1121LR1w_1378_agnez_mo.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee45bdbda623e1673c5e6a21a6a7104725ca0b276fbfa98215a2d21b882805e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=59360, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 58949
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Aug 2021 16:08:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28379b484303-FRA
link: <http://img.celebrities.id/okz/800/g31Hz4/master_Eg1121LR1w_1378_agnez_mo.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_Rg47C3df04_1821_nadya.jpg
img.celebrities.id/okz/800/4fA47r/ 41 KB
42 KB 704ms
702ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/4fA47r/master_Rg47C3df04_1821_nadya.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a27a31d2cbfa962fdccb0db1257640f51171b98501f0fe7cf99381929eec42ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=43104, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 42374
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Aug 2021 15:35:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28395fcd4303-FRA
link: <http://img.celebrities.id/okz/800/4fA47r/master_Rg47C3df04_1821_nadya.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_U7hP2920Wp_2042_teuku_ryan.jpg
img.celebrities.id/okz/800/03W1KL/ 21 KB
21 KB 713ms
712ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/03W1KL/master_U7hP2920Wp_2042_teuku_ryan.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d05900f5e3057d44472fa0c73de38b01e40d0de24f5c6ecba28290e8b01f917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-original-content-length: 41707
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 21094
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-9UKP9k9lv4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=315212219
accept-ranges: bytes
cf-ray: 686d2839a8b14303-FRA
link: <http://img.celebrities.id/okz/800/03W1KL/master_U7hP2920Wp_2042_teuku_ryan.jpg>; rel="canonical"
expires: Mon, 25 Aug 2031 17:25:42 GMT

GET
H2 200 icon_video.png
www.celebrities.id/assets/dekstop/image/ 424 B
538 B 736ms
735ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_video.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2095f3023e5c8717fec24d0fc044e435d1ad077544a00f5d4194085b17a56b27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_video.png
pragma: no-cache
cookie: __asc=2644eb4717b967e536c31f3f16f; __auc=2644eb4717b967e536c31f3f16f; _gid=GA1.2.1232049928.1630317466; _gat_UA-191911166-1=1; _ga_8C4W0ZLTTR=GS1.1.1630317466.1.0.1630317466.0; _ga=GA1.1.1829247102.1630317466
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=616, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 424
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-268"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:47 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28282b3a4303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon_play_tr.png
www.celebrities.id/assets/dekstop/image/ 716 B
937 B 702ms
700ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_play_tr.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bcb70d8bc4cb5df38f0bcfc485d581fab8ba56feca667cdfa7c057a624f568

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_play_tr.png
pragma: no-cache
cookie: __asc=2644eb4717b967e536c31f3f16f; __auc=2644eb4717b967e536c31f3f16f; _gid=GA1.2.1232049928.1630317466; _gat_UA-191911166-1=1; _ga_8C4W0ZLTTR=GS1.1.1630317466.1.0.1630317466.0; _ga=GA1.1.1829247102.1630317466
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=1511, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 716
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-5e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:47 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28283b6b4303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 master_80S6z9ifl1_2116_judika_duma_riris.jpg
img.celebrities.id/okz/800/APP867/ 38 KB
39 KB 1069ms
1069ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/APP867/master_80S6z9ifl1_2116_judika_duma_riris.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

527fdef4dcd3453f15bc932c77af3aa9716be82565e7fb34178376527fef0637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 39348
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 09:06:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283a5ab74303-FRA
link: <http://img.celebrities.id/okz/800/APP867/master_80S6z9ifl1_2116_judika_duma_riris.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_camera.png
www.celebrities.id/assets/dekstop/image/ 483 B
1 KB 662ms
662ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_camera.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923801d97fecf4aa132dfb062d44b8c4757038e16aceb803a373af4a2c82d2ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_camera.png
pragma: no-cache
cookie: __asc=2644eb4717b967e536c31f3f16f; __auc=2644eb4717b967e536c31f3f16f; _gid=GA1.2.1232049928.1630317466; _gat_UA-191911166-1=1; _ga_8C4W0ZLTTR=GS1.1.1630317466.1.0.1630317466.0; _ga=GA1.1.1829247102.1630317466
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=752, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 483
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:47 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28284b794303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 master_4J8v0Xx6r9_661_seniman_tato_asal_brasil.jpg
img.celebrities.id/okz/800/3G82Cs/ 49 KB
49 KB 1186ms
1185ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/3G82Cs/master_4J8v0Xx6r9_661_seniman_tato_asal_brasil.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb9a7caf90e08afe1af99f3998a36830f3e5748be0cd6278d4543683ec53129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 49792
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 08:56:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283b9dd34303-FRA
link: <http://img.celebrities.id/okz/800/3G82Cs/master_4J8v0Xx6r9_661_seniman_tato_asal_brasil.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_camera_tr.png
www.celebrities.id/assets/dekstop/image/ 842 B
957 B 690ms
690ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_camera_tr.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d7c12506153bc4ddaaadb96bca0e8fb9b94e30ed605fd3ee636cbefcc039db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_camera_tr.png
pragma: no-cache
cookie: __asc=2644eb4717b967e536c31f3f16f; __auc=2644eb4717b967e536c31f3f16f; _gid=GA1.2.1232049928.1630317466; _gat_UA-191911166-1=1; _ga_8C4W0ZLTTR=GS1.1.1630317466.1.0.1630317466.0; _ga=GA1.1.1829247102.1630317466
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=1474, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 842
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-5c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:47 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28286be94303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 master_Wg28T93LD2_2086_sdn_cipinang_melayu_08.jpg
img.celebrities.id/okz/800/723sHb/ 67 KB
67 KB 705ms
704ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/723sHb/master_Wg28T93LD2_2086_sdn_cipinang_melayu_08.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00837ac2548b0490ce3c9074494590017ddd282318a842780b90050e1743335d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=69280, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 68722
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 06:09:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283b9dd74303-FRA
link: <http://img.celebrities.id/okz/800/723sHb/master_Wg28T93LD2_2086_sdn_cipinang_melayu_08.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_7G495UFLW5_1042_executive_chairwoman_mnc_group_liliana_tanoesoedibjo_menyerahkan_penghargaan_kepada_jesselyn_lauwreen.jpg
img.celebrities.id/okz/800/93A6WF/ 46 KB
46 KB 745ms
745ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/93A6WF/master_7G495UFLW5_1042_executive_chairwoman_mnc_group_liliana_tanoesoedibjo_menyerahkan_penghargaan_kepada_jesselyn_lauwreen.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ed1693e453fde2f1b355d808bc61307c6041ac03a5faaf5ce6a70673f608d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=47844, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 47127
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 04:10:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283b9dea4303-FRA
link: <http://img.celebrities.id/okz/800/93A6WF/master_7G495UFLW5_1042_executive_chairwoman_mnc_group_liliana_tanoesoedibjo_menyerahkan_penghargaan_kepada_jesselyn_lauwreen.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_footer.png
www.celebrities.id/assets/dekstop/image/ 5 KB
5 KB 716ms
715ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/logo_footer.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1d677e8dcb3c1d100f159f73a193735452747f1d223e4e585b8e0eb71a29da5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/logo_footer.png
pragma: no-cache
cookie: __asc=2644eb4717b967e536c31f3f16f; __auc=2644eb4717b967e536c31f3f16f; _gid=GA1.2.1232049928.1630317466; _gat_UA-191911166-1=1; _ga_8C4W0ZLTTR=GS1.1.1630317466.1.0.1630317466.0; _ga=GA1.1.1829247102.1630317466
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=6507, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 4615
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-196b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:47 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d2828dce54303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon_facebook.png
www.celebrities.id/assets/dekstop/image/ 358 B
522 B 681ms
680ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_facebook.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d812918a9d3e46c217aeeb6538fb49254936f1fa375f1f81d26f2ba593d15706

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_facebook.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=509, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 358
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-1fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:48 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282c6df24303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon_instagram.png
www.celebrities.id/assets/dekstop/image/ 633 B
747 B 687ms
686ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_instagram.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c42593cbeeb3520a5446bd1a3505afd2c4b600bf3644acf99706a9ccd136b47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_instagram.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=1031, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 633
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-407"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:48 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282cae674303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon_youtube.png
www.celebrities.id/assets/dekstop/image/ 374 B
487 B 664ms
662ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_youtube.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bade0190d86b508a2ca2d55dbb6657b8804b176455ed9534d8c6319b84b0b883

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_youtube.png
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=530, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 374
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-212"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:48 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282ccec14303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon_twitter.png
www.celebrities.id/assets/dekstop/image/ 524 B
1 KB 677ms
647ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/icon_twitter.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d76bb30b11a82a9f8a9038935266c3df95175948d4a8fbb8005a978d902fa84e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/icon_twitter.png
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=726, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 524
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-2d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:48 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d282d88a24303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 to-top.png
www.celebrities.id/assets/dekstop/image/ 359 B
975 B 731ms
722ms Image
image/png 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebrities.id/assets/dekstop/image/to-top.png

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf120d075610ffee44ca86c8a1cf8bb04d5ccea626469006dfa3487f1b3619bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/image/to-top.png
pragma: no-cache
cookie: __gads=ID=263368a6cd7b49bf-22f15422dac80033:T=1630317467:S=ALNI_MaApmIKIo-FUleAcq90hPGHsk94jg
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=616, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 359
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 10 Mar 2021 12:11:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6048b75d-268"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
expires: Mon, 30 Aug 2021 09:57:48 GMT
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d2830f96e4303-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 jquery-3.5.1.min.js Show response
www.celebrities.id/assets/dekstop/js/ 87 KB
31 KB 712ms
712ms Script
application/javascript 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/js/jquery-3.5.1.min.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/js/jquery-3.5.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602ce474-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d28236f094303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 sweetalert.min.js Show response
www.celebrities.id/assets/dekstop/js/ 40 KB
13 KB 661ms
660ms Script
application/javascript 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/js/sweetalert.min.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/js/sweetalert.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602ce474-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d28237f264303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 materialize.min.js Show response
www.celebrities.id/assets/dekstop/js/ 177 KB
43 KB 685ms
675ms Script
application/javascript 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/js/materialize.min.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/js/materialize.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602ce474-2c375"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d28238f6a4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 swiper.min.js Show response
www.celebrities.id/assets/dekstop/js/ 137 KB
36 KB 710ms
700ms Script
application/javascript 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/js/swiper.min.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/js/swiper.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602ce474-22208"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d28238f6c4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 script.js Show response
www.celebrities.id/assets/dekstop/js/ 18 KB
5 KB 758ms
748ms Script
application/javascript 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/js/script.js?v=02

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd004066786d6cb7bb4bb656d9aa1ab97e029ce72673a83e498bf8bc83fb5ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/js/script.js?v=02
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebrities.id
referer: https://www.celebrities.id/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding User-Agent
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Fri, 27 Aug 2021 10:57:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6128c522-46c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
cf-ray: 686d28238f6f4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 260ms
28ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

7118225afa4389897e720dbd6c7e051ae0ca3a02a6f282038a396752efc1803a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "973 / 470 of 1000 / last-modified: 1630313496"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25212
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKWHPTT

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b282e38efcf6da08c218496dfe702bdc57694feb8304ec48d022c5a8a7fd4a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54066
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 242ms
12ms Script
application/javascript 13.224.93.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-123.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 10770619
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: ULwwTp3gtU27TPgVMLNDaSMrviHVU7SzLF6wdRW61g58QWV2SmCAww==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 41ms
12ms Script
application/javascript 13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:46:53 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 653
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZM9D-VXqOhThff3YLSxL3ld8jZkBnIqCYvoxe7ngxwucQJ61VgfS9w==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.celebrities.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 00:41:05 GMT
x-content-type-options: nosniff
age: 379001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 00:41:05 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.celebrities.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 22:39:47 GMT
x-content-type-options: nosniff
age: 386279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 22:39:47 GMT

GET
H2 200 fa-solid-900.woff2
www.celebrities.id/assets/dekstop/font/ 78 KB
78 KB 664ms
663ms Font
font/woff2 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/font/fa-solid-900.woff2

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/font/fa-solid-900.woff2
pragma: no-cache
origin: https://www.celebrities.id
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.celebrities.id
referer: https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.celebrities.id
Referer: https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: User-Agent, Accept-Encoding
content-length: 79444
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "602ce474-13654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28239f7f4303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 fa-brands-400.woff2
www.celebrities.id/assets/dekstop/font/ 75 KB
75 KB 683ms
683ms Font
font/woff2 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebrities.id/assets/dekstop/font/fa-brands-400.woff2

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/dekstop/font/fa-brands-400.woff2
pragma: no-cache
origin: https://www.celebrities.id
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.celebrities.id
referer: https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.celebrities.id
Referer: https://www.celebrities.id/assets/dekstop/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: User-Agent, Accept-Encoding
content-length: 76612
x-xss-protection: 1; mode=block
x-served-by: MPI
last-modified: Wed, 17 Feb 2021 09:40:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "602ce474-12b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=1800
content-security-policy: frame-ancestors *.celebrities.id *.mnctv.com *.okezone.com *.sindonews.com *.inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com *.mncgroup.com *.mnctrijaya.com mnctrijaya.com *.gtv.id *.jobsmnc.co.id mnc-insurance.com *.mnclife.com *.sin.do dashboard.vidy.com vidy//-
accept-ranges: bytes
cf-ray: 686d28239f804303-FRA
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Origin: https://www.celebrities.id
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3-29 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.celebrities.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 20:24:35 GMT
x-content-type-options: nosniff
age: 135191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 20:24:35 GMT

GET
H2 200 news Show response
www.rctiplus.com/idx/ Frame 1456 10 KB
4 KB 673ms
609ms Document
text/html 47.246.43.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rctiplus.com/idx/news
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.227 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / Dark Phoenix
Resource Hash: ed179e4eadae3b2d0cdcb0a71de08f0a0a222e233bf9ffd07195ab00bf3198f4

Request headers

:method: GET
:authority: www.rctiplus.com
:scheme: https
:path: /idx/news
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

server: Tengine
content-type: text/html; charset=UTF-8
date: Mon, 30 Aug 2021 09:57:46 GMT
vary: Accept-Encoding User-Agent
cache-control: no-cache, private
x-robots-tag: noindex
x-powered-by: Dark Phoenix
set-cookie: XSRF-TOKEN=eyJpdiI6ImdWcEUzVncvNVZ0ckF2eHFwbE9ZcFE9PSIsInZhbHVlIjoicDVYMjNUekZTT1pKV3pKMVZzVnVSUXVEZk1zOHZpWTNQcXJWZENvdkpCb1dHNEdxcUN2QnRhYTNmNyt3aU1JNkVObWRodDJ0dUhXOXR1TTZaTWZFT0JLSTFnRTNSTW1FM2hlM0VHa0NnT3ViYWNLVUNMWjJHa0N1ZDcvTmRrUkUiLCJtYWMiOiJmYTBiZTlkOGRjYzZhYTA0ZDU4OGZjY2UzNjBiMGNlNGRjYTJjNDk4YmI1ZjUxZDk1Nzc4NmJiNmYyYWY0ODk1In0%3D; expires=Mon, 30-Aug-2021 11:57:46 GMT; Max-Age=7200; path=/; samesite=lax amp_rcti_session=eyJpdiI6InBEZWNHWVJJcWgwWm9RUVpJNHcxS2c9PSIsInZhbHVlIjoiQzFDTUMwSDdqK1gwMFpHaHRGRWxySnlzNVRIZUFCWjFpTVp2bmtRMjBaVitQZlVMYzh2cHVVeE8xUEt1TlppYU1ReDZtS2VJS0lpSXBTUU5NVVliNHliOVo4T3NUMUkwOHRoVDdKUmFUZG5zVXBML25oNWJpM1ZNYjNqcGpUTm0iLCJtYWMiOiJlY2YwZjYxNWNkYWQzYTMxMDJkNmJlYzZlMGE0NjNlNmI2MDUwMzk3MzliYzU4MTkxMGRkMzg1MzNjYmQ2MTUzIn0%3D; expires=Mon, 30-Aug-2021 11:57:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax
access-control-allow-origin: *
content-encoding: gzip
ali-swift-global-savetime: 1630317467
via: cache20.l2ot7-1[416,416,200-0,M], cache4.l2ot7-1[418,0], cache4.l2ot7-1[418,0], cache8.de2[587,587,200-0,M], cache3.de2[590,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 30 Aug 2021 09:57:47 GMT
x-swift-cachetime: 0
timing-allow-origin: *
eagleid: 2ff62b9716303174664844625e

GET
H2 200 widget-dark.html Show response
www.visionplus.id/watch/video/ Frame C6EB 20 KB
5 KB 661ms
243ms Document
text/html 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-147.mncplaymedia.com
Software: nginx /
Resource Hash: f63cabcb5869261342ac88493984878cedeada45bdc44b9c8b6ff43cf12aa675

Request headers

:method: GET
:authority: www.visionplus.id
:scheme: https
:path: /watch/video/widget-dark.html?fr=cb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

server: nginx
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Mon, 30 Aug 2021 09:57:46 GMT
x-page-speed: Powered By Visionplus
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=%23&ns__t=1630317466448&ns_c=UTF-8&cv=3.5&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&...
https://sb.scorecardresearch.com/b2?c1=2&c2=%23&ns__t=1630317466448&ns_c=UTF-8&cv=3.5&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id...

64 B
329 B

20ms
20ms

Image
image/gif

13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=%23&ns__t=1630317466448&ns_c=UTF-8&cv=3.5&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&c7=https%3A%2F%2Fwww.celebrities.id%2F&c9=
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: H0UT7G8ZrtOR2d7eaoT71R6-oJsOSXQs_BE-mfp2E50Xe5cX0q0QHg==

Redirect headers

date: Mon, 30 Aug 2021 09:57:46 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=%23&ns__t=1630317466448&ns_c=UTF-8&cv=3.5&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&c7=https%3A%2F%2Fwww.celebrities.id%2F&c9=
content-length: 262
x-amz-cf-id: tMFDfn0MoC_LUP-jegO1OjGaSzW5bTev1kwffGY0s8g2oWggB7mc5Q==

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
51 KB 42ms
39ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8C4W0ZLTTR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKWHPTT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dc4844afd53b83d55ac46c02d2ce1bcd5324d2e4c406be4c7a44b2d70b59c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51813
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKWHPTT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1527
date: Mon, 30 Aug 2021 09:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 30 Aug 2021 11:32:19 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 26ms
26ms Image
text/plain 13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9013027&ns__t=1630317466469&ns_c=UTF-8&c8=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&c7=https%3A%2F%2Fwww.celebrities.id%2F&c9=
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: uDM_nX9jl8Knv52YGtA8HBSo6sehS0FYRms3HTijsorAHQ7Ip1l08g==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 39ms
11ms Image
image/gif 13.224.93.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&time=1630317466476&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.celebrities.id%2F&random_number=7655761014&sess_cookie=2644eb4717b967e536c31f3f16f&sess_cookie_flag=1&user_cookie=2644eb4717b967e536c31f3f16f&user_cookie_flag=1&dynamic=true&domain=celebrities.id&account=
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-26.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 03:30:13 GMT
Via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 23254
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: wO7pRLj47Nw4Z0h3lmY9Ws_EnWJhwklQH-MSVgyJ890088jNCe7OTg==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 295ms
97ms Image
text/plain 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
server: Server

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1195920326&t=pageview&_s=1&dl=https%3A%2F%2Fwww.celebrities.id%2F&ul=en-us&de=UTF-8&dt=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2082706161&gjid=400334425&cid=1829247102.1630317466&tid=UA-191911166-1&_gid=1232049928.1630317466&_r=1&gtm=2wg8p0WKWHPTT&cd1=null&cd2=null&cd3=null&cd4=null&cd5=null&cd6=null&cd7=null&cd8=null&cd9=null&cd10=null&cd11=null&cd13=GTM-WKWHPTT&cd14=1630317466471.23pyund&cd16=2021-08-30T11%3A57%3A46.471%2B02%3A00&cd15=1829247102.1630317466&z=558171479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.celebrities.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-191911166-1&cid=1829247102.1630317466&jid=2082706161&gjid=400334425&_gid=1232049928.1630317466&_u=YEBAAEAAAAAAAC~&z=932519352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Aug 2021 09:57:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.celebrities.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8C4W0ZLTTR&gtm=2oe8p0&_p=1195920326&sr=1600x1200&ul=en-us&cid=1829247102.1630317466&_s=1&dl=https%3A%2F%2Fwww.celebrities.id%2F&dt=Berita%20Artis%20Indonesia%2C%20Hollywood%2C%20dan%20Bollywood%20Terbaru%20Hari%20Ini%20%7C%20Celebrities.id&sid=1630317466&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C4W0ZLTTR&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.celebrities.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-191911166-1&cid=1829247102.1630317466&jid=2082706161&_u=YEBAAEAAAAAAAC~&z=440499316

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-191911166-1&cid=1829247102.1630317466&jid=2082706161&_u=YEBAAEAAAAAAAC~&z=440499316

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021081901.js Show response
securepubads.g.doubleclick.net/gpt/ 331 KB
116 KB 75ms
49ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118670
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 171 B
141 B 76ms
48ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.celebrities.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

8928d4579251bfbba084fa9a26fbd220df1f1eb54a44e27d5cee506aec1ed017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 master_707LZp5dS0_318_lulur_kunyit.jpg
img.celebrities.id/okz/900/OAV380/ 39 KB
39 KB 1078ms
1077ms Image
image/webp 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/900/OAV380/master_707LZp5dS0_318_lulur_kunyit.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca33eaaf6e5f4e943930a162e36d0efeefaa14b1aaddaf9b258416208b55deb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 66613
vary: User-Agent,Save-Data, Accept-Encoding
content-length: 39452
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-4W7cbfcviZ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/webp
cache-control: max-age=314656784
accept-ranges: bytes
cf-ray: 686d283dbc624303-FRA
link: <http://img.celebrities.id/okz/900/OAV380/master_707LZp5dS0_318_lulur_kunyit.jpg>; rel="canonical"
expires: Wed, 20 Aug 2031 06:37:35 GMT

GET
H2 200 master_00cqBh88q0_1021_mayang_yudittia_pakai_baju_pengantin.jpg
img.celebrities.id/okz/900/G373PA/ 39 KB
39 KB 1120ms
1119ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/900/G373PA/master_00cqBh88q0_1021_mayang_yudittia_pakai_baju_pengantin.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

383c76994b3c50b0596858a668f987c6aecef5ac739636f504d8bfe26be8f42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 39552
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 07:45:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283e1d404303-FRA
link: <http://img.celebrities.id/okz/900/G373PA/master_00cqBh88q0_1021_mayang_yudittia_pakai_baju_pengantin.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_P0154Qg7sW_1659_engkan_herikan.jpg
img.celebrities.id/okz/900/IxL356/ 67 KB
67 KB 1830ms
1829ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/900/IxL356/master_P0154Qg7sW_1659_engkan_herikan.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc040dd20b4b22dd9ca908491ae1298bdbcb48ad17bbdc73029a1741b0bee78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 68826
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 07:02:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d283ffa174303-FRA
link: <http://img.celebrities.id/okz/900/IxL356/master_P0154Qg7sW_1659_engkan_herikan.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_No9K18rj53_1910_bocoran_ikatan_cinta_30_agustus_2021.JPG
img.celebrities.id/okz/900/8D2Wg9/ 49 KB
49 KB 1168ms
1166ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/900/8D2Wg9/master_No9K18rj53_1910_bocoran_ikatan_cinta_30_agustus_2021.JPG

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93a8c8101d6f5c8dda35df74d73975a423d27cf01a4ca1939c794f2be446f609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
content-length: 50004
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 06:15:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28404b014303-FRA
link: <http://img.celebrities.id/okz/900/8D2Wg9/master_No9K18rj53_1910_bocoran_ikatan_cinta_30_agustus_2021.JPG>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 master_7195U1DhJi_563_heboh_chef_juna_pamit_dari_masterchef_indonesia.jpg
img.celebrities.id/okz/900/184PTv/ 50 KB
50 KB 686ms
685ms Image
image/jpeg 2606:4700:10::6816:21af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/900/184PTv/master_7195U1DhJi_563_heboh_chef_juna_pamit_dari_masterchef_indonesia.jpg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e9fa6f89f27bf0c7873b646e795c101552b7784759b7093390246dced5f627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:51 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=52083, status=webp_bigger
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 51322
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Aug 2021 04:39:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 686d28410d4b4303-FRA
link: <http://img.celebrities.id/okz/900/184PTv/master_7195U1DhJi_563_heboh_chef_juna_pamit_dari_masterchef_indonesia.jpg>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
853 B 50ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.celebrities.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebrities.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
26 KB 379ms
378ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3214022336821162&correlator=105209702043143&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210830&iu_parts=7108725%2CDesktop-Home-Billboard%2CDesktop-Home-Rectangle1%2CDesktop-Home-Rectangle2%2CDesktop-Home-Rectangle3%2CDesktop-Home-StreamAd1%2CDesktop-Home-StreamAd2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x90%2C300x250%2C300x250%2C300x250%2C468x60%7C507x146%2C468x60%7C507x146&prev_scp=Celebrities%3DWP%7CCelebrities%3DWP%7CCelebrities%3DWP%7CCelebrities%3DWP%7CCelebrities%3DWP%7CCelebrities%3DWP&cookie_enabled=1&bc=31&abxe=1&lmt=1630317467&dt=1630317467134&dlt=1630317465443&idt=1620&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1130%2C1130%2C1130%2C170%2C170&adys=274%2C892%2C924%2C2518%2C2221%2C2816&adks=341882445%2C2214607045%2C1089344311%2C711141615%2C1404012705%2C3913004324&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.celebrities.id%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x0%7C300x0%7C300x0%7C932x0%7C932x0&msz=1600x0%7C300x0%7C300x0%7C300x0%7C932x0%7C932x0&ga_vid=1829247102.1630317466&ga_sid=1630317467&ga_hid=1195920326&ga_fc=false&fws=4%2C0%2C0%2C0%2C4%2C4&ohw=1600%2C0%2C0%2C0%2C932%2C932&btvi=0%7C0%7C0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a7dc2ee42f3d2be83f619f97b4272989c7a39c55502888d9250bc1e278f2fabe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27100
x-xss-protection: 0
google-lineitem-id: -1,5766791017,5774976158,5720196946,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138359911239,138360898626,138352949112,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.celebrities.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C635 6 KB
3 KB 59ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 09:57:47 GMT
expires: Tue, 30 Aug 2022 09:57:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 config-widget.js Show response
www.visionplus.id/watch/video/shareconf/ Frame C6EB 2 KB
2 KB 204ms
203ms Script
application/javascript 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/watch/video/shareconf/config-widget.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-147.mncplaymedia.com
Software: nginx /
Resource Hash: db61febe18f0bdf62c8edd7896879292c56b57aa55c11bc455b732be87d85f24

Request headers

Referer: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
last-modified: Monday, 30-Aug-2021 09:57:47 GMT
server: nginx
etag: "60e6f009-806"
content-type: application/javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 2054
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 config-widget.js Show response
www.visionplus.id/watch/video/ Frame C6EB 2 KB
2 KB 205ms
204ms Script
application/javascript 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/watch/video/config-widget.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-147.mncplaymedia.com
Software: nginx /
Resource Hash: db61febe18f0bdf62c8edd7896879292c56b57aa55c11bc455b732be87d85f24

Request headers

Referer: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
last-modified: Monday, 30-Aug-2021 09:57:47 GMT
server: nginx
etag: "60fa8ad6-806"
content-type: application/javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 2054
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame C6EB 101 KB
40 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1e53744547d3d6b3a8399a0764e4baa3a5dfa50ddca4e9676faa6017545ccda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41233
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame C6EB 101 KB
40 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154114411-1

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29e5689426719aa1c3ba710129511bc9eec4ac17fcf943c1aa14d4433dbbb5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41233
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame C6EB 86 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 12:13:40 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C6EB 72 KB
25 KB 33ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

8db951f0a4e285acd1cc82d3b93714a68326469d485955e47e13724b2b58a1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "973 / 881 of 1000 / last-modified: 1630313588"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25581
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2

200

app_logo.png
www.visionplus.id/statics/ Frame C6EB
Redirect Chain

https://visionplus.id/statics/app_logo.png
https://www.visionplus.id/statics/app_logo.png

10 KB
11 KB

211ms
211ms

Image
image/webp

202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.visionplus.id/statics/app_logo.png

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-147.mncplaymedia.com

Software

nginx /

Resource Hash

2a1ec7352d803617f674dde77d88b2a1b5aae528bf329fe6bb50a0483fa3e114

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com .okezone.com .visionplus.id *.rctiplus.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-original-content-length: 25199
server: nginx
etag: W/"PSA-aj-X3tHSkyOd8"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: web-api.visionplus.id
cache-control: max-age=2571728, public
date: Mon, 30 Aug 2021 09:57:47 GMT
content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com *.visionplus.id *.rctiplus.com
accept-ranges: bytes
content-length: 10532
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 04:19:56 GMT

Redirect headers

location: https://www.visionplus.id/statics/app_logo.png
date: Mon, 30 Aug 2021 09:57:47 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 ph_3-2.jpg
www.visionplus.id/watch/video/img/ Frame C6EB 4 KB
4 KB 207ms
205ms Image
image/jpeg 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/watch/video/img/ph_3-2.jpg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-147.mncplaymedia.com
Software: nginx /
Resource Hash: bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03

Request headers

Referer: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
last-modified: Monday, 30-Aug-2021 09:57:47 GMT
server: nginx
etag: "60e6e573-10a0"
content-type: image/jpeg
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 4256
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 Ellipse-Play.svg
www.visionplus.id/watch/video/img/group1283/ Frame C6EB 2 KB
2 KB 206ms
203ms Image
image/svg+xml 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/watch/video/img/group1283/Ellipse-Play.svg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-147.mncplaymedia.com
Software: nginx /
Resource Hash: 3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1

Request headers

Referer: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
last-modified: Monday, 30-Aug-2021 09:57:47 GMT
server: nginx
etag: "60e6e672-659"
content-type: image/svg+xml
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 1625
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 ph_2-3.jpg
www.visionplus.id/watch/video/img/ Frame C6EB 4 KB
5 KB 394ms
391ms Image
image/jpeg 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/watch/video/img/ph_2-3.jpg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-147.mncplaymedia.com
Software: nginx /
Resource Hash: b0dc90afe31208b1a7dbf1b54f6db85a7d7a1b6b68b5cf1b9bad6e7429f0f719

Request headers

Referer: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
last-modified: Monday, 30-Aug-2021 09:57:47 GMT
server: nginx
etag: "60e6e573-1162"
content-type: image/jpeg
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 4450
expires: Mon, 30 Aug 2021 09:57:46 GMT

GET
H2 200 analytics.js Show response
analytics.rctiplus.com/tracking/ Frame 1456 7 KB
2 KB 768ms
733ms Script
application/javascript 2606:4700:10::6816:2cd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rctiplus.com/tracking/analytics.js?id=RA-000001-1
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15, Dark Phoenix
Resource Hash: b21c219451df5ab4fdcf66e9106bbeaa4e1167b035a79248167127d7ac53890b

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: PHP/7.4.15, Dark Phoenix
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
cf-ray: 686d282a2bebe00b-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-robots-tag: noindex

GET
H/1.1 200
OK rcti__news.png
rstatic.akamaized.net/fta_rcti/logo/ Frame 1456 11 KB
11 KB 59ms
23ms Image
image/png 2a02:26f0:6c00::210:ba22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rstatic.akamaized.net/fta_rcti/logo/rcti__news.png
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 09:57:47 GMT
Akamai-Mon-Iucid-Del: 1085936
Last-Modified: Thu, 29 Apr 2021 05:19:32 GMT
ETag: "608a41e4-2ad3"
Access-Control-Max-Age: 900
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 10963

GET placeholder.jpeg
rstatic.akamaized.net/fta_rcti/logo/ Frame 1456 0
0

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame 1456 93 KB
36 KB 20ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e758f530d6d22acac580926f4d85e40deff4d0688f46cc159bed262f77ea53f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37209
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 1630316933_img-20210830-wa0019.jpg
cdn.bukamatanews.id/imageresize/images/ Frame 1456 68 KB
69 KB 48ms
18ms Image
image/jpeg 2606:4700:3033::6815:ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bukamatanews.id/imageresize/images/1630316933_img-20210830-wa0019.jpg
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: c814ca188a2de5039a11e505dbcea0632cb9f1a2332e4ece68ac26ac04dfa0bd

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235
x-powered-by: PHP/7.2.34
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 69489
last-modified: Mon, 30 Aug 2021 09:53:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgYcvT0GLqWQC1RHpa2rOrJO3piZQ0wE3mhveMe5RUBmEdA1blhELWgpSr0p%2FCYA63Y6r6fNNGyiryZwT%2BbH%2BiYRfiXJb0fz9Y%2B2SPHNZO9vRruOrUwWPJRIEVfk%2FG48ogysRJ%2F84jMAwfo%2FKm3bA36a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 686d282a289805b7-FRA
expires: Wed, 29 Sep 2021 09:53:51 GMT

GET
H2 200 i-made-tisnu-wijaya-salah-seorang-penyuluh-muda-non-pns-_180813123833-937.jpg
static.republika.co.id/uploads/images/detailnews/ Frame 1456 38 KB
38 KB 947ms
126ms Image
image/jpeg 148.72.153.139
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.republika.co.id/uploads/images/detailnews/i-made-tisnu-wijaya-salah-seorang-penyuluh-muda-non-pns-_180813123833-937.jpg
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.153.139 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: usloft5321.startdedicated.com
Software: /
Resource Hash: 1db64f44a52b90c2efa7721ae6c60b811e54d7577cc62da0ced65681d1a75106

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
last-modified: Mon, 13 Jan 2020 17:49:05 GMT
x-amz-request-id: Q8DH6QG0CMPJ5S12
etag: "bb7da17d559a184cd0f526b9a8bd58e0"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 38861
x-amz-id-2: HWGr4hYWyDyjnyTHtJl8eaElZ0zF00KvguGNDI03wZaJt53hCH+hRqDX11WQLv5S84sTsIpp/gY=

GET
H2 200 petugas-menyiapkan-vaksin-moderna-saat-pelaksanaan-vaksinasi-untuk-masyarkat_210830123532-556.jpg
static.republika.co.id/uploads/images/detailnews/ Frame 1456 13 KB
14 KB 947ms
126ms Image
image/jpeg 148.72.153.139
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.republika.co.id/uploads/images/detailnews/petugas-menyiapkan-vaksin-moderna-saat-pelaksanaan-vaksinasi-untuk-masyarkat_210830123532-556.jpg
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.153.139 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: usloft5321.startdedicated.com
Software: /
Resource Hash: a093ef19c590c390717a0743b68b3ae832e6a801d31c325cb273eae2408a2bff

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
last-modified: Mon, 30 Aug 2021 05:35:33 GMT
x-amz-request-id: 9W81NNF8HVZTY618
etag: "6bfc73cc40289a03780ff84fe1805efc"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13796
x-amz-id-2: +ml6jl9K5wW35ErtesKpGhBFpTpQsO3+V5fLlzlbql0bA7v755LLXebzHdWg9YAg/au2u21Fagc=

GET
H2 404 /
static.republika.co.id/uploads/images/detailnews/ Frame 1456 0
0 1938ms
1117ms Image
application/xml 148.72.153.139
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.republika.co.id/uploads/images/detailnews/
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.153.139 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: usloft5321.startdedicated.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 bupati-probolinggo-puput-tantriana-sari-kedua-kanan-keluar-dari_210830164949-612.jpg
static.republika.co.id/uploads/images/detailnews/ Frame 1456 32 KB
32 KB 947ms
126ms Image
image/jpeg 148.72.153.139
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.republika.co.id/uploads/images/detailnews/bupati-probolinggo-puput-tantriana-sari-kedua-kanan-keluar-dari_210830164949-612.jpg
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.153.139 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: usloft5321.startdedicated.com
Software: /
Resource Hash: 491430c9085ac480842f5a4755dd800f62fdf3bcf39cedc8ed67622a39acc9c5

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
last-modified: Mon, 30 Aug 2021 09:49:55 GMT
x-amz-request-id: BG06NGE8M0DGK14V
etag: "04f53f5c2fe3bc5fd26d75eb8ef75c57"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 32945
x-amz-id-2: Hc0qv/h8TKRND4iim2HDvHcJ+33Z1fe346P+ADcbM3Q8vY4kUjWb8eJZwouvXIp9sU2IGf2/OOQ=

GET
H2 200 kabid-humas-polda-metro-jaya-kombes-pol-yusri-yunus_210708182421-393.jpg
static.republika.co.id/uploads/images/detailnews/ Frame 1456 18 KB
18 KB 947ms
126ms Image
image/jpeg 148.72.153.139
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.republika.co.id/uploads/images/detailnews/kabid-humas-polda-metro-jaya-kombes-pol-yusri-yunus_210708182421-393.jpg
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.153.139 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: usloft5321.startdedicated.com
Software: /
Resource Hash: c307f94c94142e8094ae311b6b9a7faba61069b91dc672132f67a7e76596a27d

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
last-modified: Thu, 08 Jul 2021 11:24:28 GMT
x-amz-request-id: JRB7PQKZKWMNTXJJ
etag: "b5b333e2d900af34a445ceb2afaf0d3a"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18258
x-amz-id-2: F+i7hK9WDuCjdH2yLJaipBB60bCJExq5YMEZJg/mSOtKYy8rYRSDAP6/s8hSGlqhjz8iMZQl2Kw=

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 1456 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1528
date: Mon, 30 Aug 2021 09:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 30 Aug 2021 11:32:19 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/ Frame 1456
Redirect Chain

https://sb.scorecardresearch.com/cs/9013027/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

12ms
12ms

Script
application/javascript

13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:43:45 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 842
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: V9GPPXhhE-NybD6P0-67d_ylfRUigH7AZy6vkLm4NKZfXrfyKT5jlw==

Redirect headers

date: Mon, 30 Aug 2021 09:57:47 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: 9htJMr-whiGGsn8lYQSl_HZhSdT8T1munlwCRE621_3OGS9__dVJ0g==

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame 1456 4 KB
2 KB 12ms
11ms Script
application/javascript 13.224.93.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-123.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 10770620
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: WlhH3oFK7PM-MhvnOjevkEX4Pbx4n10UB6mWCyCz6pFdz8_4qsTOmA==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame 1456 43 B
552 B 12ms
11ms Image
image/gif 13.224.93.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=650&frame_width=300&iframe=1&title=RCTI%2B&time=1630317467297&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.celebrities.id%2F&host_url=https%3A%2F%2Fwww.rctiplus.com%2Fidx%2Fnews&random_number=3756457545&sess_cookie=782d47ef17b967e56a0495c504c&sess_cookie_flag=1&user_cookie=782d47ef17b967e56a0495c504c&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-26.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 03:30:13 GMT
Via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 23255
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: Wi65rWYVjCvZgdJsOx-ExnrdUyeH2DgZfu9BQAVy2jQMj34jpQfsHg==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 1456 0
47 B 98ms
98ms Image
text/plain 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
server: Server

GET
H2 204 b
sb.scorecardresearch.com/ Frame 1456 0
338 B 21ms
19ms Image
text/plain 13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b2&cv=3.8.0.210223&ns__t=1630317467311&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.rctiplus.com%2Fidx%2Fnews&c8=RCTI%2B&c9=https%3A%2F%2Fwww.celebrities.id%2F
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/idx/news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 2QsmH00cvHp-jhz7F93AxML4687x4GuUmHkm326c4RymT-k4FwZp4w==
x-cache: Miss from cloudfront

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame C6EB 1 KB
1 KB 14ms
11ms Script
application/javascript 13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:46:53 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 654
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iaIlKRmFBy_x3KvtGz_hoAfM4gW8eiRzYK9eakw8d8mIwxjKNT2cHg==

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame C6EB 92 KB
36 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRZJRWG

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d980578554151c34bc4e73b3e73f6b33b6bc726927ca49544de80e62805a398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36548
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame C6EB 4 KB
2 KB 13ms
12ms Script
application/javascript 13.224.93.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-123.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 10770620
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: LRZDcMgY5io-gcDGEm1Jhx-SVyWsYc0MV2JbKl5n6X1NZGSmkZCzbw==

GET
H2 200 1.JiBnMqyl6S.gif
www.visionplus.id/pagespeed_static/ Frame C6EB 53 B
493 B 203ms
200ms Image
image/gif 202.147.193.147
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.visionplus.id/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.147 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-147.mncplaymedia.com

Software

nginx /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com .okezone.com .visionplus.id *.rctiplus.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff, nosniff
last-modified: Mon, 30 Aug 2021 09:57:47 GMT
server: nginx
etag: W/"0"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/gif
access-control-allow-origin: web-api.visionplus.id
cache-control: max-age=31536000
content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com *.visionplus.id *.rctiplus.com
link: <https://www.visionplus.id/pagespeed_static/1.JiBnMqyl6S.gif>; rel="canonical"
x-xss-protection: 1; mode=block

GET
H2 200 e689a84c-690.jpg
static.mncnow.id/images/vod/ Frame C6EB 18 KB
18 KB 798ms
387ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/e689a84c-690.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

0a5742e2d705210e21bf2a7ddbcd792baa551689aa45c03edbe89886aba787c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 26411
server: nginx
etag: W/"PSA-aj-G7_biC7YJc"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585280
date: Mon, 30 Aug 2021 09:57:47 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 17978
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:28 GMT

GET
H2 200 3652.jpg
static.mncnow.id/images/vod/cc51ab39/ Frame C6EB 20 KB
20 KB 1099ms
689ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/cc51ab39/3652.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

befeefbc5911d298c40f271d099f15c108d43103226fd9b3397df9fc46789376

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 31282
server: nginx
etag: W/"PSA-aj-3j1Jak7ePY"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585282
date: Mon, 30 Aug 2021 09:57:47 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 20556
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:30 GMT

GET
H2 200 d116.jpg
static.mncnow.id/images/vod/b67bcdc7/ Frame C6EB 28 KB
29 KB 1020ms
610ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/b67bcdc7/d116.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

6c5e25d2f74c0641299178addade159556ba9ebbb614e26ae2a67c2285410bc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 37300
server: nginx
etag: W/"PSA-aj-abIm7_rR7u"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585282
date: Mon, 30 Aug 2021 09:57:47 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 28990
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:30 GMT

GET
H2 200 e381.jpg
static.mncnow.id/images/vod/9c6ba829/ Frame C6EB 27 KB
27 KB 997ms
587ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/9c6ba829/e381.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

aeae7a4201eef0759aca02a6555c91259b3597c5a517512fb1bd29086760be5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 37231
server: nginx
etag: W/"PSA-aj-A1EdycL_kT"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585282
date: Mon, 30 Aug 2021 09:57:47 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 27220
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:30 GMT

GET
H2 200 39a0.jpg
static.mncnow.id/images/series/dd8efbe3/ Frame C6EB 32 KB
32 KB 1098ms
689ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/dd8efbe3/39a0.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

6ca6012a65b0fc4e1d333c8f8a2f7c4089e13cc3b0ced4e4c909b675663d579e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 43500
server: nginx
etag: W/"PSA-aj-D0QhXBC-ec"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585280
date: Mon, 30 Aug 2021 09:57:47 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 32342
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:28 GMT

GET
H2 200 7d19.jpg
static.mncnow.id/images/series/02581b7a/ Frame C6EB 16 KB
17 KB 841ms
432ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/02581b7a/7d19.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

fd201c200e10f85a1efbee9694fad8eb9358be7d1fa844ebc1b5eb072d802408

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 27713
server: nginx
etag: W/"PSA-aj-G8elOohz9Y"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585280
date: Mon, 30 Aug 2021 09:57:47 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 16858
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:28 GMT

GET
H2 200 39d8.jpg
static.mncnow.id/images/series/c77c232c/ Frame C6EB 19 KB
19 KB 578ms
577ms Image
image/webp 202.147.193.157
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/c77c232c/39d8.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-157.mncplaymedia.com

Software

nginx /

Resource Hash

4d8d71d893ea2edf609623b6f3d1b8ba6c8e81d24a6d5071d0abf2837093cee1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
x-content-type-options: nosniff
x-original-content-length: 27682
server: nginx
etag: W/"PSA-aj-no36GZZI9q"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=585279
date: Mon, 30 Aug 2021 09:57:48 GMT
accept-ranges: bytes
vary: User-Agent,Save-Data
content-length: 19156
x-xss-protection: 1; mode=block
expires: Mon, 06 Sep 2021 04:32:28 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame C6EB 43 B
552 B 12ms
12ms Image
image/gif 13.224.93.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=640&frame_width=300&iframe=1&title=Vision%2B&time=1630317467472&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.celebrities.id%2F&host_url=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&random_number=2897948321&sess_cookie=999eede417b967e574d2e1700e7&sess_cookie_flag=1&user_cookie=999eede417b967e574d2e1700e7&user_cookie_flag=1&dynamic=true&domain=visionplus.id&account=s+Whw1O7kI20L7&jsv=20130128&user_lang=en-US
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-26.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 03:30:13 GMT
Via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 23255
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: qJUNQdssBm90-cyN5H2-yip-vk5KCvgqDBvGF7lPITwLQjCBGFxD5w==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame C6EB 0
47 B 101ms
100ms Image
text/plain 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
server: Server

GET
H2

200

b2
sb.scorecardresearch.com/ Frame C6EB
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&ns__t=1630317467474&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Vision%2B&c7=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&c9=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630317467474&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Vision%2B&c7=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&c9=htt...

64 B
329 B

22ms
20ms

Image
image/gif

13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630317467474&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Vision%2B&c7=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&c9=https%3A%2F%2Fwww.celebrities.id%2F
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: otj1oVu3sTIBtgwIYs5b7nogVclY7lhPOfGnPe5SfckF8ySQSe8YxQ==

Redirect headers

date: Mon, 30 Aug 2021 09:57:47 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630317467474&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Vision%2B&c7=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&c9=https%3A%2F%2Fwww.celebrities.id%2F
content-length: 251
x-amz-cf-id: jA4Xh5E2ORP-ypKO5AMOf-_cgTakGs2yfeZJhWgkiaM5NlJWSKn75w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C6EB 101 KB
40 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111351533-7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154114411-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c7b1ab183e5e16199a0a8967d252b71902e8273408ed57d6858eb1fabf9965e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41247
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C6EB 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1528
date: Mon, 30 Aug 2021 09:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 30 Aug 2021 11:32:19 GMT

GET
H3-29 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C6EB 333 KB
117 KB 28ms
27ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:47 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame C6EB 2 B
22 B 14ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1960440393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&dr=https%3A%2F%2Fwww.celebrities.id%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=300x640&je=0&_u=YEBAAUABAAAAAC~&jid=1951808766&gjid=610959178&cid=657148208.1630317468&tid=UA-111351533-7&_gid=1998904804.1630317468&_r=1&gtm=2ou8p0&z=598469359

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame C6EB 1 B
21 B 19ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1960440393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&dr=https%3A%2F%2Fwww.celebrities.id%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=300x640&je=0&_u=YEDAAUABAAAAAC~&jid=770123314&gjid=1168381476&cid=657148208.1630317468&tid=UA-154114411-1&_gid=1998904804.1630317468&_r=1&gtm=2ou8p0&z=103537319

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame C6EB 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1960440393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&dr=https%3A%2F%2Fwww.celebrities.id%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=300x640&je=0&_u=YEDAAUABAAAAAC~&jid=2109981527&gjid=1841878950&cid=657148208.1630317468&tid=UA-111351533-1&_gid=1998904804.1630317468&_r=1&gtm=2wg8p0TRZJRWG&z=1681033681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame C6EB 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1960440393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&dr=https%3A%2F%2Fwww.celebrities.id%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=300x640&je=0&_u=YEDAAUABAAAAAC~&jid=1595013153&gjid=246135534&cid=657148208.1630317468&tid=UA-111351533-7&_gid=1998904804.1630317468&_r=1&gtm=2wg8p0TRZJRWG&z=229469666

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame C6EB 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1960440393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&dr=https%3A%2F%2Fwww.celebrities.id%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=300x640&je=0&_u=YEDAAUABAAAAAC~&jid=1089248497&gjid=876297742&cid=657148208.1630317468&tid=UA-154114411-1&_gid=1998904804.1630317468&_r=1&gtm=2wg8p0TRZJRWG&z=1749152018

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A4D 6 KB
3 KB 11ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 09:57:47 GMT
expires: Tue, 30 Aug 2022 09:57:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B678 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 09:57:47 GMT
expires: Tue, 30 Aug 2022 09:57:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame C6EB 1 B
87 B 48ms
7ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-111351533-7&cid=657148208.1630317468&jid=1951808766&gjid=610959178&_gid=1998904804.1630317468&_u=YEBAAUAAAAAAAC~&z=1324498493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Aug 2021 09:57:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame C6EB 1 B
67 B 48ms
13ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-111351533-7&cid=657148208.1630317468&jid=1595013153&gjid=246135534&_gid=1998904804.1630317468&_u=YEDAAUABAAAAAC~&z=1268805684

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Aug 2021 09:57:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D72D 0
0 54ms
52ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK4igNf-N_R9_hha4X03M_1Yt4N_szEG0VpocICy9FNr2BNmnVOqnTgCVS3Yx27-xdDc7Y6ct7mWlDd7iDSUXihzWvbdCeGTxaLdIxeQtANReO4WdqTOH-Rz-Mikhd8J95A5HPIh9EFus7rlHQR8fFy5_j_2eB8uyGpkS-TnX3uDASs0-7e89WKsjeunMHZF3pGK1BShi5S_R2XLXuyE68vvHAo5i5Xa8I34ZLbHtNcFuUoPQXaKj_8uv7EuszZQk-Cx4ARTLyPP83yn5oYKxWr1P44SgNYYrwH7Q2BMYWrWLpNRi_1_6dri4px4YK-6qS8zbx&sai=AMfl-YS9EwJecdjuQfMdCSeF-pJfRL2r87KIDx3hXlAxAeulMf8nkPflkEXPYkSD7bNFTK5nr8Gy_hRK-VrBBT7d5hDRzCGpuzKrq86E3RgVXJZrMpc2ztqLsi6WhSAeRDo&sig=Cg0ArKJSzPHgu9NUYxVzEAE&adurl=

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame D72D 18 KB
8 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:53:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame D72D 2 KB
1 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:52:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D72D 122 KB
37 KB 60ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D72D 0
0 30ms
20ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT96du7Y4Jdo-ohozpKMRzdUqteqke7UUHCazzmCQkSLA29goP2ry8ZrS-LYhy37HCJcSzh9MQ3p8Cv_PZchSzj9xnh8Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 12825267515635651139
tpc.googlesyndication.com/simgad/ Frame D72D 48 KB
48 KB 25ms
12ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12825267515635651139

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c419ff0603ffa41a17c9ab73f3a10588bfa4bbd5f9e75feb8eec7fd78dbd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 05:53:50 GMT
x-content-type-options: nosniff
age: 187437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49123
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 04:39:11 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 05:53:50 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA38 0
0 97ms
91ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuGL5irxV5tMGuXILyqyRZF6NFdyGwrhZuegl9lhuZ4ulMhpwiOebn34afR4iAoKTRbxP0sd7Jk05J7YfnK9ie80UKQprA89yD8c6rDrM3E3xA0-RSzdua6o0GwGb0mJ_dlD87MXLAoQ2QtHIQiCHVx7iP-4e5QwrcblQjUZx6YBzqRSFhg175kcY3tr-QwLaX96AdYrLnph_b_WE4A3egH2SZoPxn-qfZEAGn7IOKVilVRaBEPD2_TU617u7vr6FvPS2xvFj0Ez51JIPDmY3oMv9IGoxXb6wj_YL8nQP0un60o59Jpu0avRmIPK7DipfrEaiZ&sai=AMfl-YT7HQB_XGeGivbvbm7Nv5XDwohJO1XaHbu6e-HgJXeta4JG1L3k47ILQlU8YJkz4ibXmmCKSBZoewH7zVp6wLjnp5QEmSUaBsnTT3puLzjoiEnlrOAJbsvWCDkJV-o&sig=Cg0ArKJSzJ-QYHDbL-yOEAE&urlfix=1&adurl=

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ Frame DA38 3 KB
2 KB 197ms
86ms Script
application/javascript 143.204.98.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=10
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-68.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:56:38 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
age: 194
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: FRA50-C1
content-length: 1921
x-amz-cf-id: qBn8b6H20AdLHH7AGdqc41x-piqTMQiCskX_PTiwQLDhWrqsLbtsZA==
expires: Mon, 30 Aug 2021 10:04:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA38 122 KB
37 KB 90ms
74ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame C6EB 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.visionplus.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C6EB 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.visionplus.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C6EB 36 KB
14 KB 62ms
61ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=31741941313801&correlator=3855567876996174&output=ldjh&impl=fifs&eid=31062433%2C44749369%2C31062297%2C31062093&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210830&iu_parts=7108725%2CVplus-Widget-Banner-Celebrities.id&enc_prev_ius=%2F0%2F1&prev_iu_szs=243x110%7C243x100&cdm=www.visionplus.id&bc=31&abxe=1&lmt=1630317467&dt=1630317467938&dlt=1630317467166&idt=691&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=640&oid=3&adxs=29&adys=476&adks=3454084221&ucis=qefjktifuxka&ifi=1&ifk=3519364446&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=https%3A%2F%2Fwww.visionplus.id%2Fwatch%2Fvideo%2Fwidget-dark.html%3Ffr%3Dcb&ref=https%3A%2F%2Fwww.celebrities.id%2F&top=https%3A%2F%2Fwww.celebrities.id%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=284x-1&msz=243x-1&ga_vid=657148208.1630317468&ga_sid=1630317468&ga_hid=1960440393&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e22da8c05934a721acc491a909e08d5a943d3e45b0189ce72acbf04bc636a185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
google-lineitem-id: 5754996176
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138358787212
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D47 6 KB
3 KB 33ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.visionplus.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.visionplus.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 09:57:47 GMT
expires: Tue, 30 Aug 2022 09:57:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D72D 0
0 59ms
59ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviWWDY1wFePsxG0qO2pirTuxAJWBXFjqaqQcTSMxp08dOYsTzdSQ0vP-9H3ZJX24tsFSlT331TBR0N0N9gqHQA5W5pI4GW0p6USGVoZQeSIARFXzZE_IemRf9V2Sv6msdrktx4TXHnJoSP_FrpwEQ-XxZvDYMY_5REb1HYpJL9zpxaG1tdiq2-73MKeCG67qF_zGVWwwl9b-tGSEh26kLjMGmFis96YU3sceF7DR2pdJOGdbtdlaEavSvy5IuldrfHWaBKhV_nNCyfYAZCbS2AyXqPdZzLndzaq2dSnI3q4ltTX-_ypD8O_9MmTbw1khoUQjrFhxE&sai=AMfl-YR0wwkcf-1WnpXKSHMo7gu__S1loxed6viG4ohrgIGXJC0FDIeBpKTIzejkrJBUNf9geZ33UEPJty1YRsAJjh5ESI8VffbymMpinGqOUdRXZ-8Mv9m1V1GrhE6NLLA&sig=Cg0ArKJSzEjTz9455RxtEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
DATA 200
OK truncated
/ Frame D72D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 943e399ee5b2f550e101685962d525866d8ce2473cc47d8f718e392126d2e4d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C22C 0
0 88ms
87ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwnWOraqEJE6FJTgjglJtPjDtDNN13DUJzBMTmJJdwBi5qxAs5bkzpqVS82whTn9S9QOu8Ms2-dwE1w3f_8VoKhQ6XWXd_HmlqucfFxAC2GSpf5OO_87IclXKD4-X4Q2KIN-5W3NJzbUucz8uw9tr3OliyzGw_6aAkoiUtdyOobXbYmvpf6sid72baaGO36FlwG-vmOc-J6AHh0i_iiqDagBbW33APv69p_ImeaONrFYg9dSxucC4R0OXuQFk-xTcUh6N20M2VAarPfxLg2kk_K397FXJTbU_wHtlZggxPiG9gv7zZkA2xl1VLYusZUya4tlkwulR-2pi8CnJp&sig=Cg0ArKJSzNXvkekpKXgsEAE&adurl=

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame C22C 18 KB
7 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:43:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame C22C 2 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:51:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C22C 122 KB
37 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C22C 0
0 19ms
18ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIisZQjjoFFszEwwIk1uGO9QsZwdRAp9v7ewvmQN8XDw0h9dNDhjnyGq5UIFXMkvqmejiNNZjgsY2-jsu859WFW894DQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 14804006724283459157
tpc.googlesyndication.com/simgad/ Frame C22C 30 KB
30 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14804006724283459157

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

560c51f7d52eb7f7d0ab8b4246e7f9c767b1ad9a7d8b02aefd09eddab83a2a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 00:50:48 GMT
x-content-type-options: nosniff
age: 378420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30791
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 11:29:58 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 00:50:48 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6EB 72 KB
27 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
DATA 200
OK truncated
/ Frame DA38 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a1920b835fcaed3b2fca1ee1cabc37e2a28036f7050d04e66d10d69a35534a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 07A2 478 B
303 B 63ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDEnYwBGIbeq6kBMAE&v=APEucNUgJ8cZOeVh_-mGUoT7-9AafkRdSbT6NXwnjAUL69NXje0JEQ7s6QZmkTRBXUsK0LyPEg1v7-b2wJyi825c1OP66WruMA

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPDkLxDEnYwBGIbeq6kBMAE&v=APEucNUgJ8cZOeVh_-mGUoT7-9AafkRdSbT6NXwnjAUL69NXje0JEQ7s6QZmkTRBXUsK0LyPEg1v7-b2wJyi825c1OP66WruMA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlfihKEGWy-BiDLYc1Cy75qdIQzhS0gYTCBUdnDAgFq1YI5iN4FsVbkcvvsqYY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 30 Aug 2021 09:57:48 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5DE1 69 KB
28 KB 99ms
91ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwPj4McP9caXPjgTixjD_uF4UrJqmiB0Sshrgs4bR0t3039yhvD_dhtSUeHPt6b0Y2EQZgiTulK4EmFbs7jVJM1EARxrOmzxg8mlek7390HDy_MRK4sj9HcLO75W71w-bR8Y_-T-MGQUXcOlbjm1oj25xNfQ&dbm_d=AKAmf-ConxEh2yiO0Ufkfj5Mjpmlv7-LcNgHwnAliweZB0ir-_5ViWk1PLCml8NL_oOINkFT1tmKquVfmiNlOs7V038qpNHCs5bZhlpEG0dNOG8OsHfZv71M49qObGO0KFm_0e9uLdPOZR5VoN5satDyh4CiFCIOx8UA0ErbfJURdAD-zzgVB2ChM4VjXD331cGKZbmN93Cnz9ZJEn4myy316GNcBXWhIDoNWmNwjJFHnCYfNUDstmB-K5Ne0noO4H5xf-WqsKni0L3X5h5WlmnE8InKxqqR3FAgnKTNMprHftFx4ywSCQR-KTi0HNj24JdQTl57XzNa-Gl7JS29uaTDXCI_fmaABsha-V36IzRRAnYW3VBqb80wF6EGU_qCZPZ8S0tdJGuHIN4DIYB5wRnaJzK5s3drGwfemg976zuJVODFqLNMANiPy-hrBV6ySACBWAhIL7CySVOUerjcxUc5Gax6wc125SPxc95kdlrBC4JgCK6B_Vt3gjXyDni2bl6yE2ifY-nyQ1jyXA-ZALeGIgHQQ0ey2eVEV182Mb9pS4wQol3nxiQEY98GH1U-86QVJrpgdsGhpiYI6RaJ-V1nW06ACPGKuAAzKGtAeGQY0l74iYQ1ttsHn1UEwEKK1Gfpiz-3YjojW4iNAc5_xPFOdiMyGC6xo1bRgeZ28-gJJTwlxO8im2N2N1MdDSMVbdt6W-RCDWUq6m9vBGzlYPxVGD3kaJnC5-3m7c7sq0rjw3OUdoZi-NPTnc1m_4hDh7RV0jGP1pAr1YsWKFxz54qDJlOH7bQw8XSinuOVf3QzWiFgCerG0XEb7bn3GFVizJr0GUgSPx8XFiwJqDBZtVQh36CJ9q-fEzkgWyTwJ19HenIPkzDJpZ3BjNkDTKe88GX1IzordvplRWhSYMX6WqnuXQExiHnPl4w_PGe6lu4IWGE6n_CyUefmootFEh_ThaOfiLo-tXkUl47hlyk6UnoyY6a24G0VxUqsPUv70lcCUqZ2yts6x_Et1kOZ81Bj-wzr3hZOQ2ZYR-B0_gPxyWCzihILIb8V_Hb6aLS6XrR-CQanxGsIBMvVIoXUYXerJPbOsdyJv1iyXznUep8-OQbKGVrZwV1qiyhrW3Uq_3I7MLr-kFIIOoahdsPH3UGjpc6vhvtP-kY0zayJVKSp3aaDVazNnZZUAQ7OA8WBUWUptIqPocrEZzotwN2MlmDjKyE3WzfYwlYrR-8ZjZNV7xsmKmnYJcBETu4P56xCwUjuHf28hzq_SlJ6AVRi9WTqjHMZ-ce7stLTMv5F7xkZLFf8uFrB-mT5HbL960Lq98tD0Zbbm17uGTLh0c1A1YFu_OEGrOExX60wLJJlvYRecHw4Cjb2Sy5zHDWTAo1O-6dP9ce16fYCbwCCp9Ub2_Ja3r73OTwZqTSyOGGxJSKNss__J8wGeoC-9QCOlwMInbHoZjnuPhs2UosDmnaQrz3oI2ztdT8xpSFckRQMbZXQJx2UfNLYoq8W7L9fs7-GCvdsQG7Koh3LZTfg5UmAzvlKNV_5dlTGuz3N10rro3_4TgreKRVD07rnTtfd5cdGF0RfpZ3oiJIkgwL6Uu7bv7Y6_cj1Y3FV9HrtUtvmEfXhlC6e8Z7SAVuT5NdWkkEEzIerPORj5MiS_8QBSHS2lXH1pEGdvCJkJixn1JlCncTHfJsbkI1qEkDwset4fLgrKWP94_g0GK8OUOlWYNAdmAIenpEmt0E_tAvWgygg3AXl3x_c8M9pur8iTeGL6_BWZJY6qBIsNV-btyFrAJNWcCZrizJVguxWmgq1phaY-eChPOMFLFPHExHw_P67kmRTNviPoe4XLMYpamXRlKm0TkJmcHlddXbqf5YFqE7AFj3I39IPfrp5gHp0mLQ-2MEZVBVZQ3wxxTe6vSAUraQFMDMvSYQ6pC4Ku3QBS8rxT4ihNb0bm52cnHeHGD8-nVXSS2ZWAfl9rCHrlOsTB7UNx7tRFQEpMpiXIgd6fPWPf7TaZh8NXHE78p1UdTiXEv1p0bMHXLOSbOs_o2wuOpVsK0ktFl47fBaxDoG4VVqSIiFH6B7oayYcSZ4R71fbfF4M9w4Px8rV8k721Ado4Y353IwtT8JOzytbGauaUiOAdqY0H9Duxu70wUv-A5YmAGpW7vlgcJ4bD5_BaMCLtaIjVnAyMQymZrFnP_MGFJfMeb0zELJ3qCUs21RXerrGmNxwt03N8MXOgFpmYynZTJKibXZuSVuxPJrnoX3_eAoi_amBQ47AHY6JntY__3ff90nrnlBiw_lOmmJfSZGHiPvMv51pZbJ81QhNo4skTDEDp5ooBBxaCeS0x3S7tuhRth1Uw5R_gMyBYoiiJHIwiAsXhcwFGbcSheWcaxLQeLcIg5g2FdUOLCGbPGTbS5zeUYSCKCmuwm4uB120tCOfbq1RqKvM2Mj5DPJdGdoKZaXpjLM5WIzUB9iH6eYOGVW51nN7-DFiENSk1RnIK2B-QyRPYr9-mQ-FbPOyqGNifN3G281rUBN-fm8UR1eAUyvEQ4kCzpB9l89fdRapQUt6IDsAjwpjmvo3DkDoVyD2zuS-NUgOmbWoIH4Qp-Y4FLUJxIrT38TSvgbUmDLH5Qi09YZ3u45dTTjsEjeLl4Tzk_av97NeOGD6ovdb5zWgzIPLY_Grpspzk_mba0X8bOK5POzWrq-d4zQEt97pnbuoYSMjh4_luQAbFFEy5OIQPab258kB_7lMQYHhPaJAN5p_BQc3tJbEhSvKn0BlkaEJkWn1xSMCmezrJL3fjd6BvUlM5uLFpuskcnWLipGJ2Jr4M5sxRMOPMSMNubqCMBzMQ8fP1W6MttmSJkzRj6Jsfo99gqxJijfOdPRgMBfxPC2ECRwBg5vd8hyOeWWEueE453iPTPLpe-6agsX0elR_vojnLvOi4LU4b5m7ZWmHPV7KyGSFfSqgAlo2kdwLGF_qxUTIyybDBfwHRcTN48hflY8QMGsG5juREascKvdS0sFmX7sWaKms4S7rDvrCXdt4&cid=CAASFeRo6srPzGLA_lYRo-7wISBRf8rAIw&rfl=2%2Chttps%253A%252F%252Fwww.celebrities.id%252F%240

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a478c8ab31224ac8d4e5af2196f661ca27d55b71c9cfb429f825ca6fc1dee94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 5DE1 2 KB
1 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:52:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DE1 122 KB
37 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 5DE1 14 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:54:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5DE1 0
0 27ms
19ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWvqm-V4WJrQbDvu288HkGh0wjRNlfa4_gDm7oXSN_wvuY0UtJcJA-mMDBRxNnP-BI1WkqolSvDt_jl-EXX_y8yVSfOQ
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DE1 42 B
173 B 95ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APO_BhPm8HInPA9lnHaF5ZKHwkmb_k1xZrgoLbFyVg7NtEqnYqEV6DpQo4EFGlbHNkLQoZzZKtd7WSNTL5_5lHbKkCxev3yADecW47fusyGNAn2_0

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame B678 18 KB
7 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:53:28 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B678 22 KB
7 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Aug 2022 08:44:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B678 122 KB
37 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C22C 0
0 84ms
83ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbblO9fAMMIZCTUS_Hj4OkUJSC7xiu4t6V_rLdHpPUBxDw7KR6QoY4msjazH2iG_Dud2-jJyRWQ2_wbthLRoj9xtPOzZr2hPyQonOMBUG7JDpYmxzPEVC3YiVGAmAbA3op8lpZEdyPnDqBZtly5XOejHp6IkK_0nxpNcGo1nh47beauq2YD_gDiNrdVFbT_Xd49wRPYS9gDBDfS43E1Ye7xh6ve2k0pil07gMzLoliYu_TSDNwrKVeWeb0k0bWRWzFlCv-uDxA9AlL2Lg_lECH0Medyjx14oiq0_sKPm_6H0irZE29YyPwhMf8s9vt0w4pCuCASsrVvguHRm0f0FU&sig=Cg0ArKJSzEjIrgycum7xEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
DATA 200
OK truncated
/ Frame C22C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23b13db9d37d9e1f596d2ce603ee299f11eb8f4532d8d876b689e64b42ea4819

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 5DE1 114 KB
40 KB 80ms
5ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Aug 2021 12:38:12 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/elements/html/ Frame 5DE1 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwPj4McP9caXPjgTixjD_uF4UrJqmiB0Sshrgs4bR0t3039yhvD_dhtSUeHPt6b0Y2EQZgiTulK4EmFbs7jVJM1EARxrOmzxg8mlek7390HDy_MRK4sj9HcLO75W71w-bR8Y_-T-MGQUXcOlbjm1oj25xNfQ&dbm_d=AKAmf-ConxEh2yiO0Ufkfj5Mjpmlv7-LcNgHwnAliweZB0ir-_5ViWk1PLCml8NL_oOINkFT1tmKquVfmiNlOs7V038qpNHCs5bZhlpEG0dNOG8OsHfZv71M49qObGO0KFm_0e9uLdPOZR5VoN5satDyh4CiFCIOx8UA0ErbfJURdAD-zzgVB2ChM4VjXD331cGKZbmN93Cnz9ZJEn4myy316GNcBXWhIDoNWmNwjJFHnCYfNUDstmB-K5Ne0noO4H5xf-WqsKni0L3X5h5WlmnE8InKxqqR3FAgnKTNMprHftFx4ywSCQR-KTi0HNj24JdQTl57XzNa-Gl7JS29uaTDXCI_fmaABsha-V36IzRRAnYW3VBqb80wF6EGU_qCZPZ8S0tdJGuHIN4DIYB5wRnaJzK5s3drGwfemg976zuJVODFqLNMANiPy-hrBV6ySACBWAhIL7CySVOUerjcxUc5Gax6wc125SPxc95kdlrBC4JgCK6B_Vt3gjXyDni2bl6yE2ifY-nyQ1jyXA-ZALeGIgHQQ0ey2eVEV182Mb9pS4wQol3nxiQEY98GH1U-86QVJrpgdsGhpiYI6RaJ-V1nW06ACPGKuAAzKGtAeGQY0l74iYQ1ttsHn1UEwEKK1Gfpiz-3YjojW4iNAc5_xPFOdiMyGC6xo1bRgeZ28-gJJTwlxO8im2N2N1MdDSMVbdt6W-RCDWUq6m9vBGzlYPxVGD3kaJnC5-3m7c7sq0rjw3OUdoZi-NPTnc1m_4hDh7RV0jGP1pAr1YsWKFxz54qDJlOH7bQw8XSinuOVf3QzWiFgCerG0XEb7bn3GFVizJr0GUgSPx8XFiwJqDBZtVQh36CJ9q-fEzkgWyTwJ19HenIPkzDJpZ3BjNkDTKe88GX1IzordvplRWhSYMX6WqnuXQExiHnPl4w_PGe6lu4IWGE6n_CyUefmootFEh_ThaOfiLo-tXkUl47hlyk6UnoyY6a24G0VxUqsPUv70lcCUqZ2yts6x_Et1kOZ81Bj-wzr3hZOQ2ZYR-B0_gPxyWCzihILIb8V_Hb6aLS6XrR-CQanxGsIBMvVIoXUYXerJPbOsdyJv1iyXznUep8-OQbKGVrZwV1qiyhrW3Uq_3I7MLr-kFIIOoahdsPH3UGjpc6vhvtP-kY0zayJVKSp3aaDVazNnZZUAQ7OA8WBUWUptIqPocrEZzotwN2MlmDjKyE3WzfYwlYrR-8ZjZNV7xsmKmnYJcBETu4P56xCwUjuHf28hzq_SlJ6AVRi9WTqjHMZ-ce7stLTMv5F7xkZLFf8uFrB-mT5HbL960Lq98tD0Zbbm17uGTLh0c1A1YFu_OEGrOExX60wLJJlvYRecHw4Cjb2Sy5zHDWTAo1O-6dP9ce16fYCbwCCp9Ub2_Ja3r73OTwZqTSyOGGxJSKNss__J8wGeoC-9QCOlwMInbHoZjnuPhs2UosDmnaQrz3oI2ztdT8xpSFckRQMbZXQJx2UfNLYoq8W7L9fs7-GCvdsQG7Koh3LZTfg5UmAzvlKNV_5dlTGuz3N10rro3_4TgreKRVD07rnTtfd5cdGF0RfpZ3oiJIkgwL6Uu7bv7Y6_cj1Y3FV9HrtUtvmEfXhlC6e8Z7SAVuT5NdWkkEEzIerPORj5MiS_8QBSHS2lXH1pEGdvCJkJixn1JlCncTHfJsbkI1qEkDwset4fLgrKWP94_g0GK8OUOlWYNAdmAIenpEmt0E_tAvWgygg3AXl3x_c8M9pur8iTeGL6_BWZJY6qBIsNV-btyFrAJNWcCZrizJVguxWmgq1phaY-eChPOMFLFPHExHw_P67kmRTNviPoe4XLMYpamXRlKm0TkJmcHlddXbqf5YFqE7AFj3I39IPfrp5gHp0mLQ-2MEZVBVZQ3wxxTe6vSAUraQFMDMvSYQ6pC4Ku3QBS8rxT4ihNb0bm52cnHeHGD8-nVXSS2ZWAfl9rCHrlOsTB7UNx7tRFQEpMpiXIgd6fPWPf7TaZh8NXHE78p1UdTiXEv1p0bMHXLOSbOs_o2wuOpVsK0ktFl47fBaxDoG4VVqSIiFH6B7oayYcSZ4R71fbfF4M9w4Px8rV8k721Ado4Y353IwtT8JOzytbGauaUiOAdqY0H9Duxu70wUv-A5YmAGpW7vlgcJ4bD5_BaMCLtaIjVnAyMQymZrFnP_MGFJfMeb0zELJ3qCUs21RXerrGmNxwt03N8MXOgFpmYynZTJKibXZuSVuxPJrnoX3_eAoi_amBQ47AHY6JntY__3ff90nrnlBiw_lOmmJfSZGHiPvMv51pZbJ81QhNo4skTDEDp5ooBBxaCeS0x3S7tuhRth1Uw5R_gMyBYoiiJHIwiAsXhcwFGbcSheWcaxLQeLcIg5g2FdUOLCGbPGTbS5zeUYSCKCmuwm4uB120tCOfbq1RqKvM2Mj5DPJdGdoKZaXpjLM5WIzUB9iH6eYOGVW51nN7-DFiENSk1RnIK2B-QyRPYr9-mQ-FbPOyqGNifN3G281rUBN-fm8UR1eAUyvEQ4kCzpB9l89fdRapQUt6IDsAjwpjmvo3DkDoVyD2zuS-NUgOmbWoIH4Qp-Y4FLUJxIrT38TSvgbUmDLH5Qi09YZ3u45dTTjsEjeLl4Tzk_av97NeOGD6ovdb5zWgzIPLY_Grpspzk_mba0X8bOK5POzWrq-d4zQEt97pnbuoYSMjh4_luQAbFFEy5OIQPab258kB_7lMQYHhPaJAN5p_BQc3tJbEhSvKn0BlkaEJkWn1xSMCmezrJL3fjd6BvUlM5uLFpuskcnWLipGJ2Jr4M5sxRMOPMSMNubqCMBzMQ8fP1W6MttmSJkzRj6Jsfo99gqxJijfOdPRgMBfxPC2ECRwBg5vd8hyOeWWEueE453iPTPLpe-6agsX0elR_vojnLvOi4LU4b5m7ZWmHPV7KyGSFfSqgAlo2kdwLGF_qxUTIyybDBfwHRcTN48hflY8QMGsG5juREascKvdS0sFmX7sWaKms4S7rDvrCXdt4&cid=CAASFeRo6srPzGLA_lYRo-7wISBRf8rAIw&rfl=2%2Chttps%253A%252F%252Fwww.celebrities.id%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:33:21 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame 5DE1 23 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:51:39 GMT

GET
H3-29 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame B678 109 KB
38 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 18:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Aug 2021 18:28:35 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C6EB 11 KB
8 KB 47ms
46ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e25aeec36a1886a746ff6ee9846f8a93f24f30f4182c719f66584b1ee9627c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 07A2 170 B
523 B 113ms
27ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDEnYwBGIbeq6kBMAE&v=APEucNUgJ8cZOeVh_-mGUoT7-9AafkRdSbT6NXwnjAUL69NXje0JEQ7s6QZmkTRBXUsK0LyPEg1v7-b2wJyi825c1OP66WruMA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 07A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1&C=1

43 B
1014 B

96ms
94ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDEnYwBGIbeq6kBMAE&v=APEucNUgJ8cZOeVh_-mGUoT7-9AafkRdSbT6NXwnjAUL69NXje0JEQ7s6QZmkTRBXUsK0LyPEg1v7-b2wJyi825c1OP66WruMA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 09:57:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 09:57:49 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 09:57:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 07A2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSyrnZdfMO53ys381hbfcQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1

43 B
894 B

77ms
77ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDEnYwBGIbeq6kBMAE&v=APEucNUgJ8cZOeVh_-mGUoT7-9AafkRdSbT6NXwnjAUL69NXje0JEQ7s6QZmkTRBXUsK0LyPEg1v7-b2wJyi825c1OP66WruMA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 09:57:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 09:57:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKNwe7e9_uMYbS5-72IfbdY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5DE1 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Aug 2022 08:44:04 GMT

GET
DATA 200
OK truncated
/ Frame 5DE1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d43f2afd20825bd35fc830a2752d475c78bac7caf38ca888266af5936ae04e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA38 0
0 57ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGOSYXe9WyrcrXODIcXSJJ8GK1LoZnN93T6mBp9h4VqvY12t1IyT1H70u7yHCVoN2ZREofYFpEemS-hLQE6AJgx0Q7yUs-4P5ksHWUPFwPBWF9NEN5ESxhxdHizlKXppESHMNc5nn_mG8b8wdJdfKoEwrzN0JQXG-LnXel6drZ9i-cPsgvCDM-TbHHOG7u1YlD2MO6rwaw78RotRKdCzf8EfsDJfbA3IN5zaeOEv9E8rHRlA2vf5z0M_YGR9rGg6X2oAVZnFO_bbjMZfsTTO7EoH4lvQXHuOlGMxvXtI7UxnYpi2KLEhus377JZ4NcPAjVk-ulqhA&sai=AMfl-YQwmJeQ1iAMMxbWErsJXk2VASajj3jRD--7pb3VXRkaS3erdZadFKkxvkSPSodyHzST-QY4QTe58wn7SWgPidkH-qjh_K0c3rOcGpyHiP2aZr9WywuHT_BdE1truac&sig=Cg0ArKJSzIMzNjfHiasVEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 09:57:48 GMT

GET
H2 200 7b77764a-6a10-4c05-bef5-64c62273dcc3 Show response
compass.adop.cc/RE/ Frame E59B 4 KB
3 KB 245ms
245ms Script
text/html 143.204.98.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/7b77764a-6a10-4c05-bef5-64c62273dcc3?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=7b77764a-6a10-4c05-bef5-64c62273dcc3&type=re&loc=https%253A%2F%2Fwww.celebrities.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-68.fra50.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 22b488856f928e6994535d507aee898a9c8d32b23c1e35aa8e8a79c0823ace6b

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:48 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.4.15
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-type: text/html; charset=UTF-8
content-length: 1971
x-amz-cf-id: BZ4_fE-FvwOX4REh3hYbWqIyWmM9JZs9cUwgNZLm3U8aCyHslsskKA==

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/12921970129917788491/ Frame 7C83 81 KB
20 KB 21ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12921970129917788491/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc800bccbae470f5a5585c4442be710af68620e83f185fc8e567b64f1eef641a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/12921970129917788491/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 27 Aug 2021 22:05:43 GMT
expires: Sat, 27 Aug 2022 22:05:43 GMT
last-modified: Thu, 20 May 2021 10:06:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19977
age: 215526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5DE1 0
592 B 77ms
35ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWk_-m-97QaJo83EtEUGLYdJRHdrbZg8x41zAZJuVE7RDK6X6V3rA9xd3xVnwwDpJAm51wZFbpU0MM37nMPyOlMf_Dwp9uVvfM9mg1JbL6Afd1fx1UBxUvTgma7BQhqYda_kc_0QdAixgoLHaJA6u_U28fNAZ5LDRzhiZcMqOI1deCan0fROXwN1yuLZCtP0rxV5zPpq3d7EeyxF-5eNP4HsRuadt2nCBOW64kvqrQMIL7_QtpRRpMTPWqpdNHnEJ-xhP06Kd9JW-ui2bfbqRvYwgQwzik5b4CXC8tddXSf-CHd4BkUDj5RxObHaagcV65M63bgGN9aW6dv6doXSyEi8bnaN2xw0ymZQkrvFbFqDQ1slbVmN1BN92QX0NUnUUjbL-F5dDvUzsnM9uAxKyDDFwddrXa-EG50XcHkE6DdscUj2UM7MNaMvnS7HTB6RQBr95_I-cxqE_mbQetOEYcR1HrFjZx9d-cgk26UvBPPSsBT7rasRYklX8sj4V8hEXQ431E2FWHBFFqeLjha1ImtYjb_7166TqLPwkaA9S4F5pe887xlFRdGXKIDdb6L1XjMFuL3lp67hbEjyXWiPsrjOdKEz9znyMLMgSW-9nrCyzw_VmqXXLit6rGcvOCqpY5rtRAHSWFm7w3o7CO71RYdvEaIJqc8gMXlhtmmfjPY42DfkCTenYG6UQIU7R4buM6h8x_RcU0MSUKlc85-NCjUNTGKTp600oSzSA5H6EDdjo2v-HhxPCawcL1T5PFoNCcfvJvkLWeovj-WHYY9ikUwtoiA2FQYuzABfO2axeu_za5NkOHPanWk0PCie9eovwfofr5ygn2noAyHsrp4AQVfn9aCo21OHVtCq9dHAP08gwbdgiOtTIY7weM9UWh4U6qqFKoIc5LAroKrptpi8aFA4AHyqDKoqMTA-y_xmwNegYFBQEohEeEE2nCbn8ujTYGqW6tyjE1nZpSUaTticzJuwRz0AYY7YsDE9N4E-gSrzi12PdVXVGK6-MVg4_z0hJ5bbCsOlj7yVpt1nYVc14uRo9WLjOeP65IOkwgaggUj666h4huPu_yhiRV2MAH1gx_qhvk&sai=AMfl-YQKaceFynD79GrOLaCXs4q71oB-6r_PvdduFAjWxX6ykCauBEqPOZSr9ZKQ8xLXMYQ8vxAZRfSr_luD4rNeUCwDNo3nSLYU7ST42PuYhNbL9nhYhcS5Xl-Y3DXZlRMK9Dl_-td5SyH8431qx4NOKDv_QlMdRC9kFiYnBoM&sig=Cg0ArKJSzCgNnWmD8HOeEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&cbvp=1&cstd=273&cisv=r20210824.12545&adurl=

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 30 Aug 2021 09:57:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C6EB 17 KB
6 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9320 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 30 Aug 2021 08:44:04 GMT
expires: Tue, 30 Aug 2022 08:44:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/331325/4933374390/1629357604197/ Frame 62A0 78 KB
78 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/331325/4933374390/1629357604197/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1eaa4937c5fdc431e6ea3237dc74df59e877d2ad2495ff7380b75b07f60ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/331325/4933374390/1629357604197/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 79467
date: Sun, 29 Aug 2021 09:57:59 GMT
expires: Mon, 30 Aug 2021 09:57:59 GMT
last-modified: Thu, 19 Aug 2021 07:20:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 86390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B678 0
23 B 54ms
53ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttsbabmTy0PKxg6w7djO0fbiywcI9N0LbO_IY35QPOp2v_XuQxsPyW8mI1gPNIHQmUgjBoUS-QJngPiSWOYfV47Dl7hQjyPOfAMnYGzv8Bf2Pk88HwhiEZAydny3Ovsy--VCGR5wGHdJxCg2popn2C71cOJOcXRI-EdA9dA6cva3o4rJzeKtIjGWpSOZDY-si-1fgFt2FUkABIOW7x7YfXii7djDAp4b9SdQG_3uAcym6a2NyTsTs9oy7NHfYfIiWaFzgVo2UTAmCSzSBxd32IkeHmNls12AnbHxy4gaEmLAURyq21mu1QFGUT8vymf4M4yOpo&sai=AMfl-YSq1RnyUoq9w1RTz7biQWa323crGAPTBrzSpJMt9c5ze7FQ3rAoChJc1SRN3l9erYT6qeFILg9aD8zUN2V9HTPKj0VMEiYxqwfvEScvm8KLHk4DqLSeBr99-wOJzcE&sig=Cg0ArKJSzDFUo_ZCeAhLEAE&urlfix=1&adurl=

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 no_refresh.html
backfills.ph.affinity.com/HVR/ Frame B678 0
0 137ms
55ms Image
text/html 23.111.9.64
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://backfills.ph.affinity.com/HVR/no_refresh.html
Requested by: Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7C83 4 KB
590 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12921970129917788491/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a200de114d432846f05e8d78b8158d883577e7d3f194c505815ba28b6386983c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:57:49 GMT
server: ESF
date: Mon, 30 Aug 2021 09:57:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 7C83 28 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12921970129917788491/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12921970129917788491/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 19:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Aug 2021 19:16:19 GMT

GET
H3-29 200 6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9320 34 KB
13 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13187
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:21:09 GMT

GET
H3-29 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame 62A0 29 KB
10 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/331325/4933374390/1629357604197/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/331325/4933374390/1629357604197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Aug 2021 14:44:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AC44 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.visionplus.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.visionplus.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 30 Aug 2021 09:43:09 GMT
expires: Tue, 30 Aug 2022 09:43:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D9B2 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

866ec5ec415c280ceef46f8fca6e78fb0a3e3fc5f9654c01e134c18a018989c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bTiogSKxQGMputlLr/0hPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.visionplus.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.visionplus.id/

Response headers

expires: Mon, 30 Aug 2021 09:57:49 GMT
date: Mon, 30 Aug 2021 09:57:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bTiogSKxQGMputlLr/0hPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7C83 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options: nosniff
age: 268744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:18:45 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7C83 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:23:16 GMT
x-content-type-options: nosniff
age: 509673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:23:16 GMT

GET
H2 200 adop_sdk_p4.0.1.min.js Show response
adopdmp.adop.cc/ Frame E59B 18 KB
8 KB 69ms
7ms Script
application/javascript 2600:9000:2156:5800:18:69f:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adopdmp.adop.cc/adop_sdk_p4.0.1.min.js
Requested by: Host: compass.adop.cc
URL: https://compass.adop.cc/RE/7b77764a-6a10-4c05-bef5-64c62273dcc3?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=7b77764a-6a10-4c05-bef5-64c62273dcc3&type=re&loc=https%253A%2F%2Fwww.celebrities.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5800:18:69f:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 509ad252be6b42da4d1b4c0eeaca785fd1f53b092e0e870f1fedb4ae92bf62c4

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 26 May 2021 06:32:22 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 02:38:34 GMT
server: AmazonS3
age: 8306728
etag: W/"8c7bca07717cb469b00f91427b45cca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6ml7PLqa8zNgRjqssMAwQaaC4UrA2RDKtLMsdDr_GY208avbU1BycA==

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E59B 71 KB
25 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/7b77764a-6a10-4c05-bef5-64c62273dcc3?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=7b77764a-6a10-4c05-bef5-64c62273dcc3&type=re&loc=https%253A%2F%2Fwww.celebrities.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f9fbe8e064ad627b296a9bad5d75303df37bc45c09f6d550d5266cfb1ce6124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "973 / 369 of 1000 / last-modified: 1630313496"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25214
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:49 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5DE1 0
23 B 77ms
29ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Award.png
s0.2mdn.net/sadbundle/12921970129917788491/ Frame 7C83 8 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12921970129917788491/Award.png

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c168be4c6d3fe655e7c5524cd9fcd5cbf4a0a23f4481840b39561ca250f5ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12921970129917788491/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 22:05:44 GMT
x-content-type-options: nosniff
age: 215525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7764
x-xss-protection: 0
last-modified: Thu, 20 May 2021 10:06:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 22:05:44 GMT

GET
H3-29 200 Holidays_728x90.jpg
s0.2mdn.net/sadbundle/12921970129917788491/ Frame 7C83 12 KB
12 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12921970129917788491/Holidays_728x90.jpg

Requested by

Host: 365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
URL: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938da2edd0413611f031c92120e4339664ff13461abb28d4713a06939764a761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12921970129917788491/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 22:05:44 GMT
x-content-type-options: nosniff
age: 215525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11833
x-xss-protection: 0
last-modified: Thu, 20 May 2021 10:06:17 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 22:05:44 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B678 0
0 58ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupcMddqgoq5PZRen4osxmL-bSKLFYULcMgmETULeuZRI2H7gt61sx214ctF-e-I0OQcMBCY4zWOqw6MIncY5CvRptXbkJalns8LmC4__Y0RWxHvhGMI9GJoN8A_12tFnbJgHyFxHrrJpjEWdz5S9WPLdA1uMaVGz0vq-HDMary84PHVwhmIureizAjcdlXtE6NHojyxI_C_B3fMn0ItE83z9TXuN3KxkJHGv5J-J1PY0jruDOxpFaJq4q0zP_ne4CXQgRYhT0PPkDheJ_w8v9Tf2RBOWZjWHszXlTipntNUCquqS9FaGtiFxJ5rthAcuDW5xioIFo&sai=AMfl-YRhJesjB_orONZo09X1CdiwgeCvjEmw4-P_LDzOpCOO7Kfw6UR_S3OhrjQ-8_vwK4PAQcMnNk60LwmtZDGl7w_aVJn7DiHAfneOrbwKSd2kf3vcLbB8xxN8KFe6yiM&sig=Cg0ArKJSzOzPh_jK0jlTEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H/1.1 200
OK collect.php
data.adop.cc/ Frame E59B 0
62 B 1080ms
265ms Image
text/plain 13.125.178.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjEwODMwMDk1NzQ4IiwiY3RyeSI6IiIsImFjaWQiOiItMjEwODMwMDk1NzQ4LWZjM2NlNzQzNjk0MTQ5OWUiLCJuZXQiOiJHb29nbGUgQU0gMzYwIiwiemlkIjoiN2I3Nzc2NGEtNmExMC00YzA1LWJlZjUtNjRjNjIyNzNkY2MzIiwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjE1OSBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjE4NS4yMzYuMjAxLjIyNiIsImZsb2MiOiJodHRwczovL3d3dy5jZWxlYnJpdGllcy5pZC8iLCJjZHQiOiIyMTA4MzAwOTU3NDgiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiQmVyaXRhJTIwQXJ0aXMlMjBJbmRvbmVzaWElMkMlMjBIb2xseXdvb2QlMkMlMjBkYW4lMjBCb2xseXdvb2QlMjBUZXJiYXJ1JTIwSGFyaSUyMEluaSUyMCU3QyUyMENlbGVicml0aWVzLmlkIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=92a8c346-b344-45c5-a54b-0b4ae0c57697&r=6eqX9jp
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.125.178.116 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-125-178-116.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H3-29 200 iframe_api Show response
www.youtube.com/ Frame 62A0 980 B
515 B 24ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/331325/4933374390/1629357604197/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f8361895e5a7405efe980b5dd1ba4dcdffdbfabfb895af4fe675f54786dec72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H3-29 200 pubads_impl_2021081901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E59B 331 KB
116 KB 57ms
55ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118670
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/528656c7/www-widgetapi.vflset/ Frame 62A0 125 KB
42 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7a5a53379be40febc32a3991574b89d1f489a3f7ce0593c0203ae5b0b9bdba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 06:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 12387
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42804
x-xss-protection: 0
expires: Tue, 30 Aug 2022 06:31:22 GMT

GET
H3-29 200 6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js Show response
pagead2.googlesyndication.com/bg/ Frame AC44 34 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13187
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:21:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E59B 107 B
165 B 22ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.celebrities.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E59B 107 B
122 B 32ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebrities.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E59B 15 KB
9 KB 277ms
273ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3649342536971400&correlator=2530189285426225&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210830&iu_parts=223513049%3A7108725%2Cca-pub-5111137191506013-tag%2Ccelebritiesid_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=4&cookie=ID%3D263368a6cd7b49bf-22f15422dac80033%3AT%3D1630317467%3AS%3DALNI_MaApmIKIo-FUleAcq90hPGHsk94jg&cdm=www.celebrities.id&bc=31&abxe=1&dt=1630317469640&dlt=1630317468862&idt=599&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1130&adys=3140&adks=3798578870&ucis=d03b1tcfxg0f&ifi=1&ifk=4206441019&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=2&url=www.celebrities.id&loc=https%3A%2F%2Fwww.celebrities.id%2F&top=www.celebrities.id&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=51400803.1630317470&ga_sid=1630317470&ga_hid=59863187&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

9113c8aba03009541936b2156bd65daf7c090f86b2a6978346d300ce87712cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8814
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.celebrities.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6D71 6 KB
3 KB 28ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 09:57:49 GMT
expires: Tue, 30 Aug 2022 09:57:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 7x6QaCSA11Y Show response
www.youtube.com/embed/ Frame EFFE 57 KB
23 KB 190ms
189ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4f986a8353c5a2abd9f7cf9c0fafee05f7c1d8e8f8e5b2696878f85836ca57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s0.2mdn.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=8QBqTAZpQuQ; VISITOR_INFO1_LIVE=iuu3hgnFtdw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s0.2mdn.net/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Aug 2021 09:57:49 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+812; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9320 0
58 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv_eEnKssYb3-E_OqrATF6KiwDgAAAAA4AeAEAg&bg=!OjmlOX3NAAZOkH6FTpA7ACkAdvg8WoOtSSEQNUZ8BjAKo73V-Njgxpj1e7JmdJNB59TvEHPH8BRFzAIAAAI-UgAAABBoAQeZAw32UfHSqvOnhE9kAKs5xnPg49a3JcO7GmXetUXwbjCvPA34Qrt6lYdVTEtscygRTUGkujnFaw0pxrZ-9q7LICfHLe5tsoTeDekELFQ-Gf715e6mTp9jGCsSDSCOUwO0a4rJNHDbR9UEE6VKADnoBst6A6TQwQyfzM_AqkY1eWs06PlHuyZcl2MaO33rWpwER0JbtkqT40fhIYuS-mYJQe5DUNOPKCfldVhAkcAjT1d5bL97SUFEOdN8pB5HU_X_hiuB1_ZxUH3vnMb0wnc74ig1vfTpyyCsxoGFg8J4HHrVOerENqLZa67IuhtOSzudzEFtCoVB2FZ9tJn6roRhfIeU5gzCXBVSSjNp03kE1dtxEU6J5QxqkoJ7nMEsTnq77UGu1rJXKLDPOSO3hv17OgA7FOTKyPbbKoBuCFsqxy5Lhf-0YtU86YQsEVxATr1C5toRFI1ldJBdwOQnSUfCm9xOIiWj0CSsWXy0Pn7yxYWpZQvHq1V2N-Dzl67OMcW42msnbvGcavJH8WfQurk8xL1OybyzaMwUSFUH7v-HdnKVZZfsbldUFJWGUbiiU2pKoh9boACqxLg1ClQ4I7pKpRvIxOEowV2POFFtTX5r63cZCmp041VHWfoDJIhH3KfvO8slg1eln4Oe3jGJMlgyPFmolQ5ouc-P3lSewD1Nc0aeOMTWS6cgDGQgbkDcMX9hvxRlVL5nbjMtTRBj3jEDVrOSa4IINPPRmNzQizzf3q-H4pkoJH__1_1OYkGFTVrwW1IcB2u4n5a6bRfM1a_1GbVJnjA7zXzlUFkW3TqpB_WQgpJmGOvXD5wyIhA0iKgrJh9EJLlIbEo4timJmF0nrOuxA1JjkRP7zVrejJNswWfzSM_nQ2tqCnAZRQEd1fl_dInQjmzjQC_tB0OiBRYZ8-v1h7N1as9fVI-aimZ-NqFOXfu_W71vtZBRqN6MdfMzEfiTQqdOt8hc6_TP4blZfeUC9AaGIVeBgdjoAxX3D7uNF3K-39h2Tgc71q0ppwaBmyvavGbRbF4RnJyW4qdF

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DE1 42 B
518 B 37ms
16ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz3ZtIo9eeXT63gULOva7XM3afaYmq5CzDIK27UOUgS1WMPDOXjirndDFzoGyZb2ESIVzslRHE69sGLxOv68INl2zNgVVywa6-BTXrMZ6x4cVTm3h3mYm5ptE&sai=AMfl-YR9lrdwdOWj2qBKqQjBLjpxl7SG7ZRjywtoXBLgk6vHezyMwrt8E3WoO34XeN6B3RgVgej1-72O3BjK4_bSKqW1VUr88ytOixEgyYsSrM1Iz0KrsfkyuJalt0Gmf7Q&sig=Cg0ArKJSzGb7mBaltGCWEAE&cid=CAASFeRo6srPzGLA_lYRo-7wISBRf8rAIw&id=lidar2&mcvt=1001&p=274,315,364,1043&asp=274,315,364,1043&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=341882445&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630317468268&rpt=576&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/528656c7/ Frame EFFE 328 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 254178
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46217
x-xss-protection: 0
expires: Sat, 27 Aug 2022 11:21:31 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/528656c7/www-embed-player.vflset/ Frame EFFE 193 KB
64 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 06:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 10951
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65344
x-xss-protection: 0
expires: Tue, 30 Aug 2022 06:55:18 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame EFFE 2 MB
498 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 169537
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510079
x-xss-protection: 0
expires: Sun, 28 Aug 2022 10:52:12 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/ Frame EFFE 8 KB
3 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 04:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 279613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 04:17:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFFE 15 KB
15 KB 19ms
4ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:18:02 GMT
x-content-type-options: nosniff
age: 488387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:18:02 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6EB 0
0 35ms
31ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=31741941313801&bg=!5uWl5aHNAAZOkH6FTpA7ACkAdvg8Wi02ZLgnEItKX9yW5UI79yb9WA4OSEdOHeMH2TmOZTHKT5V41QIAAADNUgAAABFoAQeZApiXjz0hzN3O1uxDMc4RiBlnOvXaKfhIcC7770MIDZDZFErzycCEY5cahN8gj1K4lpOh7eLwwwDMDoDaKbbE2XIVVOrC7EbT_qih08fQSZ2pELo5w5I6ryJ5WNPU8oirOdw5RCTwtoz6JXgkLtMBrNCJsqxlKwLyX4JizCh4USPYpuAoyJ3ZYdWNlXcz2sWZv3HvpHJ614jCEY841dHQGqkH-wtzymxZAO9UhrKpCTRY51erNpNtShv_fCJetCXSgFMU_8zwYBbuMZ8yj9zxvupoikezneZKuixZUtUyRamwywjN1ymtwEW-uBuVFar6YBqlYFgS4ZgDmRY1zl93jxdOQE9H8DeUsA_jqNKlc-Z_1Oml_bI5WpML8pf3M5SGagQ_bKeL7W_NXjSZKCe7S32-wlTrisbxNWmiwwsehYXeeEArrdNYqlRC2zo1hVZJF7N9R27rH8baT-SuDRiPie_3ROoEXS9JXu76iuzcdB9VgBYfUgnorQN4gxqIDMUGOVNd0JDb8ohWtbqqTItnyl4mPtSQF3v8BgbilByrC10th7miW9gM9E-USWfQDwZYWF6IIiofswpCnHb63hED5aTKSHUfTPUHSgWFnAK0WmCWnnS2HWdfMjxSuzyHNMvQmNAzH-ytp0_BueSQGnrSX7eGBMXc9y1GLcxiAf71RVDH8RZuGk1fdTzXy6iPWaLhD2CGuHxUhktZ9W1YOktfTYk7tYQO2RsNVX4hoTVaFdX1oeBii76SkdjEScrKiUmL1CwWrr-xQtP2jHFtLn1aV6JRoIxDuek-tQ-G7JzvYNILcNiCXWqvilU9LeZUOBxsf3V4EPB-w6aG86JvjaA9_UvkkowyZKdDy3RuhV0hegBOgJ6ioLaY0v94
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 container.html Show response
c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E0C0 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 09:57:49 GMT
expires: Tue, 30 Aug 2022 09:57:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E59B 72 KB
27 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1476 0
172 B 14ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIY4ayKrgEwAQ&v=APEucNUTTVPSfHP6K3yfGpT9ASAq8Pi_jEkW0M22ba2LwyMqLUrABnEuf73DiuVMw2WUPXqFkJ7FiQqNgCjfu81CEQBZNCjE_g

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQt6j7zAIY4ayKrgEwAQ&v=APEucNUTTVPSfHP6K3yfGpT9ASAq8Pi_jEkW0M22ba2LwyMqLUrABnEuf73DiuVMw2WUPXqFkJ7FiQqNgCjfu81CEQBZNCjE_g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 09:57:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Aug-2021 10:12:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 30 Aug 2021 09:57:49 GMT
cache-control: private

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E0C0 69 KB
28 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drt_x12QACe8GvnAxuFZq2BmkVbwrlV8fxYSqHirDZdqdbUtIXfD1iLrLE1nxGrxtY3iLT9dAm9KXyLosuChI8aFwt1zZP6-5WlanASlIGF77O0ddDd4kvXYpj9FzV9V_ITKisc1fDzRz23IJZxfvGOPxDkA&dbm_d=AKAmf-Dv8Bc_6VVkv6EjopYQnTBPYhOitkF-2ab6DMHANVx9vdF-HlLKoAmOndTI4x6a7zg-RYk72pAdRUjr4lpB74k7uqiw0YIKwdWhAj2RHqxCOnt3WA3W8dTzQv2svTOq2vuEGQ2LM_RrRL5vl6mBVtyOiH9Md_02MmvdqdFB1fidavLO3RIxe4jB0vC9tf37BILIDIzCku8cXYOl6wN3TcqFsEP2QHXkDRzU356H6oAc1ExpmXMgB7yu88wq34HiswYN293BwBpMMPLmCUeKcz3J_CJmqPfrj-2uCO0txnwAPWqqnfaTD-SxcJCrep4rqgz16nyG8_CckXfPlbPuv8EbejvNctDMUeaxD6u7NUv6RvQ4MpPmT7NdyTSiv5EuVQhPharIMo_fNEFBv8ZtL80Sm1TpN1VntypsH9i0qOzWu8T37h9n_8RefYLFLH6GCIMI5l57JdgYVc5Xs_bRNHxGIt2Bd8vqJSYNQpwJMxaxSfL5mR9i1sYVCoItmezsPbcD_o7U9O31nQTqVB41BdoCeZ7Y3WRLDWyt99ZrBuGhB8vx3USqsjBCgq8t08G1DQkmhSltpw0Fmau4Qz5V8Dluo9B4g8q0TXg5yqg9r6izLnU0bGy1t4CzfR_X-5nOAMTM5ll6bgJTvKS3Dq4dlubi5x9CkmmHrYjwmSsQVSQNhfw1-nA-S72YImUj4mJ1OdXSTyghtDOKxLlyDoG02r4E4Pf3KfdeRtN4yYY-Gmp1IAzxpiFuPeJqwiDpjC35Dyb43r1_Un7wkMAxhjV1Svs2xV_WCgKak4O-1Kzrs_0T3nXcuV27qcOWGSeTJ2zCOozaV2GKETlwLSKShXarHdF3a8MdGwC-glNiAdnWwyc9qKeftDiI4k1BNUe4CIH0XIPmrssX1cM91FxJbH_TzBVC7H0KWOqxGGfiormr3X-c-2L1vVr36u4UdYYz3EhF4awyNBqPy297We7bvoYlK4Nv34yVsG73qqVsbMIw_udBP0CiAKQLyNWTF4irRd0toIZyqjDjC1pvKTj1yTQVKAO03m1fnmUVL6OkVqvWBO2elpHciaSsptnwQng5kmaeqA-61oMe2yKZbIclivU5aLSt3BtAIKDX8crsM8Ez0o4FNzkYnsdYEsQ5e4IPGd0x0xhmPtRuqvGaQEQWtMyNPXL5J2kyebCtw3CA7OLKDpCY_eFhCmRD_PBxFj4NMLz0iEM7oGwZh2qzauFDcSV-KqYymJ71inOXHptHo6IzkWLtyfOnJLAMhKEWSt3QfKzDPxGHjNH6a1y2yGpMSMz-1g3cDo50aAUPZtKR4CKCDW2mjvpiHjl2u_iZOX17Oqt2xGrViGg0knuMhF5wy8uK2n29Xws4hLkkDZ1yExzcgk0yanK93OvjcapEByRxcEb3Iu2RkIWnMlJ5tIGjwfoByJpLCL16RyDYas5uQiQU7H-3pGHRgubSx6u61D3xmOBBSvaoCGycXnYuFKVfYZTh4nZjpDAcGKvO7-TJk6zuXniFDVy52TN5cvvgws3vfEV3hgQJlNEMOQ8eXw3HeEtY0V2rKSRYatZByu2ElqKJMUkDuQFZ4z4JYDBUaI0twlsPJOI5uF8LmMdGyoCv2zqT1cZUDl_e4sXpozAOhuqhwD2SnHs43Ycj_bc6fuUQLIJFFkag1ZyoAzixT8n7kdEyUolED9_wvwDMq589Lr6pC8Vl5KvSYB6faTHK2XvGp1fxk6JzY8pCY8vqguBPn4xPpmPj0wwtq2bF7atlgWGbVSi8M9YwwMOpMM9OvHJkFAAMxhvRiN7e0Jn927xYPDThgripd7gE79LcR6R_dMXwn3oLEqqjNPxowMfpv3HsM4C4VJIV5xcNZ2MrlDJcEzPYiIgtGqZk4doa82tdXfQpfkjwelaosP4wRB2xa2ENeUWVECOZYUp9ZY8t5RScCpoM5yr76bwRHTu3E9fe7UbAQxXwRpe4SYEKomsVL7i7cIxmha2bWDWchxWINfv_FlnhGLZD_a4O1LofOk4SaBAYKTnWGCN87pI9A42Wh1x3IuNwFeorYQyONuDts-Zok8W5q-ZhJ_KLjqdEW1cwnQx8yA0_U__NizhWHH1H4-iYrVGZEHkreMaAXZ8DrToYy36C7fTlI-kA-OLjkOQR9_yz7e6_m_7jAJ1Wg3ZElNTsPQkdNrw-fYCwVwANmeZuICn8R2cGHafndgrHnTvQOr1csY2GSliW-xp73zDaT7nGzmwABZWu0V4kYsH3R6mpq-xnxKezb9JhufTxRRtg9GoxQCsnbWaMyWQvatoUyNZ9mXk_ne0Z4U2ilVje4xcIgcLD0vI6Srlw_6CzjYAEkKI0YT0HKZkCfA179JtjUL_Th6KMTuDO7447zhPV-Wf_xctf6-VpraTzL1WcH7nXg-66NR-BiB8kf0t96WjSngyse-hGmS_9jhy_nteKfGcmi07F2ZCMFIgukjI6_itXhLPLaIwEK2D29EGvi_uRhQGxwFnedMf_vTu326rF_GjPA0r0ituahVlrRGCguVArlEyjLc8EFUs5i8icudkvhBZWDTNxtZJ4ZVwnsOu7aNIcksrIRvXIC2XRGf-bREtwYLi8LSKxT3zWryC0sx2HWwgIkTMluC9lucH0pg7ZZP9yE-SU_Y4l4eENfdTchxpZ5NSh7i71wCE448NUT1K_qzgJDDKiOyZx85Wd0fuqSTVbmwqr7NRQnm9aGxFQwr2p6kP6o36PbXrlIpY9YAx8mvktHGKaK7rK1Ji_af3y8KeXpQeugR48_S7Ct2lPE5de3TDHeWhysnq9ZDX69tVogGBkfGs5sLbHfbU_KDuZOV_1mkqjOjFIfO7iD8nj6VTKEKnJLtAOP5lD_nWhhseRg5sH4ERbGOL98C5Pu9NGYZ6kSnjOscQtZtpfKcgFGCTO-MCv6DG6ND-77C4&cid=CAASEuRofOOXJIuoUASr5n2drLTrzQ&rfl=3%2Chttps%253A%252F%252Fwww.celebrities.id%242%2C%2Chttps%253A%252F%252Fwww.celebrities.id%252F%240

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ea8401ab33b2033782599480d95b9e45826c4bf27d3f9d2fb6723a5b791373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0C0 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOxZmCFH4r7IYtdOgg8DHf_B5aHSiZjhvPhHlMSBrMcMj5A3RTNqU6S5yr8g2gepIUAgsNDQyjcQoWwWlBxXyDT0SjohKJ7ShkaSKhOBCDgz8O3s4

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame E0C0 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:51:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0C0 122 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame E0C0 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:52:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E0C0 0
0 15ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwLnffUhuHJy4yFLn0pGG9AuWzlLwSwJsBtlYamAA7O6q2lPmOA2abgCpy4LJ2xXXiHsCFkzCkm4XagLDzPggn8pAsHw
Requested by: Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame EFFE 113 B
161 B 14ms
14ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6abd06ca6855b2c1ee326b090f1acd2b09b9625520bc336f18a0ca091805b096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EFFE 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:42:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 892
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:58 GMT

GET
H3-29 200 mYNEq3yrhjxq8dVqMC6VBgZ3HkdmNNFSl-irZrNxscI.js Show response
www.google.com/js/th/ Frame EFFE 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mYNEq3yrhjxq8dVqMC6VBgZ3HkdmNNFSl-irZrNxscI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

998344ab7cab863c6af1d56a302e950606771e476634d15297e8ab66b371b1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13363
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 08:44:38 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame EFFE 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:18:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 182339
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7286
x-xss-protection: 0
expires: Sun, 28 Aug 2022 07:18:51 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame EFFE 82 KB
20 KB 83ms
83ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

523b30a5d64524d2cbe842097b64c0d94d2c96af79b620a763e2931ea2035840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210825.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgtpdXUzaGduRnRkdyid17KJBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20166
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
DATA 200
OK truncated
/ Frame EFFE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTY-qjCrfXl0U-9LA8AEufC9MT0K2wPp6DWJpHW=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EFFE 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTY-qjCrfXl0U-9LA8AEufC9MT0K2wPp6DWJpHW=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02ef0dc4e64e5f35a7f473ee606c8b8d76060ce6ffd23235e4d06d5c064b4a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 05:58:44 GMT
x-content-type-options: nosniff
age: 14346
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: fife
etag: "v25"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 29 Aug 2021 08:01:28 GMT

GET
DATA 200
OK truncated
/ Frame EFFE 231 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ad819825e50d0bbbd06835108e67ab250f345e7c3221f1c946150e89555433

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame E0C0 114 KB
39 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Aug 2021 12:38:12 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/elements/html/ Frame E0C0 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drt_x12QACe8GvnAxuFZq2BmkVbwrlV8fxYSqHirDZdqdbUtIXfD1iLrLE1nxGrxtY3iLT9dAm9KXyLosuChI8aFwt1zZP6-5WlanASlIGF77O0ddDd4kvXYpj9FzV9V_ITKisc1fDzRz23IJZxfvGOPxDkA&dbm_d=AKAmf-Dv8Bc_6VVkv6EjopYQnTBPYhOitkF-2ab6DMHANVx9vdF-HlLKoAmOndTI4x6a7zg-RYk72pAdRUjr4lpB74k7uqiw0YIKwdWhAj2RHqxCOnt3WA3W8dTzQv2svTOq2vuEGQ2LM_RrRL5vl6mBVtyOiH9Md_02MmvdqdFB1fidavLO3RIxe4jB0vC9tf37BILIDIzCku8cXYOl6wN3TcqFsEP2QHXkDRzU356H6oAc1ExpmXMgB7yu88wq34HiswYN293BwBpMMPLmCUeKcz3J_CJmqPfrj-2uCO0txnwAPWqqnfaTD-SxcJCrep4rqgz16nyG8_CckXfPlbPuv8EbejvNctDMUeaxD6u7NUv6RvQ4MpPmT7NdyTSiv5EuVQhPharIMo_fNEFBv8ZtL80Sm1TpN1VntypsH9i0qOzWu8T37h9n_8RefYLFLH6GCIMI5l57JdgYVc5Xs_bRNHxGIt2Bd8vqJSYNQpwJMxaxSfL5mR9i1sYVCoItmezsPbcD_o7U9O31nQTqVB41BdoCeZ7Y3WRLDWyt99ZrBuGhB8vx3USqsjBCgq8t08G1DQkmhSltpw0Fmau4Qz5V8Dluo9B4g8q0TXg5yqg9r6izLnU0bGy1t4CzfR_X-5nOAMTM5ll6bgJTvKS3Dq4dlubi5x9CkmmHrYjwmSsQVSQNhfw1-nA-S72YImUj4mJ1OdXSTyghtDOKxLlyDoG02r4E4Pf3KfdeRtN4yYY-Gmp1IAzxpiFuPeJqwiDpjC35Dyb43r1_Un7wkMAxhjV1Svs2xV_WCgKak4O-1Kzrs_0T3nXcuV27qcOWGSeTJ2zCOozaV2GKETlwLSKShXarHdF3a8MdGwC-glNiAdnWwyc9qKeftDiI4k1BNUe4CIH0XIPmrssX1cM91FxJbH_TzBVC7H0KWOqxGGfiormr3X-c-2L1vVr36u4UdYYz3EhF4awyNBqPy297We7bvoYlK4Nv34yVsG73qqVsbMIw_udBP0CiAKQLyNWTF4irRd0toIZyqjDjC1pvKTj1yTQVKAO03m1fnmUVL6OkVqvWBO2elpHciaSsptnwQng5kmaeqA-61oMe2yKZbIclivU5aLSt3BtAIKDX8crsM8Ez0o4FNzkYnsdYEsQ5e4IPGd0x0xhmPtRuqvGaQEQWtMyNPXL5J2kyebCtw3CA7OLKDpCY_eFhCmRD_PBxFj4NMLz0iEM7oGwZh2qzauFDcSV-KqYymJ71inOXHptHo6IzkWLtyfOnJLAMhKEWSt3QfKzDPxGHjNH6a1y2yGpMSMz-1g3cDo50aAUPZtKR4CKCDW2mjvpiHjl2u_iZOX17Oqt2xGrViGg0knuMhF5wy8uK2n29Xws4hLkkDZ1yExzcgk0yanK93OvjcapEByRxcEb3Iu2RkIWnMlJ5tIGjwfoByJpLCL16RyDYas5uQiQU7H-3pGHRgubSx6u61D3xmOBBSvaoCGycXnYuFKVfYZTh4nZjpDAcGKvO7-TJk6zuXniFDVy52TN5cvvgws3vfEV3hgQJlNEMOQ8eXw3HeEtY0V2rKSRYatZByu2ElqKJMUkDuQFZ4z4JYDBUaI0twlsPJOI5uF8LmMdGyoCv2zqT1cZUDl_e4sXpozAOhuqhwD2SnHs43Ycj_bc6fuUQLIJFFkag1ZyoAzixT8n7kdEyUolED9_wvwDMq589Lr6pC8Vl5KvSYB6faTHK2XvGp1fxk6JzY8pCY8vqguBPn4xPpmPj0wwtq2bF7atlgWGbVSi8M9YwwMOpMM9OvHJkFAAMxhvRiN7e0Jn927xYPDThgripd7gE79LcR6R_dMXwn3oLEqqjNPxowMfpv3HsM4C4VJIV5xcNZ2MrlDJcEzPYiIgtGqZk4doa82tdXfQpfkjwelaosP4wRB2xa2ENeUWVECOZYUp9ZY8t5RScCpoM5yr76bwRHTu3E9fe7UbAQxXwRpe4SYEKomsVL7i7cIxmha2bWDWchxWINfv_FlnhGLZD_a4O1LofOk4SaBAYKTnWGCN87pI9A42Wh1x3IuNwFeorYQyONuDts-Zok8W5q-ZhJ_KLjqdEW1cwnQx8yA0_U__NizhWHH1H4-iYrVGZEHkreMaAXZ8DrToYy36C7fTlI-kA-OLjkOQR9_yz7e6_m_7jAJ1Wg3ZElNTsPQkdNrw-fYCwVwANmeZuICn8R2cGHafndgrHnTvQOr1csY2GSliW-xp73zDaT7nGzmwABZWu0V4kYsH3R6mpq-xnxKezb9JhufTxRRtg9GoxQCsnbWaMyWQvatoUyNZ9mXk_ne0Z4U2ilVje4xcIgcLD0vI6Srlw_6CzjYAEkKI0YT0HKZkCfA179JtjUL_Th6KMTuDO7447zhPV-Wf_xctf6-VpraTzL1WcH7nXg-66NR-BiB8kf0t96WjSngyse-hGmS_9jhy_nteKfGcmi07F2ZCMFIgukjI6_itXhLPLaIwEK2D29EGvi_uRhQGxwFnedMf_vTu326rF_GjPA0r0ituahVlrRGCguVArlEyjLc8EFUs5i8icudkvhBZWDTNxtZJ4ZVwnsOu7aNIcksrIRvXIC2XRGf-bREtwYLi8LSKxT3zWryC0sx2HWwgIkTMluC9lucH0pg7ZZP9yE-SU_Y4l4eENfdTchxpZ5NSh7i71wCE448NUT1K_qzgJDDKiOyZx85Wd0fuqSTVbmwqr7NRQnm9aGxFQwr2p6kP6o36PbXrlIpY9YAx8mvktHGKaK7rK1Ji_af3y8KeXpQeugR48_S7Ct2lPE5de3TDHeWhysnq9ZDX69tVogGBkfGs5sLbHfbU_KDuZOV_1mkqjOjFIfO7iD8nj6VTKEKnJLtAOP5lD_nWhhseRg5sH4ERbGOL98C5Pu9NGYZ6kSnjOscQtZtpfKcgFGCTO-MCv6DG6ND-77C4&cid=CAASEuRofOOXJIuoUASr5n2drLTrzQ&rfl=3%2Chttps%253A%252F%252Fwww.celebrities.id%242%2C%2Chttps%253A%252F%252Fwww.celebrities.id%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:33:21 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame E0C0 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 09:51:39 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame DBFB 4 KB
1 KB 10ms
9ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1438
date: Mon, 30 Aug 2021 09:49:50 GMT
expires: Tue, 31 Aug 2021 09:49:50 GMT
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 480
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E0C0 0
52 B 47ms
47ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvyX3Q70lONEPW2wm4oibTu4y_OE9AhTGwmdRE3gD6KpdHGPAnYUS_ueGTuYDA6bBTi1cr-7BQCypXGJ0ngr8wwJglDYGVgnF07y86LvDy9F3tnKGJ3pCft3gaLcefmn9CjZ1Q5bY8J2GUeLakPvsqqApTlWaqRD02k9ucDfvcxbUYvx-F98KCZEwQLoK5ZgloAyfJUWyEfT6IgY7Kmu5bFpc_jcojSBlEzspqrvnu2yDuwB63y3Jku5sU9s9txD6jD3mcZe9XlOPGsDz-GMSMZsJx_Gj4S8Ni8shv_b-Fh-fK0klzhEwXZV-s6cP4-EIIen74M9bGkkP8WT_X9hYBnY7x3efJToCxUMaj1zWREwXUdER47HQkCeNgLC5graU5qa2SufncqHDFXH6HxjDA_rcfL3ZyiCdL9aMLH2zGKtWXzKDKFzBoZQnL8oFns0248RZ53ngxgd6_84wp_vvYfYLEqLm-8LCFTnRXe_Kvp_y7Jv9H4ZGJVianRtg9d8x19ZMSw6pq39MrbUz5tAoXCrc2hwIu8uyRK475drxL35_J2OSJh9ATpE67AczK9YGYzehgeAUj8_fYv6vS-yV_pOJmoegb3fhPG68M1WOXkPU3kx0Z9LFH3PgXkdgOZ0P9uwjjMmdTGN1YZXdaP1NBVyiXW7tF48oHHnW8hfnB_xZkCLyeU-hHBDMcl5jLKLSt6okHLYAuq_7Kd3POiB-96SO2ntOn1VaikxKOQnTDwp75_lrDsQOGk91G2CEgijSYRKYTx9lS6xguTNJ7euVl8HljlunTKLcRWgjn3G91ythSIHC09CZcjt5GX__ODtnPW-uITcye-fK_RNOBswuzxi0OzCEODamS1LNXvp6pF24q3pOz5jtYxAoZAt2ENp80JhR8IPAZ8NV_HOTo-D1ip3z7IX6pYAV78S3sZ5hGqBe9DHtlRiDlyKmQsnahfQC5ReLRGN34FXSkzaxzLto9DSMqMPru2MoGW1vMlG2DmaKrmb9nhPW2kTy-Xom8oV1uULD2qzkwFrMUMX4DniuUaUdyorNwGZam4w8c_NRnsH4yjcxatF1SCsaw2I1GFgq8LA2z5oIrYVm9_Kx8s9fhURaXdJtSeeshOf-DsBGBrAmf1dr6beHvwkERO0RoAXA&sai=AMfl-YRQoqmNImsqb1G5nZEm_AnafFiqZ8AWXBhObJqJMhI0RSfRDCPdAhC7bgZL-IRdtmNAGL69mTc6sPOtk8Z7uViFmOEB8YRqgLOS53Ke1TNKD33LiC06OhanP3w_jKksO4pfaqx0cokS6f7H8uU6T4j74gc8Ow&sig=Cg0ArKJSzFIvl2VFCy_4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=44&cbvp=1&cstd=42&cisv=r20210824.56122&adurl=

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 30 Aug 2021 09:57:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 generate_204
www.youtube.com/ Frame EFFE 0
10 B 6ms
5ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?BW5oAg
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E0C0 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Aug 2022 08:44:04 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3FEC 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Aug 2021 13:41:14 GMT
expires: Mon, 30 Aug 2021 13:41:14 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 72996
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E0C0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a3d87d06ea2bcb123ea0326c452e1b9cc438618d5b5d532c99b1d3bf720d96a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B678 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIkclswyMREKxw-RpXh4FjU6dLB9YhPn2ZmFoHCp3lGsyGAeozQ_wkNQjVIj8Ux9u9zlUKMskYqqxZaTibOH5Ss72bXHeBareD-dQRFzoW0QC62zdy&sig=Cg0ArKJSzAO2zz-_KpJWEAE&id=lidar2&mcvt=1073&p=982,1130,1232,1430&asp=982,1130,1232,1430&mtos=0,1073,1073,1073,1073&tos=0,1073,0,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&app=0&itpl=30&adk=2214607045&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630317467673&rpt=1578&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame EFFE 0
21 B 15ms
15ms Ping
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=ugf0NhvcFTP97gTi&ei=nqssYeO_C5iA6dsPmK6d8Ao&el=embedded&docid=7x6QaCSA11Y&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082661%2C24084121%2C24090769&cl=393130916&adformat=1_5&seq=1&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.301:B,0.301:B&cmt=0.009:0.000,0.301:0.000&ctmp=cc:t.290;useVodTrack&afs=0.301:251::i&vfs=0.301:243:243::r&view=0.301:300:210&bwe=0.301:130000&bat=0.301:1:1&vis=0.301:0&bh=0.301:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 100 KB
101 KB 39ms
22ms XHR
video/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1630339070&ei=nqssYeO_C5iA6dsPmK6d8Ao&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ANhbQP75pmvP9nCmNd-spQH-TDXt0o2P6-s3UwVIT7fP&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=kK&mm=31%2C26&mn=sn-4g5edn6r%2Csn-5hne6nzs&ms=au%2Conr&mv=m&mvi=1&pl=47&initcwndbps=513750&vprv=1&mime=video%2Fwebm&ns=UWjy0oXa0xNTqMhvIvfxP_8G&gir=yes&clen=1036750&dur=27.600&lmt=1629420859255989&mt=1630317179&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6a0nRYuobFyJPw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAY_mJHvXczzthS29RudDHH1VKejN9HMIw8HgRpT48eECICwGgCbGGu3v91g0gca8aFuNGGDzmb8uQbRmI4PqDGTu&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfozXDKGOjFHtNWGS78c0rLdymorsgZ3GOK0ohD_ZkJkCIQDJHw9-fhWiDjuD4pvUX-0QY6akoP7Tw935V9h33T0F6w%3D%3D&alr=yes&cpn=ugf0NhvcFTP97gTi&cver=1.20210825.0.1&range=0-102633&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

099ed7fd19c3eb7395b1b74d3ce007066d3df30c883c23ed454e915d79a29def

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 09:57:50 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 102634
Last-Modified: Fri, 20 Aug 2021 00:54:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 64 KB
65 KB 25ms
8ms XHR
audio/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1630339070&ei=nqssYeO_C5iA6dsPmK6d8Ao&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ANhbQP75pmvP9nCmNd-spQH-TDXt0o2P6-s3UwVIT7fP&itag=251&source=youtube&requiressl=yes&mh=kK&mm=31%2C26&mn=sn-4g5edn6r%2Csn-5hne6nzs&ms=au%2Conr&mv=m&mvi=1&pl=47&initcwndbps=513750&vprv=1&mime=audio%2Fwebm&ns=UWjy0oXa0xNTqMhvIvfxP_8G&gir=yes&clen=401747&dur=27.621&lmt=1629420526376787&mt=1630317179&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6a0nRYuobFyJPw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgajdFQhHISW8NXRo1M01TNwUL4n6xV4083d3ZkOaCGfMCIQDymV6s9XKJRQGW5qBIiFzd6p2CFhAN1imClGQbR0zEEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfozXDKGOjFHtNWGS78c0rLdymorsgZ3GOK0ohD_ZkJkCIQDJHw9-fhWiDjuD4pvUX-0QY6akoP7Tw935V9h33T0F6w%3D%3D&alr=yes&cpn=ugf0NhvcFTP97gTi&cver=1.20210825.0.1&range=0-65852&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

059f3a39211d2205b593b73dd604ac3647331bf310f062b0962397d8a66830bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 09:57:50 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65853
Last-Modified: Fri, 20 Aug 2021 00:48:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame EFFE 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0341aa2b26637f24e2643104996111beb5fb458194480df74f5c24ee2fe5204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 17:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 145163
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29766
x-xss-protection: 0
expires: Sun, 28 Aug 2022 17:38:27 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame EFFE 63 KB
24 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eea8daf840b0cddd393b01340c8550fc46b6c23777f4007bce8d78ce949f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 18:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 143049
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24307
x-xss-protection: 0
expires: Sun, 28 Aug 2022 18:13:41 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame EFFE 26 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1fdb077ce4750084871daea443f7db5e10891c0b6262c3bc31be6cd8de0e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 09:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 174459
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
expires: Sun, 28 Aug 2022 09:30:11 GMT

GET
H3-29 200 annotations_module.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame EFFE 66 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70038b4e44057ef135c02813f11b9a67fd73e9e2f7ddd97c576169531f704821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:10:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 319647
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19754
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:10:23 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame EFFE 63 KB
5 KB 350ms
350ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c36e99ece9c1ed7b9585bd99b789f301203f1d6af8fd645829055aedffbce7e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210825.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgtpdXUzaGduRnRkdyid17KJBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5405
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E65C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 30 Aug 2021 08:44:04 GMT
expires: Tue, 30 Aug 2022 08:44:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 style.css
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame DBFB 1 KB
539 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 17:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 515
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 30 Aug 2021 17:45:03 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame DBFB 110 KB
32 KB 20ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1923430
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32828
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1b8f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uddk4KZFJq264GQx%2B95pOa37HSGNVN8OFuYJaH4pezRda8HL%2BKg5OMoQaUBLtEwfYluCTxdzkhFZrB4og9fj7xk%2FPTBEGiRwMaBe%2BB%2F7lC%2BWBOfBaZ0AwHcI4PpX12MGlv4bjZEQoziZO8AjUm2rDFNc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 686d283e6bba4ebc-FRA
expires: Sat, 20 Aug 2022 09:57:50 GMT

GET
H2 200 zepto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame DBFB 25 KB
9 KB 17ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 547183
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04043-6233"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJhznJmEJYHkwQ1rnUMirgMzbzcqP%2BgqBlCS7Eq8QC6UtIUlw23ddm4MK41Ntt78XEl1Svli8PuWUiOyIIAHbVIsUQXZY98pqsD30UPl%2Bdc%2BWs395iALgGO2JdztPpzkD6HrNrTJvCitQYAA92Kd0Ih1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 686d283e6bbc4ebc-FRA
expires: Sat, 20 Aug 2022 09:57:50 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame DBFB 1 KB
547 B 13ms
10ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 07:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 523
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 31 Aug 2021 07:26:04 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EFFE 4 KB
2 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3FEC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOZsOD8UwFKjvVcQ0vHikYQ&google_cver=1&google_push=AYg5qPIQg22xBjU4sxHwD7WrLAlLuyz4fcnB-QnZpkB7LEifp98byS9kzcjZF3Tu0epOpF1g1pVa_PGlFMPAoBu1YoyqPZQCHgMg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA1NjgyNjg1ODI3Nzk3NTc1Mg==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEG84ueCnh98ayD5UiwfZDZI&google_cver=1

43 B
407 B

22ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEG84ueCnh98ayD5UiwfZDZI&google_cver=1
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEG84ueCnh98ayD5UiwfZDZI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3FEC 0
104 B 131ms
64ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPRHY12eLaH7c7rag2MAWk0&google_cver=1&google_push=AYg5qPJYHKeki4bIkSUdk17Hv3zqxz9bHJhI2aYy_tv_hqIf1gHMEfJJj33NYSqg9pcE_8Ta7OvUnLNRFKWXo3zfBv3L867oCNeJ
Requested by: Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3FEC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELdVp1_ro54HoGHc-FLWm7o&google_cver=1&google_push=AYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHX...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELdVp1_ro54HoGHc-FLWm7o&google_cver=1&google_push=AYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1Ff...

43 B
425 B

179ms
171ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELdVp1_ro54HoGHc-FLWm7o&google_cver=1&google_push=AYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 686d28402a4142ee-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 16
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 686d283ecebf42ee-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELdVp1_ro54HoGHc-FLWm7o&google_cver=1&google_push=AYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLF7g6NdxWpVjTP_qufDS5UsGrJbkSYQYIKmFjJXXvJl6vfRxl2-0TTRQ9Nv669ndnCesGfIWlBnGJP959GtBvc97uW1FfHXg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3FEC
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEL5KieQbOM_1xcKAVuMWMP4&google_cver=1&google_push=AYg5qPK466E1yswwuJMgSpZDU7BlDDmzFX2Ztkaqp6x6XCRQbT44I91T9WA-63PdYVTCw...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPK466E1yswwuJMgSpZDU7BlDDmzFX2Ztkaqp6x6XCRQbT44I91T9WA-63PdYVTCwPPJ7gn-9wtvQiNWjazsWn7D9E9BWtj3Tg&google_hm=QVMybHpLZVpJS1dfd19GUG...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPK466E1yswwuJMgSpZDU7BlDDmzFX2Ztkaqp6x6XCRQbT44I91T9WA-63PdYVTCwPPJ7gn-9wtvQiNWjazsWn7D9E9BWtj3Tg&google_hm=QVMybHpLZVpJS1dfd19GUGQyMVZNcEE=

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPK466E1yswwuJMgSpZDU7BlDDmzFX2Ztkaqp6x6XCRQbT44I91T9WA-63PdYVTCwPPJ7gn-9wtvQiNWjazsWn7D9E9BWtj3Tg&google_hm=QVMybHpLZVpJS1dfd19GUGQyMVZNcEE=
Date: Mon, 30 Aug 2021 09:57:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3FEC
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBRsGUNeBx2tqrZT9ohozJU&google_cver=1&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf309Yt-J...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBRsGUNeBx2tqrZT9ohozJU&google_cver=1&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YsWy8p5_R_WsXVwGRiqOLw&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YsWy8p5_R_WsXVwGRiqOLw&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf309Yt-JihvfhIVw

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YsWy8p5_R_WsXVwGRiqOLw&google_push=AYg5qPLA9l3BasLuxdOdCj01eSWw0nKw9b89BzE1jmmVcYrwiLjm3S8SoQSF8j5WjG1HRp1STwx9L9lJhbn8Syf309Yt-JihvfhIVw
date: Mon, 30 Aug 2021 09:57:50 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3FEC
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPKh0SFE1Xsrq9J7a0djNAs&google_cver=1&google_push=AYg5qPKMuELRAm1HUtDVvZ_HpScqeJPML_u288S6yI-WuDWQYzJiHn2CsddspvGHhFJU2SWFQEIQTw...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKMuELRAm1HUtDVvZ_HpScqeJPML_u288S6yI-WuDWQYzJiHn2CsddspvGHhFJU2SWFQEIQTwQz0-RhwcrLaUZoNWIxo2odHA&google_hm=NjU1NDI2...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKMuELRAm1HUtDVvZ_HpScqeJPML_u288S6yI-WuDWQYzJiHn2CsddspvGHhFJU2SWFQEIQTwQz0-RhwcrLaUZoNWIxo2odHA&google_hm=NjU1NDI2NjkzMDI2MTgzMzA5OA%3D%3D

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKMuELRAm1HUtDVvZ_HpScqeJPML_u288S6yI-WuDWQYzJiHn2CsddspvGHhFJU2SWFQEIQTwQz0-RhwcrLaUZoNWIxo2odHA&google_hm=NjU1NDI2NjkzMDI2MTgzMzA5OA%3D%3D
date: Mon, 30 Aug 2021 09:57:50 GMT
content-length: 0

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 3FEC 42 B
233 B 321ms
102ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPhyCAD9A5RgKNLC4FetLF4&google_cver=1&google_push=AYg5qPIwQ3Pn1bAM071vJe2TOQ8go0nXopUI0BipfZkwVErrN8IFo7zc1nbTf2mEYa1eCt07gpQnlv1k_BdXZu0MFGAytC80OepP9w
Requested by: Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 09:57:50 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3FEC 0
50 B 27ms
26ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnheujPpXgrWA7OldcGGEG3jLQx_eWO-hGFH9wkntPrAPxJ3jrYw2F7AxY-POfP7OAyMA_BQ

Requested by

Host: c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
URL: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 129 KB
129 KB 17ms
8ms XHR
video/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e09ee9f85f7826f1191f6fd38144eb7ed3d28bbf6a27127af40f4245567899d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132504
client-protocol: quic
last-modified: Fri, 20 Aug 2021 00:54:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/aXBWtWY6XCWFGMTLHaPHJA/ Frame EFFE 4 KB
4 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/aXBWtWY6XCWFGMTLHaPHJA/featured_channel.jpg?v=5e1e9c4e

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7635eabd992c5eb5ee4bd90eeaf3387cd8a5d6eacf0b3f41dadba312ad7b545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:03:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6887
etag: "1579064398"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3765
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:03:03 GMT

GET
H3-29 200 hero.jpg
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 49 KB
49 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/hero.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f256d12de75913a1c9f9d402e145dfde8cdf1d8b219d28c7c2fb82aa189e46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:44:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 4427
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50369
x-xss-protection: 0
expires: Tue, 31 Aug 2021 08:44:03 GMT

GET
H3-29 200 outline_a.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/outline_a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 22:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 42676
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2923
x-xss-protection: 0
expires: Mon, 30 Aug 2021 22:06:34 GMT

GET
H3-29 200 outline_b.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/outline_b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 22:25:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 41564
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2906
x-xss-protection: 0
expires: Mon, 30 Aug 2021 22:25:06 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 6 KB
6 KB 12ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 14:43:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 69275
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5951
x-xss-protection: 0
expires: Mon, 30 Aug 2021 14:43:15 GMT

GET
H3-29 200 copy_f1_a.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 8 KB
8 KB 11ms
10ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/copy_f1_a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa80a0f28b948ff235be2e348a251844306bd8b9e2fc73b563774a997596be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 15:02:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 68128
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8423
x-xss-protection: 0
expires: Mon, 30 Aug 2021 15:02:22 GMT

GET
H3-29 200 copy_f1_b.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/copy_f1_b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e2ffd4b4a9a876c813d8482f3d9f5ea545a4b8eaa65bfa4593ebffc27ba10ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 03:40:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 22670
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
expires: Tue, 31 Aug 2021 03:40:00 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame DBFB 4 KB
4 KB 12ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 05:52:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 12:36:23 GMT
server: sffe
age: 14732
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4036
x-xss-protection: 0
expires: Tue, 31 Aug 2021 05:52:18 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame E0C0 0
23 B 30ms
30ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 69 KB
69 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1630339070&ei=nqssYeO_C5iA6dsPmK6d8Ao&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ANhbQP75pmvP9nCmNd-spQH-TDXt0o2P6-s3UwVIT7fP&itag=251&source=youtube&requiressl=yes&mh=kK&mm=31%2C26&mn=sn-4g5edn6r%2Csn-5hne6nzs&ms=au%2Conr&mv=m&mvi=1&pl=47&initcwndbps=513750&vprv=1&mime=audio%2Fwebm&ns=UWjy0oXa0xNTqMhvIvfxP_8G&gir=yes&clen=401747&dur=27.621&lmt=1629420526376787&mt=1630317179&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6a0nRYuobFyJPw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgajdFQhHISW8NXRo1M01TNwUL4n6xV4083d3ZkOaCGfMCIQDymV6s9XKJRQGW5qBIiFzd6p2CFhAN1imClGQbR0zEEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfozXDKGOjFHtNWGS78c0rLdymorsgZ3GOK0ohD_ZkJkCIQDJHw9-fhWiDjuD4pvUX-0QY6akoP7Tw935V9h33T0F6w%3D%3D&alr=yes&cpn=ugf0NhvcFTP97gTi&cver=1.20210825.0.1&range=65853-136761&rn=4&rbuf=4506

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

deb054fc409ce7b87cf5c802d26e0241ef5799e836b28572ea8c7838a48cc134

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70909
client-protocol: quic
last-modified: Fri, 20 Aug 2021 00:48:46 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E59B 11 KB
8 KB 24ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70335bc5e782d65f0586ac6b8ef5dbc684d248f2431dc65262ed4c8387bc2f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8551
x-xss-protection: 0

GET
H3-29 200 6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js Show response
pagead2.googlesyndication.com/bg/ Frame E65C 34 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13187
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:21:09 GMT

GET
H3-29 200 videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 142 KB
142 KB 9ms
8ms XHR
audio/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1630339070&ei=nqssYeO_C5iA6dsPmK6d8Ao&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ANhbQP75pmvP9nCmNd-spQH-TDXt0o2P6-s3UwVIT7fP&itag=251&source=youtube&requiressl=yes&mh=kK&mm=31%2C26&mn=sn-4g5edn6r%2Csn-5hne6nzs&ms=au%2Conr&mv=m&mvi=1&pl=47&initcwndbps=513750&vprv=1&mime=audio%2Fwebm&ns=UWjy0oXa0xNTqMhvIvfxP_8G&gir=yes&clen=401747&dur=27.621&lmt=1629420526376787&mt=1630317179&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6a0nRYuobFyJPw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgajdFQhHISW8NXRo1M01TNwUL4n6xV4083d3ZkOaCGfMCIQDymV6s9XKJRQGW5qBIiFzd6p2CFhAN1imClGQbR0zEEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfozXDKGOjFHtNWGS78c0rLdymorsgZ3GOK0ohD_ZkJkCIQDJHw9-fhWiDjuD4pvUX-0QY6akoP7Tw935V9h33T0F6w%3D%3D&alr=yes&cpn=ugf0NhvcFTP97gTi&cver=1.20210825.0.1&range=136762-281844&rn=5&rbuf=9382

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

36e5314743a4c2d4585d38ff69472e3152ccf589e8d6ae92ba25285d000b8c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145083
client-protocol: quic
last-modified: Fri, 20 Aug 2021 00:48:46 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E59B 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H3-29 200 videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 478 KB
478 KB 12ms
6ms XHR
video/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

28594f470644a16e7e157018f3151bdff9932481db7b9579f1c1857df684e652

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:50 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 489071
client-protocol: quic
last-modified: Fri, 20 Aug 2021 00:54:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 30 Aug 2021 09:57:50 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame EFFE 0
19 B 18ms
18ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=ugf0NhvcFTP97gTi&docid=7x6QaCSA11Y&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7x6QaCSA11Y%3Fiv_load_policy%3D3%26enablejsapi%3D1%26playsinline%3D1%26autoplay%3D1%26mute%3D1%26fs%3D0%26adformat%3D1_5%26color%3Dwhite%26loop%3D1%26playlist%3D7x6QaCSA11Y%26widget_referrer%3Dhttps%253A%252F%252F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%252F%26origin%3Dhttps%253A%252F%252Fs0.2mdn.net%26widgetid%3D1&cmt=0.07&ei=nqssYeO_C5iA6dsPmK6d8Ao&fmt=243&fs=0&rt=0.615&of=58U00nVrmKnA3BeBHnYMMA&adformat=1_5&euri=https%3A%2F%2Fs0.2mdn.net%2F&lact=640&cl=393130916&mos=1&vm=CAEQABgEOjJBS1JhaHdDaWdmaGpCWnZUWS0zeFZjTk5idVFXMURacEhOY2EtVUJhM2tmcVAtLW84Z2JSQVBta0tESjVSN2s2aWxuTGpMQy1HcEtDT3hjaXluZTFzZjZIT0lDVmlYV3c5WVhwaHN6VXhKWjFkcHkya1NOLWRibjkwUFJrb2kzaEV0RnZMdw&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=27.621&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082661%2C24084121%2C24090769&rtn=3&list=TLGGHv-K-AjwH6IzMDA4MjAyMQ&afmt=251&size=300%3A210&inview=0&muted=1

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 ptracking
www.youtube.com/ Frame EFFE 0
21 B 18ms
17ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=7x6QaCSA11Y&cpn=ugf0NhvcFTP97gTi&ei=nqssYeO_C5iA6dsPmK6d8Ao&ptk=youtube_single&oid=N4eEHPDd2YmpeE9B3TyXEw&ptchn=aXBWtWY6XCWFGMTLHaPHJA&pltype=content

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E1D2 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 30 Aug 2021 09:43:09 GMT
expires: Tue, 30 Aug 2022 09:43:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CAF0 783 B
533 B 17ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9819376d0e610916c75df4e1236e634e1c31d0f0a2ea861cd717f83d4eb265cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Xan0Ff8+z1WFnt5IkzZGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

expires: Mon, 30 Aug 2021 09:57:50 GMT
date: Mon, 30 Aug 2021 09:57:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5Xan0Ff8+z1WFnt5IkzZGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js Show response
pagead2.googlesyndication.com/bg/ Frame E1D2 34 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13187
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:21:09 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E65C 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BupJInassYdztO5yy3gPQ-pXwAwAAAAA4AeAEAg&bg=!fX6lfjrNAAZOkH6FTpA7ACkAdvg8Wsv0Ke1b1H-l4QJ6SX7DqC82c9lK_dv2htAsB4b7S-s6cWVlEwIAAAEKUgAAACFoAQeZAwUI3Vwfvbtla7MriVSsCcHSiVlOhTt6zy8jCMF5RngHrG-yrUy4KkuxdrSTLEy46AL3N9zAsY0rvVIOB1TvbkoP7F72_bdZxqCm2F6ehZqu3RKpRJvx5cJpm8IT_lGlMA7NciS4KStX6FXGD3Goy1r_MgApkL8RjR6CgwCtYlebQnEp-rgeCZ9x4YpfhLnLzIGE8YZclhfjO9aHSiXsko8yvhdbhHJIXkMpMByhDOY2orQ3H3bHD8kLIEZ5ozYMzpPy5HtG_sF0JwWT7NzroWmFp_79HOy9oq1AubB7uIQgy_9rr6XoUxYfj9Y2lldwWDfzVUKdBkneg6FvGmgB_IbwCPs1mZO5KdWi-4qL79LcO57OSyUARYAJ6dACIYa3C6_GuOj7qJHxlV5IrLFFTeTrlHvsqCnWEiPqguuPc28yxGGXKT096voCymV9W2Jh4tWqzqPRsB7da5G8adht-J6Un-B8_Cu_-GFIVaLF2KV2npdW8OMww6o2Za--M5uewbFWNAT2O2YafFqG4TuZKlzy8Ho8KUTLg7s3L-NfEDBu0GD0ZVTrYIN4gf0XBsjXxX_5aSO8OYScWeYYU62Fpw1xPClvuYmnfF1KvyCq034czhH198S8sTb6_NGbgX37WtT--EIc2cS9HRuTBpJtbAmMqzKpPnNUJWeTyhNyXtfO4cuttOEDTsFEhOMqmA9rdV89xrbGE-VhrY1nGI5TwZP93hQK5xZDm6SoI3_LEigX_UqS3yZpKFjhYObv96Q6q_iJfoyKrXDlX-dNjSliNkeQJ7n1X9mcqvEC_ChYawTOEDP7fmHfWjmkasW8Rd-kEUmnN2e3V6Ui04xjm4cR4xpk7Bq5evSuGZq2oVA5ftUak5PDgcq5T5_52CHcaKv7I25IKsmFWyKbK3bkKxbXXQKR2GgRDUlmaDF0qE8bdbUnI5bp0qJ4yhpArT2fpqf2Er_K5sx3NxtQ1kzdBQeeDZpdT-Uwfkq_LY74XefzfxHBkSTTknDqJKBEM07p52c7_zrTIfr6Yg

Requested by

Host: www.celebrities.id
URL: https://www.celebrities.id/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E59B 0
0 25ms
25ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=3649342536971400&bg=!fn2lfTnNAAZOkH6FTpA7ACkAdvg8WokPqv366sDoaA3VhqDG7XFe2cQyC8PdoFxaL6LeOwSc5lXPwgIAAACJUgAAAA1oAQeZArqtN92_yWSR_S7iG0NPdO6SzZDemisk-C7sudXsqVLTDZdUTW3tgUFqyUSEZVs3npszzN0gfyGPMs_iuVtBoczic7okbP4EibDCcIz08-ymmqfEZjGTVrHJXdyAf_DatZeTR9MnYlLkiK9yQyrJ9a1iUY5MJbBhX8-wPwJeR8rKO0ZH1aiHSMmZuIYnVV1uj8Cq6WAZbGCJLht9M01byyUa1bqxWtrC18m6ZYM1_SB6hQuCpMMZeF2tQGmAUwFqR6968ZnIqGWlnBQxY2mmccp9BirFeQZ-VKWaxWKT80THVhawIeutosauETACTcm9tRvoof_H_Qsm2uDfzjPCBGtRcNXUDaQ6LOHlR7YWT8qbXmyIgsnASJQHywHf05pVHL9tqBQHR1RlgDf02qc3m7oP5p_LUpFT95N-v-BJ-DIcXy68kqZ_CVrZrYwMFI833_ODjpc2PmyhqTx2fQa1MpGwy9J3R7B0Qm479RVoZlnLfPrubbK2LNSjm9WgTQ0RxrJiZYKe8_pElJrcZbxOhP6elDHaNmCydjyq6Qv2Mbj0EommedxwaQc7SFPtQRViDDFUHxcbRQkTWue4_O-oS05dVF2toG7LfheiEdo03HuaDeNxAtm7LbkNE0TvjIs0xhrd08F7HCdZbVvqMJyZ22Usl56pBfZcTfV-8O0sKUgBfxTrJuzHv4vpwL009ZZtxpu2GGmCH_15soAQs8duq5Vcn3gEvCkwXDuhpVmJqXcvFGZZwpSV92T6KFRbsSJFscgu5UPT2gud_EwcW2DuTI91A7jSHOIXPbR_RlKdvrwx8xL11m-rAsLIaVFloN1cQJg_8JFei70QN1KKzPN_iEYo_5BDV0PuLxnyU8pWfPiQx07kYveYCmnUKTqcHQx9x8mV_l993bxz-4NSacI_3widVGBANOSNFFIx-Q
Requested by: Host: www.celebrities.id
URL: https://www.celebrities.id/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EFFE 28 B
64 B 21ms
20ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtpdXUzaGduRnRkdyid17KJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630317469933&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C210&vis=1&wgl=true&ca_type=image&bid=ANyPxKof5SEz6OuihIdW-hUlAE_OQwTEvNF_3uAdFKZ_u6N-H2xz22LzOI30QegbqUFxA1t6ASU53p_TT1RzJe69jIUGspH_yw

Response headers

date: Mon, 30 Aug 2021 09:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:52 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

189b5dc3e6a549d1b31374a9d46293428c3773fee64410a712b4203fda2b7260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 09:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8449
x-xss-protection: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/9013027/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

12ms
11ms

Script
application/javascript

13.224.93.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-76.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:35:09 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: eD7eC_Ior2Ntrpct77Fmhb2YI9dkodVMKknJ39KowHLgqH9EXR5Kfg==

Redirect headers

date: Mon, 30 Aug 2021 09:57:52 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: HbGqgFBi_fASKrJuY2HSjD8B-Ih5kzJdOKOEJa0PvLBTbad4MlcVsA==

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:52 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E068 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 30 Aug 2021 09:43:09 GMT
expires: Tue, 30 Aug 2022 09:43:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 86A5 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

217e8e1863ab90f92bc29cc3cb3f19dc343eb4a92b32d96151a47dda0439ec59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hI6+WHLj36RCANqxRtdtJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebrities.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.celebrities.id/

Response headers

expires: Mon, 30 Aug 2021 09:57:52 GMT
date: Mon, 30 Aug 2021 09:57:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hI6+WHLj36RCANqxRtdtJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js Show response
pagead2.googlesyndication.com/bg/ Frame E068 34 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13187
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:21:09 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 33ms
33ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=3214022336821162&bg=!Xl2lXRnNAAZOkH6FTpA7ACkAdvg8WspznwyTKjEGYdGu_BqmF2gl53VLOlCvfYPHEPir2w9AuXOPTAIAAACRUgAAAAxoAQeZAnB0VkhttG5KlURnOY0CWHsKXbyoR561OTHVSLFtAs1iFX-QbXTK6_BYonc2HzDBnjRNhs3hCuGeQMAnH4NenH4XpovFOX86OPCTQ4mnQV9rBHH-mMtzPLlgxDr-gsm2Uu5Vr5h9FLC5baaH-vui_XwxX6hMUm-5sj_0kdEF0mAW5y99D8uVNqAz-BsXqcXgmSM9b4HeJxNNAJVj8hpKcKOLV8EcE_Mbe7YIiB_d_ye_hXBZHs-djFrag9PZ5WP-APK6azflRP8uHF-ZX27BnuZGwJbaDndLGtm34qxPp-LChULG0Yr395WQEiH9rgK8xYuTQWe6QXBBstzWifM7NQIQmgAGs1Wgr7inaPCZC6LjQLq5RpdYIE1dwS9fkhdcuyit19QoxWQE2_NG3Ako8OpTUqUikW_8bfeFvLou7rjU8aBOOdoYnlxTHQByj9MB364ZfN3hCJsCkbDB5W75RKB75U04jE-YzibCfJku9NUdLnL93CEvrFDNbk0xR_b29xFbMQ7cWSqfEtST3tqXIpZWv0dG9HDqZoGObUXNJWCHSlW-8ndYchxd3oLplBx4ohdkSap_vV_dFcjTn7YQay2jJQwiLl5YhOpcAIRWYTVCnhaEDMPTPKn7p4R4KKjflenw3dDzUq9u2WocanCtitqbiSHmcUCV9p-L2sJX0uV2oS-AAz7YjSniCOu9GQG0WcGvYn7UhyEZWzmHa_Y-2qHrQkDiUO7H27EpxccRD5B_N4efFbthTguiNYvZOEDOxyQOUWKqqLHTXy1tIhIej1Er00vLdH0aBDvW0oS8KQhH14OUW-uIJ22sIsgez2-oMUc
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.celebrities.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 204 watchtime
www.youtube.com/api/stats/ Frame EFFE 0
21 B 14ms
14ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=ugf0NhvcFTP97gTi&docid=7x6QaCSA11Y&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7x6QaCSA11Y%3Fiv_load_policy%3D3%26enablejsapi%3D1%26playsinline%3D1%26autoplay%3D1%26mute%3D1%26fs%3D0%26adformat%3D1_5%26color%3Dwhite%26loop%3D1%26playlist%3D7x6QaCSA11Y%26widget_referrer%3Dhttps%253A%252F%252F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%252F%26origin%3Dhttps%253A%252F%252Fs0.2mdn.net%26widgetid%3D1&cmt=2.46&ei=nqssYeO_C5iA6dsPmK6d8Ao&fmt=243&fs=0&rt=3.001&of=58U00nVrmKnA3BeBHnYMMA&adformat=1_5&euri=https%3A%2F%2Fs0.2mdn.net%2F&lact=3026&cl=393130916&state=playing&vm=CAEQABgEOjJBS1JhaHdDaWdmaGpCWnZUWS0zeFZjTk5idVFXMURacEhOY2EtVUJhM2tmcVAtLW84Z2JSQVBta0tESjVSN2s2aWxuTGpMQy1HcEtDT3hjaXluZTFzZjZIT0lDVmlYV3c5WVhwaHN6VXhKWjFkcHkya1NOLWRibjkwUFJrb2kzaEV0RnZMdw&volume=100%2C100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=28&rtn=13&list=TLGGHv-K-AjwH6IzMDA4MjAyMQ&afmt=251&idpj=-8&ldpj=-24&rti=3&size=300%3A210&inview=0&st=0%2C0.07&et=0.07%2C2.46&muted=1%2C1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:53 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 delayplay
www.youtube.com/api/stats/ Frame EFFE 0
22 B 15ms
14ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/delayplay?ns=yt&el=embedded&cpn=ugf0NhvcFTP97gTi&docid=7x6QaCSA11Y&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7x6QaCSA11Y%3Fiv_load_policy%3D3%26enablejsapi%3D1%26playsinline%3D1%26autoplay%3D1%26mute%3D1%26fs%3D0%26adformat%3D1_5%26color%3Dwhite%26loop%3D1%26playlist%3D7x6QaCSA11Y%26widget_referrer%3Dhttps%253A%252F%252F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%252F%26origin%3Dhttps%253A%252F%252Fs0.2mdn.net%26widgetid%3D1&cmt=4.194&ei=nqssYeO_C5iA6dsPmK6d8Ao&fmt=243&fs=0&rt=4.734&of=58U00nVrmKnA3BeBHnYMMA&adformat=1_5&euri=https%3A%2F%2Fs0.2mdn.net%2F&lact=4760&cl=393130916&mos=1&vm=CAEQABgEOjJBS1JhaHdDaWdmaGpCWnZUWS0zeFZjTk5idVFXMURacEhOY2EtVUJhM2tmcVAtLW84Z2JSQVBta0tESjVSN2s2aWxuTGpMQy1HcEtDT3hjaXluZTFzZjZIT0lDVmlYV3c5WVhwaHN6VXhKWjFkcHkya1NOLWRibjkwUFJrb2kzaEV0RnZMdw&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=28&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082661%2C24084121%2C24090769&list=TLGGHv-K-AjwH6IzMDA4MjAyMQ&afmt=251&size=300%3A210&inview=0&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 atr Show response
www.youtube.com/api/stats/ Frame EFFE 0
56 B 17ms
17ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=ugf0NhvcFTP97gTi&docid=7x6QaCSA11Y&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7x6QaCSA11Y%3Fiv_load_policy%3D3%26enablejsapi%3D1%26playsinline%3D1%26autoplay%3D1%26mute%3D1%26fs%3D0%26adformat%3D1_5%26color%3Dwhite%26loop%3D1%26playlist%3D7x6QaCSA11Y%26widget_referrer%3Dhttps%253A%252F%252F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%252F%26origin%3Dhttps%253A%252F%252Fs0.2mdn.net%26widgetid%3D1&cmt=4.605&ei=nqssYeO_C5iA6dsPmK6d8Ao&fmt=243&fs=0&rt=5.145&of=58U00nVrmKnA3BeBHnYMMA&adformat=1_5&euri=https%3A%2F%2Fs0.2mdn.net%2F&lact=5170&cl=393130916&mos=1&vm=CAEQABgEOjJBS1JhaHdDaWdmaGpCWnZUWS0zeFZjTk5idVFXMURacEhOY2EtVUJhM2tmcVAtLW84Z2JSQVBta0tESjVSN2s2aWxuTGpMQy1HcEtDT3hjaXluZTFzZjZIT0lDVmlYV3c5WVhwaHN6VXhKWjFkcHkya1NOLWRibjkwUFJrb2kzaEV0RnZMdw&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=28&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082661%2C24084121%2C24090769&list=TLGGHv-K-AjwH6IzMDA4MjAyMQ&afmt=251&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1630317470023&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C210&vis=1&wgl=true&ca_type=image&bid=ANyPxKof5SEz6OuihIdW-hUlAE_OQwTEvNF_3uAdFKZ_u6N-H2xz22LzOI30QegbqUFxA1t6ASU53p_TT1RzJe69jIUGspH_yw

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 305 KB
306 KB 8ms
7ms XHR
video/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

15bb591f3d48b304e80e558ec5f0f97f56105430941e7290224a6fed2143f8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 09:57:55 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 312541
Last-Modified: Fri, 20 Aug 2021 00:54:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21295
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 30 Aug 2021 09:57:55 GMT

GET
H3-29 200 videoplayback Show response
r1---sn-4g5edn6r.googlevideo.com/ Frame EFFE 117 KB
117 KB 7ms
7ms XHR
audio/webm 2a00:1450:4001:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1630339070&ei=nqssYeO_C5iA6dsPmK6d8Ao&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ANhbQP75pmvP9nCmNd-spQH-TDXt0o2P6-s3UwVIT7fP&itag=251&source=youtube&requiressl=yes&mh=kK&mm=31%2C26&mn=sn-4g5edn6r%2Csn-5hne6nzs&ms=au%2Conr&mv=m&mvi=1&pl=47&initcwndbps=513750&vprv=1&mime=audio%2Fwebm&ns=UWjy0oXa0xNTqMhvIvfxP_8G&gir=yes&clen=401747&dur=27.621&lmt=1629420526376787&mt=1630317179&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6a0nRYuobFyJPw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgajdFQhHISW8NXRo1M01TNwUL4n6xV4083d3ZkOaCGfMCIQDymV6s9XKJRQGW5qBIiFzd6p2CFhAN1imClGQbR0zEEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfozXDKGOjFHtNWGS78c0rLdymorsgZ3GOK0ohD_ZkJkCIQDJHw9-fhWiDjuD4pvUX-0QY6akoP7Tw935V9h33T0F6w%3D%3D&alr=yes&cpn=ugf0NhvcFTP97gTi&cver=1.20210825.0.1&range=281845-401746&rn=8&rbuf=14057

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cdd8f285fcbe2205f56837f0474b7a873726fca4b09cbad8d7589b6d74e8c9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:57:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119902
client-protocol: quic
last-modified: Fri, 20 Aug 2021 00:48:46 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Aug 2021 09:57:56 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EFFE 28 B
63 B 17ms
17ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtpdXUzaGduRnRkdyid17KJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630317470023&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C210&vis=1&wgl=true&ca_type=image&bid=ANyPxKof5SEz6OuihIdW-hUlAE_OQwTEvNF_3uAdFKZ_u6N-H2xz22LzOI30QegbqUFxA1t6ASU53p_TT1RzJe69jIUGspH_yw

Response headers

date: Mon, 30 Aug 2021 09:57:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Aug 2021 09:57:57 GMT

GET
H2 200 dc_oe=ChMIvbzI7L3Y8gIVcxWLCh1FNArmEAAYACCr5J5IQhMI152E7L3Y8gIV0zDgCh1p-wzm;met=1;&timestamp=1630317479361;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5DE1 42 B
515 B 100ms
53ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvbzI7L3Y8gIVcxWLCh1FNArmEAAYACCr5J5IQhMI152E7L3Y8gIV0zDgCh1p-wzm;met=1;&timestamp=1630317479361;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:57:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame EFFE 0
56 B 14ms
14ms Ping
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=ugf0NhvcFTP97gTi&ei=nqssYeO_C5iA6dsPmK6d8Ao&el=embedded&docid=7x6QaCSA11Y&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082661%2C24084121%2C24090769&cl=393130916&adformat=1_5&seq=2&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&user_intent=0&cmt=0.611:0.070,1.362:0.822,10.001:9.461&vps=0.611:PL,10.001:PL&bwm=10.001:1438497:0.443&bwe=10.001:3493088&bat=10.001:1:1&bh=10.001:27.600&df=10.001:1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:58:00 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMInLCt7b3Y8gIVHJl3Ch1QfQU-EAAYACDY6JBJQhMI3Myb7b3Y8gIVqOi7CB0syQjJ;met=1;&timestamp=1630317480603;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame E0C0 42 B
107 B 53ms
53ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInLCt7b3Y8gIVHJl3Ch1QfQU-EAAYACDY6JBJQhMI3Myb7b3Y8gIVqOi7CB0syQjJ;met=1;&timestamp=1630317480603;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 watchtime
www.youtube.com/api/stats/ Frame EFFE 0
54 B 14ms
14ms Image
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=ugf0NhvcFTP97gTi&docid=7x6QaCSA11Y&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F7x6QaCSA11Y%3Fiv_load_policy%3D3%26enablejsapi%3D1%26playsinline%3D1%26autoplay%3D1%26mute%3D1%26fs%3D0%26adformat%3D1_5%26color%3Dwhite%26loop%3D1%26playlist%3D7x6QaCSA11Y%26widget_referrer%3Dhttps%253A%252F%252F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%252F%26origin%3Dhttps%253A%252F%252Fs0.2mdn.net%26widgetid%3D1&cmt=12.46&ei=nqssYeO_C5iA6dsPmK6d8Ao&fmt=243&fs=0&rt=13&of=58U00nVrmKnA3BeBHnYMMA&adformat=1_5&euri=https%3A%2F%2Fs0.2mdn.net%2F&lact=13026&cl=393130916&state=playing&vm=CAEQABgEOjJBS1JhaHdDaWdmaGpCWnZUWS0zeFZjTk5idVFXMURacEhOY2EtVUJhM2tmcVAtLW84Z2JSQVBta0tESjVSN2s2aWxuTGpMQy1HcEtDT3hjaXluZTFzZjZIT0lDVmlYV3c5WVhwaHN6VXhKWjFkcHkya1NOLWRibjkwUFJrb2kzaEV0RnZMdw&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=DE&len=28&rtn=23&list=TLGGHv-K-AjwH6IzMDA4MjAyMQ&afmt=251&idpj=-8&ldpj=-24&rti=13&size=300%3A210&inview=0&st=2.46&et=12.46&muted=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7x6QaCSA11Y?iv_load_policy=3&enablejsapi=1&playsinline=1&autoplay=1&mute=1&fs=0&adformat=1_5&color=white&loop=1&playlist=7x6QaCSA11Y&widget_referrer=https%3A%2F%2F365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com%2F&origin=https%3A%2F%2Fs0.2mdn.net&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 09:58:03 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rstatic.akamaized.net
URL: https://rstatic.akamaized.net/fta_rcti/logo/placeholder.jpeg

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 06:13:33	Name: IDE Value: AHWqTUlOlsLRLUgghzL3GAGfxII-6zFqvFd0RK_ZHDJPN21y3CthIH3RXWQVEEhd
			.celebrities.id/	1970-01-20 06:13:33	Name: __gads Value: ID=263368a6cd7b49bf:T=1630317467:S=ALNI_MbhOXHRqXdQQr11X-MTaVfwFRBxGQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.visionplus.id/watch/video/widget-dark.html?fr=cb(Line 189) Message: params ==> [object Object]
console-api	log	URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/main.js(Line 32) Message: 3.75

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .celebrities.id .mnctv.com .okezone.com .sindonews.com .inews.id real.rctiplus.com pwa.rctiplus.com ssr.rctiplus.com dev-ssr.rctiplus.com rc-ssr.rctiplus.com rctiplus.com dev-pwa.rctiplus.com rc-pwa.rctiplus.com dev.rctiplus.com rc.rctiplus.com dev-news.rctiplus.id rc-news.rctiplus.id news.rctiplus.id m.rctiplus.com rc-webm.rctiplus.com .mncgroup.com .mnctrijaya.com mnctrijaya.com .gtv.id .jobsmnc.co.id mnc-insurance.com .mnclife.com *.sin.do dashboard.vidy.com vidy//-
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d095d4de81945618c6db330692e71f7.safeframe.googlesyndication.com
365c410b9a8b09188a14b345f827c85b.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ade.googlesyndication.com
adopdmp.adop.cc
adservice.google.ch
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.rctiplus.com
backfills.ph.affinity.com
c4ff91f9d600b3b4be23945d6a99f241.safeframe.googlesyndication.com
cdn.bukamatanews.id
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
compass.adop.cc
data.adop.cc
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
img.celebrities.id
match.360yield.com
pagead2.googlesyndication.com
r.turn.com
r1---sn-4g5edn6r.googlevideo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rstatic.akamaized.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.adriver.ru
static.doubleclick.net
static.mncnow.id
static.republika.co.id
stats.g.doubleclick.net
tpc.googlesyndication.com
visionplus.id
www.celebrities.id
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rctiplus.com
www.visionplus.id
www.youtube.com
yt3.ggpht.com
rstatic.akamaized.net
13.125.178.116
13.224.93.123
13.224.93.26
13.224.93.76
142.250.184.226
142.250.185.162
142.250.186.130
143.204.98.68
148.72.153.139
172.217.23.98
174.137.133.49
18.157.193.56
185.86.139.93
2.18.234.21
2001:678:cb4:bbbb::11
202.147.193.147
202.147.193.157
23.111.9.64
2600:1f16:bc:1200:12c9:9b3f:59c2:c9a1
2600:9000:2156:5800:18:69f:d880:93a1
2606:4700:10::6816:21af
2606:4700:10::6816:2cd3
2606:4700:3033::6815:ded
2606:4700::6810:125e
2606:4700::6812:d05
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:e::6
2a00:1450:400c:c06::9b
2a02:26f0:6c00::210:ba22
2a02:fa8:8806:12::1400
47.246.43.227
81.222.128.214
00837ac2548b0490ce3c9074494590017ddd282318a842780b90050e1743335d
02ef0dc4e64e5f35a7f473ee606c8b8d76060ce6ffd23235e4d06d5c064b4a5d
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
059f3a39211d2205b593b73dd604ac3647331bf310f062b0962397d8a66830bd
08e9fa6f89f27bf0c7873b646e795c101552b7784759b7093390246dced5f627
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
099ed7fd19c3eb7395b1b74d3ce007066d3df30c883c23ed454e915d79a29def
0a5742e2d705210e21bf2a7ddbcd792baa551689aa45c03edbe89886aba787c0
0ac8ab7f90ba98eb6d59983b09d5e01e30159a638e6d29128bdc04872890f5c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d980578554151c34bc4e73b3e73f6b33b6bc726927ca49544de80e62805a398
0dc4844afd53b83d55ac46c02d2ce1bcd5324d2e4c406be4c7a44b2d70b59c1d
0dee1b91d9349b743141fa228783f87e02fc2be7996251972f1813788d799482
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15bb591f3d48b304e80e558ec5f0f97f56105430941e7290224a6fed2143f8af
16611b345bbc58d2c621e71f9ade0e93c34ad82b702202b4906f7e18309be6ee
16999b5ac31a53bf0ce2bcd42316113ee7c09404190ea4582512ec51477e4966
17cdf4aa92406d8526415ad620b80f4630d036a13438a28754bd5f60be01ac82
17d7c12506153bc4ddaaadb96bca0e8fb9b94e30ed605fd3ee636cbefcc039db
18894931a6a8e57be3d62c9fbc2c563aa14b1e0a606574892e71b6c986557480
189b5dc3e6a549d1b31374a9d46293428c3773fee64410a712b4203fda2b7260
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1db64f44a52b90c2efa7721ae6c60b811e54d7577cc62da0ced65681d1a75106
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
1f8361895e5a7405efe980b5dd1ba4dcdffdbfabfb895af4fe675f54786dec72
1feb0419db2624bbc7272f0c0acc97ee84acb48c7e6d444a5f973fef67a0a181
1ff5a99b881a72f25dc80a7e9096736288c5eece39b50349cffed0857405fc87
2095f3023e5c8717fec24d0fc044e435d1ad077544a00f5d4194085b17a56b27
217e8e1863ab90f92bc29cc3cb3f19dc343eb4a92b32d96151a47dda0439ec59
22b488856f928e6994535d507aee898a9c8d32b23c1e35aa8e8a79c0823ace6b
23b13db9d37d9e1f596d2ce603ee299f11eb8f4532d8d876b689e64b42ea4819
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
27ed1693e453fde2f1b355d808bc61307c6041ac03a5faaf5ce6a70673f608d2
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
28594f470644a16e7e157018f3151bdff9932481db7b9579f1c1857df684e652
295fcbd1064ce4bb952dad41d6f4587106396e28efeff9da70ee82270cc04eb4
29e5689426719aa1c3ba710129511bc9eec4ac17fcf943c1aa14d4433dbbb5eb
2a1ec7352d803617f674dde77d88b2a1b5aae528bf329fe6bb50a0483fa3e114
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d6e812cc651e24c39e2d6f73c0cdeceddffe9f3b285e6cd25ed820104bf3bee
2e2ffd4b4a9a876c813d8482f3d9f5ea545a4b8eaa65bfa4593ebffc27ba10ab
2ee45bdbda623e1673c5e6a21a6a7104725ca0b276fbfa98215a2d21b882805e
2f85cb25fd27073a73550affd050eb97db90b8472d2c3ff7ec405c890876b37b
2f9fbe8e064ad627b296a9bad5d75303df37bc45c09f6d550d5266cfb1ce6124
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
32d0fdf19a843ade02b57a836592c64b21468db1d8851e40eb234761ae3eeb26
363c3bc1ac19ffc068c4dba32517a4a40cabfd704270b42fc9283f10bba3c269
36e5314743a4c2d4585d38ff69472e3152ccf589e8d6ae92ba25285d000b8c70
383c76994b3c50b0596858a668f987c6aecef5ac739636f504d8bfe26be8f42b
39ad819825e50d0bbbd06835108e67ab250f345e7c3221f1c946150e89555433
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f74fd19d40d63cd84300374b85569977308c408d07971d63160c1a2c2f3a4f
4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43825f37f7e40683ee445d67694a9da47013b9d36e40d8c8d2db7a2518fd6930
4425a1d0673859a098bbe515681147bdca5ed3062f98ba74bd7b372024098bd8
4475283f8579db9c45fda75116c0de1fff190cd7af01f3ad1541c0ca4e1b4259
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491430c9085ac480842f5a4755dd800f62fdf3bcf39cedc8ed67622a39acc9c5
4ac4bfde5635c1dd8367076d6e5d88a7206d841171e28a52435a0e48d9346236
4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94
4d8d71d893ea2edf609623b6f3d1b8ba6c8e81d24a6d5071d0abf2837093cee1
4f256d12de75913a1c9f9d402e145dfde8cdf1d8b219d28c7c2fb82aa189e46e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509ad252be6b42da4d1b4c0eeaca785fd1f53b092e0e870f1fedb4ae92bf62c4
523b30a5d64524d2cbe842097b64c0d94d2c96af79b620a763e2931ea2035840
527a5b41bd0b1439e40087f9912b527ab67e1d6aedd1f83206ad31ddde239a50
527fdef4dcd3453f15bc932c77af3aa9716be82565e7fb34178376527fef0637
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
560c51f7d52eb7f7d0ab8b4246e7f9c767b1ad9a7d8b02aefd09eddab83a2a3c
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
5a1920b835fcaed3b2fca1ee1cabc37e2a28036f7050d04e66d10d69a35534a7
5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b
5cb9a7caf90e08afe1af99f3998a36830f3e5748be0cd6278d4543683ec53129
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
66fe91a234bf12d1d3bfdac5b49bd9669525bb5486769f0246fc79a6a93df70f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a86453d40b43cc2b6c1c05e68a69d1bfd324a690ed353845928254395168a16
6abd06ca6855b2c1ee326b090f1acd2b09b9625520bc336f18a0ca091805b096
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5e25d2f74c0641299178addade159556ba9ebbb614e26ae2a67c2285410bc3
6ca6012a65b0fc4e1d333c8f8a2f7c4089e13cc3b0ced4e4c909b675663d579e
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6dfdb3dcf041889201221787e2d829bfbcb2c16ef58f5ef624689302aa0d9462
6ff4c52d2af6ab3b4e6967562a79a5a3ef4c2f92043a23b8a55ad5125ac6aaff
70038b4e44057ef135c02813f11b9a67fd73e9e2f7ddd97c576169531f704821
70335bc5e782d65f0586ac6b8ef5dbc684d248f2431dc65262ed4c8387bc2f82
7118225afa4389897e720dbd6c7e051ae0ca3a02a6f282038a396752efc1803a
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
78087ce5a74feea08ecbe04670f3c52b310df50fb6068ca061df4787097147bf
788716458f3ebb8c72175fbb536313d1c63fe4253b7ffe17b18309d660053bd3
7a3d87d06ea2bcb123ea0326c452e1b9cc438618d5b5d532c99b1d3bf720d96a
7d05900f5e3057d44472fa0c73de38b01e40d0de24f5c6ecba28290e8b01f917
7e170ad1f13066ae14d5ec30429a3be3940778a6dd975094320d240478b65198
7ed0b74a265f1f388ac886c309e2ed816fa91f5b11c71887ff25e31160aa644d
7ee15f832f81926fff08ddd9e9b777047cdcb25238cabb39905e717ff97d3395
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f
866ec5ec415c280ceef46f8fca6e78fb0a3e3fc5f9654c01e134c18a018989c0
88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c
8928d4579251bfbba084fa9a26fbd220df1f1eb54a44e27d5cee506aec1ed017
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c168be4c6d3fe655e7c5524cd9fcd5cbf4a0a23f4481840b39561ca250f5ef7
8c42593cbeeb3520a5446bd1a3505afd2c4b600bf3644acf99706a9ccd136b47
8c7b1ab183e5e16199a0a8967d252b71902e8273408ed57d6858eb1fabf9965e
8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330
8d43f2afd20825bd35fc830a2752d475c78bac7caf38ca888266af5936ae04e8
8db951f0a4e285acd1cc82d3b93714a68326469d485955e47e13724b2b58a1e9
8e1fdb077ce4750084871daea443f7db5e10891c0b6262c3bc31be6cd8de0e92
8e25aeec36a1886a746ff6ee9846f8a93f24f30f4182c719f66584b1ee9627c5
9113c8aba03009541936b2156bd65daf7c090f86b2a6978346d300ce87712cb4
923801d97fecf4aa132dfb062d44b8c4757038e16aceb803a373af4a2c82d2ee
938da2edd0413611f031c92120e4339664ff13461abb28d4713a06939764a761
93a8c8101d6f5c8dda35df74d73975a423d27cf01a4ca1939c794f2be446f609
943e399ee5b2f550e101685962d525866d8ce2473cc47d8f718e392126d2e4d5
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9819376d0e610916c75df4e1236e634e1c31d0f0a2ea861cd717f83d4eb265cc
998344ab7cab863c6af1d56a302e950606771e476634d15297e8ab66b371b1c2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2
a07143d40e4dbc6890e461d985eab15593ba37aa662d060963ab9ce76b233ccd
a093ef19c590c390717a0743b68b3ae832e6a801d31c325cb273eae2408a2bff
a0ea8401ab33b2033782599480d95b9e45826c4bf27d3f9d2fb6723a5b791373
a200de114d432846f05e8d78b8158d883577e7d3f194c505815ba28b6386983c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27a31d2cbfa962fdccb0db1257640f51171b98501f0fe7cf99381929eec42ee
a3ed5869ca71844a2d3c1fda1b1f703c6ca01253045c4f884e73a447890667d8
a478c8ab31224ac8d4e5af2196f661ca27d55b71c9cfb429f825ca6fc1dee94e
a48c06082cb31ddfbd2638a6c5f78faa180a4a3fa355672137b5a6bc0a2d608c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6616a314f5b3069586a85f0c553bf24f1717e168b55b790fe69ca52e4a96520
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7819c64cb4abaf9e6a00cad4bcd80ec76241ac96e709f7ae85c1fbcbdc64c3f
a7dc2ee42f3d2be83f619f97b4272989c7a39c55502888d9250bc1e278f2fabe
a8c419ff0603ffa41a17c9ab73f3a10588bfa4bbd5f9e75feb8eec7fd78dbd8b
aa2208aa582e5d35622541e1d651acc36f40837d1ef65fd581dc031ffd962229
aeae7a4201eef0759aca02a6555c91259b3597c5a517512fb1bd29086760be5a
b0341aa2b26637f24e2643104996111beb5fb458194480df74f5c24ee2fe5204
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b0dc90afe31208b1a7dbf1b54f6db85a7d7a1b6b68b5cf1b9bad6e7429f0f719
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e53744547d3d6b3a8399a0764e4baa3a5dfa50ddca4e9676faa6017545ccda
b2032cc9893f54975ce0116eaf05e77ba80e3c555a1015bd67ce83bbe97e016b
b21c219451df5ab4fdcf66e9106bbeaa4e1167b035a79248167127d7ac53890b
b28121ba48d6aef573b0ab9c0eb73c3d63250b1c98a3b10adb188dba9b41bc5c
b282e38efcf6da08c218496dfe702bdc57694feb8304ec48d022c5a8a7fd4a35
b640745fbcafad5568d185b436f7b094396b41bde381b8902568249e970fbeee
b6a990956c0559ce3119e5167b1f3ce23383ebb8281f4aa66e74385aabb5a4a8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8bcb70d8bc4cb5df38f0bcfc485d581fab8ba56feca667cdfa7c057a624f568
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
ba1eaa4937c5fdc431e6ea3237dc74df59e877d2ad2495ff7380b75b07f60ffe
bade0190d86b508a2ca2d55dbb6657b8804b176455ed9534d8c6319b84b0b883
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc800bccbae470f5a5585c4442be710af68620e83f185fc8e567b64f1eef641a
bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03
befeefbc5911d298c40f271d099f15c108d43103226fd9b3397df9fc46789376
bf120d075610ffee44ca86c8a1cf8bb04d5ccea626469006dfa3487f1b3619bb
c1d677e8dcb3c1d100f159f73a193735452747f1d223e4e585b8e0eb71a29da5
c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c
c2bc4d55f9e40b0e324502a79443dcbc026639adc7b4c2552160376cf733c119
c307f94c94142e8094ae311b6b9a7faba61069b91dc672132f67a7e76596a27d
c3114a61f0b8a8c410deb9fa4485cca447acfdc780220e875afd062137f7a3cc
c36e99ece9c1ed7b9585bd99b789f301203f1d6af8fd645829055aedffbce7e8
c7eea8daf840b0cddd393b01340c8550fc46b6c23777f4007bce8d78ce949f6f
c814ca188a2de5039a11e505dbcea0632cb9f1a2332e4ece68ac26ac04dfa0bd
ca33eaaf6e5f4e943930a162e36d0efeefaa14b1aaddaf9b258416208b55deb6
cc040dd20b4b22dd9ca908491ae1298bdbcb48ad17bbdc73029a1741b0bee78c
cdd8f285fcbe2205f56837f0474b7a873726fca4b09cbad8d7589b6d74e8c9fc
cfa80a0f28b948ff235be2e348a251844306bd8b9e2fc73b563774a997596be8
d099b0a366ac52985cb242a87dcea74b1493340e8be56ac72b76ba823f3d011e
d70d60cb02044ea018840b8e1cb0cf364696310213d30e47889c73d5d3f675b4
d73ebdc8c04ca18ab091dd2037d638c66e6572c401bc93fd66f6d4e5635ebb04
d76bb30b11a82a9f8a9038935266c3df95175948d4a8fbb8005a978d902fa84e
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d812918a9d3e46c217aeeb6538fb49254936f1fa375f1f81d26f2ba593d15706
db61febe18f0bdf62c8edd7896879292c56b57aa55c11bc455b732be87d85f24
dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de892c1c47ad0c87b7e7f667feca457d4a79f81455cd8ac5221faf47f5fa5391
deb054fc409ce7b87cf5c802d26e0241ef5799e836b28572ea8c7838a48cc134
e09ee9f85f7826f1191f6fd38144eb7ed3d28bbf6a27127af40f4245567899d0
e22da8c05934a721acc491a909e08d5a943d3e45b0189ce72acbf04bc636a185
e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e458f8c82e2df08ddc3ef7058ba420a244df4d799fc624bb395d36969941ccfb
e4f986a8353c5a2abd9f7cf9c0fafee05f7c1d8e8f8e5b2696878f85836ca57d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b52537ff5e7bf9d5bca3dc970504d564e9ff4f2452fa9276b2c53e83b09e22
e758f530d6d22acac580926f4d85e40deff4d0688f46cc159bed262f77ea53f5
e7635eabd992c5eb5ee4bd90eeaf3387cd8a5d6eacf0b3f41dadba312ad7b545
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5
ed179e4eadae3b2d0cdcb0a71de08f0a0a222e233bf9ffd07195ab00bf3198f4
edd004066786d6cb7bb4bb656d9aa1ab97e029ce72673a83e498bf8bc83fb5ac
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62706fc2e526effcb392237354c44eeb6445468e39fcf8524fad5923ce04e35
f63cabcb5869261342ac88493984878cedeada45bdc44b9c8b6ff43cf12aa675
f7a5a53379be40febc32a3991574b89d1f489a3f7ce0593c0203ae5b0b9bdba0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87f54a27defe2fce6522ab62e8eacc8a1c8e18d0210ed61650411f193232803
fd201c200e10f85a1efbee9694fad8eb9358be7d1fa844ebc1b5eb072d802408
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.celebrities.id Open in urlscan Pro 2606:4700:10::6816:21af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

332 Requests

99 %HTTPS

65 %IPv6

36 Domains

58 Subdomains

53 IPs

8 Countries

7524 kBTransfer

13180 kBSize

2 Cookies

17 Outgoing links

Page URL History

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.celebrities.id Open in urlscan Pro
2606:4700:10::6816:21af Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

99 %
HTTPS

65 %
IPv6

36
Domains

58
Subdomains

53
IPs

8
Countries

7524 kB
Transfer

13180 kB
Size

2
Cookies

332 HTTP transactions
5 data transactions