URL: https://162.55.38.158/
Submission Tags: krdtest
Submission: On January 16 via api from JP — Scanned from JP

Summary

This website contacted 45 IPs in 11 countries across 51 domains to perform 98 HTTP transactions. The main IP is 162.55.38.158, located in Germany and belongs to HETZNER-AS, DE. The main domain is 162.55.38.158.
TLS certificate: Issued by R3 on January 16th 2022. Valid for: 3 months.
This is the only time 162.55.38.158 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 162.55.38.158 24940 (HETZNER-AS)
1 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
10 2600:140b:1:4... 20940 (AKAMAI-ASN1)
1 46.105.201.240 16276 (OVH)
1 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
1 172.217.31.162 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 192.99.8.34 16276 (OVH)
1 158.69.139.229 16276 (OVH)
2 51.89.24.69 16276 (OVH)
1 13.249.171.51 16509 (AMAZON-02)
1 65.9.42.53 16509 (AMAZON-02)
1 65.9.42.77 16509 (AMAZON-02)
4 65.9.42.64 16509 (AMAZON-02)
2 4 209.191.163.208 29791 (VOXEL-DOT...)
1 45.55.120.93 14061 (DIGITALOC...)
2 2 51.79.83.225 16276 (OVH)
2 2 3.114.95.219 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 172.217.161.66 15169 (GOOGLE)
1 1 161.202.200.118 36351 (SOFTLAYER)
2 209.191.163.209 14744 (INTERNAP-...)
4 4 54.86.119.171 14618 (AMAZON-AES)
1 2 35.213.12.39 15169 (GOOGLE)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 2 104.18.102.194 13335 (CLOUDFLAR...)
2 2a03:2880:f05... 32934 (FACEBOOK)
2 2404:6800:400... 15169 (GOOGLE)
2 117.18.237.66 15133 (EDGECAST)
11 52.220.230.137 16509 (AMAZON-02)
1 104.244.42.8 13414 (TWITTER)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.75.146.159 16276 (OVH)
1 103.231.99.78 62713 (AS-PUBMATIC)
1 52.223.40.198 16509 (AMAZON-02)
1 13.225.159.64 16509 (AMAZON-02)
2 2 107.178.244.193 15169 (GOOGLE)
1 1 54.164.126.90 14618 (AMAZON-AES)
2 2 54.229.65.185 16509 (AMAZON-02)
2 2 52.69.231.227 16509 (AMAZON-02)
1 13.78.59.237 8075 (MICROSOFT...)
1 34.213.121.139 16509 (AMAZON-02)
1 69.169.85.6 29838 (AMC)
2 2 2406:da18:5ca... 16509 (AMAZON-02)
6 7 18.177.83.12 16509 (AMAZON-02)
2 2 104.254.148.166 29990 (ASN-APPNEX)
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
2 2 50.116.239.150 6336 (TURN-US-ASN)
1 1 52.77.11.198 16509 (AMAZON-02)
1 1 18.141.252.33 ()
3 3 151.101.2.49 54113 (FASTLY)
1 1 199.127.207.184 26120 (RHYTHMONE)
1 3.1.14.27 16509 (AMAZON-02)
1 1 103.229.205.243 30419 (MEDIAMATH...)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 8.39.36.141 26667 (RUBICONPR...)
1 23.10.5.240 20940 (AKAMAI-ASN1)
1 99.83.181.31 ()
98 45
Apex Domain
Subdomains
Transfer
14 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
24 KB
10 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 669
1 MB
10 lif.co.id
au.lif.co.id
119 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
185 KB
7 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 916
4 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
6 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
3 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 512
i6.liadm.com — Cisco Umbrella Rank: 1514
2 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 21950
data-beacons.s-onetag.com — Cisco Umbrella Rank: 12287
connect-metrics-collector.s-onetag.com
14 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 80
apis.google.com — Cisco Umbrella Rank: 140
www.google.com — Cisco Umbrella Rank: 13
73 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
762 B
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 592
syndication.twitter.com — Cisco Umbrella Rank: 844
133 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 14202
t.dtscout.com — Cisco Umbrella Rank: 11585
9 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
941 B
2 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1698
pm.w55c.net
1 KB
2 amgdgt.com
d4074332597254059878-t2704947981260488835.id.amgdgt.com
d4074332597254059878-t2777005575298416771.id.amgdgt.com
829 B
2 turn.com
d.turn.com — Cisco Umbrella Rank: 880
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
671 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3163
896 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
917 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
84 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
563 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
897 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23037
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
888 B
2 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 41946
914 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14234
s4.histats.com — Cisco Umbrella Rank: 12293
5 KB
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
615 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 689
214 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
647 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1634
422 B
1 videohub.tv
dt-secure.videohub.tv — Cisco Umbrella Rank: 5499
553 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1497
72 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
338 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 9279
328 B
1 avocet.io
ads.avocet.io — Cisco Umbrella Rank: 5240
204 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 4004
433 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
265 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
166 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 10474
356 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 24712
575 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
599 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 12939
406 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
642 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
0 clrstm.com Failed
sync.tag.clrstm.com Failed
0 survata.com Failed
px.surveywall-api.survata.com Failed
98 51
Domain Requested by
10 i.pinimg.com 162.55.38.158
10 au.lif.co.id 162.55.38.158
au.lif.co.id
7 ps.eyeota.net 6 redirects bcp.crwdcntrl.net
7 sync.crwdcntrl.net bcp.crwdcntrl.net
6 pagead2.googlesyndication.com 162.55.38.158
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
4 i.liadm.com 4 redirects
4 ap.lijit.com 2 redirects 162.55.38.158
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 sync-tm.everesttech.net 3 redirects
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 cm.g.doubleclick.net 2 redirects bcp.crwdcntrl.net
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
2 pixel-sync.sitescout.com 2 redirects
2 d.turn.com 2 redirects
2 ib.adnxs.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 dpm.demdex.net 2 redirects
2 ads.avct.cloud 2 redirects
2 pixel.tapad.com 2 redirects
2 platform.twitter.com au.lif.co.id
platform.twitter.com
2 apis.google.com au.lif.co.id
apis.google.com
2 connect.facebook.net au.lif.co.id
connect.facebook.net
2 p.adsymptotic.com 2 redirects
2 x.bidswitch.net 1 redirects 162.55.38.158
2 ce.lijit.com 162.55.38.158
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 t.dtscout.com e.dtscout.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.jp pagead2.googlesyndication.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 d4074332597254059878-t2777005575298416771.id.amgdgt.com 1 redirects
1 tags.bluekai.com bcp.crwdcntrl.net
1 token.rubiconproject.com bcp.crwdcntrl.net
1 sync.mathtag.com 1 redirects
1 cm.adgrx.com bcp.crwdcntrl.net
1 dt-secure.videohub.tv 1 redirects
1 pm.w55c.net 1 redirects
1 i.w55c.net 1 redirects
1 d4074332597254059878-t2704947981260488835.id.amgdgt.com 1 redirects
1 global.ib-ibi.com bcp.crwdcntrl.net
1 beacon.krxd.net bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 ads.avocet.io 1 redirects
1 audex.userreport.com bcp.crwdcntrl.net
1 match.adsrvr.org bcp.crwdcntrl.net
1 image6.pubmatic.com bcp.crwdcntrl.net
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 a.dtssrv.com e.dtscout.com
1 www.google.com tpc.googlesyndication.com
1 syndication.twitter.com platform.twitter.com
1 i6.liadm.com 162.55.38.158
1 um.simpli.fi 1 redirects
1 mwzeom.zeotap.com 162.55.38.158
1 spl.zeotap.com 1 redirects
1 t.dtscdn.com e.dtscout.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 s10.histats.com 162.55.38.158
1 fonts.googleapis.com 162.55.38.158
0 sync.tag.clrstm.com Failed bcp.crwdcntrl.net
0 px.surveywall-api.survata.com Failed bcp.crwdcntrl.net
98 69

This site contains links to these domains. Also see Links.

Domain
au.lif.co.id
Subject Issuer Validity Valid
au.lif.co.id
R3
2022-01-16 -
2022-04-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
histats.com
R3
2021-10-27 -
2022-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-28 -
2022-11-27
a year crt.sh
*.s-onetag.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.dtscdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-11-04 -
2022-12-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-26 -
2022-01-24
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-24 -
2022-02-22
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-08-01 -
2022-07-31
a year crt.sh
*.rqtrk.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-06-18 -
2022-06-18
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.userreport.com
Amazon
2021-02-18 -
2022-03-19
a year crt.sh
*.cintnetworks.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-04 -
2022-11-04
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-03-08
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-11-24 -
2022-04-26
5 months crt.sh

This page contains 11 frames:

Primary Page: https://162.55.38.158/
Frame ID: F6228C43C2D2BEBA623994DE63818136
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 3923980202C53951629F958E49BECC24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642377111&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642377111252&bpp=3&bdt=4462&idt=214&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&correlator=3880942130544&frm=20&pv=2&ga_vid=747705618.1642377111&ga_sid=1642377111&ga_hid=1495332489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31064016&oid=2&pvsid=2065433430819181&pem=953&tmod=186&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LYqWWQfQCY&p=https%3A//162.55.38.158&dtd=244
Frame ID: 566896A6333151EFCA9FC26821194BE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642377111&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642377111255&bpp=1&bdt=4465&idt=252&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3880942130544&frm=20&pv=1&ga_vid=747705618.1642377111&ga_sid=1642377111&ga_hid=1495332489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31064016&oid=2&pvsid=2065433430819181&pem=953&tmod=186&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6TbnEiDtRS&p=https%3A//162.55.38.158&dtd=255
Frame ID: 998DA39532E41A4EFC2138471CBAFDEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1642377112&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F162.55.38.158%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642377112054&bpp=3&bdt=5264&idt=3&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=3880942130544&frm=20&pv=1&ga_vid=747705618.1642377111&ga_sid=1642377111&ga_hid=1495332489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31064016&oid=2&pvsid=2065433430819181&pem=953&tmod=186&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=23
Frame ID: 482EB85CDB1E357D418438A6D8A52625
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301642377112C926B5D9CE5A4A947C
Frame ID: F39291B4F86BD7877BA82159DAD627DC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2F162.55.38.158
Frame ID: D6BD3A3135E6599B2FC35AA624C775C1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEBB91F5A3813D3B51D820249B658701
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD1BA4A34421431E9934F1E72D6810B
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: D05FD61EDD9AFDE7EDB18CE4E8685BA3
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C115%2C106%2C97%2C95%2C94%2C92%2C90%2C80%2C78%2C50%2C49%2C45%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3&c=3825
Frame ID: 47F4789C702D4B1D5F3ED2C0164CF3D6
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

au.lif.co.id | Get today's headlines and news

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

98
Requests

78 %
HTTPS

25 %
IPv6

51
Domains

69
Subdomains

45
IPs

11
Countries

1810 kB
Transfer

3158 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 45
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 48
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301642377112C926B5D9CE5A4A947C HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a952ea485971cb0fb9fd0056da50b36f HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b741533f2b673c14 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4b85686-7612-45af-7279-eafd46669e15&reqId=b7e79874-7450-4611-452a-b013133f3119&zcluid=b741533f2b673c14&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAWNs7HcP3VklHThQPN-LTY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4b85686-7612-45af-7279-eafd46669e15&reqId=b7e79874-7450-4611-452a-b013133f3119&zcluid=b741533f2b673c14&zdid=1332
Request Chain 49
  • https://um.simpli.fi/lj_match?r=76596 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=21B2F126724B438A8B291D0094AD78A4
Request Chain 50
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d7c0065068e469656c1e82de HTTP 303
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d7c0065068e469656c1e82de&_li_chk=true&previous_uuid=0f5f05ceff784b9db981c0d28427a8fb HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Request Chain 51
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c HTTP 303
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c&_li_chk=true&previous_uuid=1bacc74e95824c17bfc9a120c94cb56f HTTP 303
  • https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c
Request Chain 52
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=5886ebcfc7f237a5981e7a8c&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=76952 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=5886ebcfc7f237a5981e7a8c&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=76952&_expected_cookie=b788a4158b7d4c946b56840da19f21c3 HTTP 302
  • https://ce.lijit.com/merge?pid=5014&3pid=b788a4158b7d4c946b56840da19f21c3
Request Chain 75
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=c346f7de2d4c9dbb16816df1800f7849&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=c346f7de2d4c9dbb16816df1800f7849&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=c9bbe206-1e1b-4603-8412-01d028a88f60
Request Chain 76
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=cea1f0af-6115-4683-ac93-d739a11503e8
Request Chain 78
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c346f7de2d4c9dbb16816df1800f7849&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=c346f7de2d4c9dbb16816df1800f7849&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=19674803062565313821462425441122427758
Request Chain 83
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=56042d38-03c7-48a8-b736-60947a1650dc
Request Chain 84
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=c346f7de2d4c9dbb16816df1800f7849 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=c346f7de2d4c9dbb16816df1800f7849 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkRGV2xlbV91a0dFeDk3S3NCQ081Vml6alNJcUVoa3AycnM3Y2p4cTZWeWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEHxuxm_sIlZZIAXUJef1wBQ&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D2%2526dc_mr%253D5%2526dc_orig%253D51mdg9u%2526 HTTP 302
  • https://ps.eyeota.net/match?uid=9150658795992425448&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://d4074332597254059878-t2704947981260488835.id.amgdgt.com/r/telco/tuid/2704947981260488835/duid/4074332597254059878/url/https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D1mpjpn0%26turn_id%3D2704947981260488835%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2704947981260488835&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=GlAOhMqy1N9fjw5&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D5%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?uid=YeSvnQAGKErb5QAm&bid=0rijhbu&dc_rc=5&dc_mr=5&dc_orig=51mdg9u&
Request Chain 85
  • https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
  • https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-8e679f1a0cef090a084d32378f75823f
Request Chain 87
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=2c9361e4-af9d-4700-844c-20ad6ca6fbbd
Request Chain 88
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=660bed99-267a-4513-9736-376040a8717d-61e4af9d-4a50
Request Chain 90
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YeSvnQAGKErb5QAm HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YeSvnQAGKErb5QAm&_test=YeSvnQAGKErb5QAm
Request Chain 93
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c346f7de2d4c9dbb16816df1800f7849/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://d4074332597254059878-t2777005575298416771.id.amgdgt.com/r/telco/tuid/2777005575298416771/duid/4074332597254059878/url/https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10915%2Ftp%3DTRNN%2Ftpid%3D2777005575298416771 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2777005575298416771

98 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
162.55.38.158/
28 KB
7 KB
Document
General
Full URL
https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
faefcb02e812eef2b8df207c9359297415ba4258fe4cb9d2002de21598cf9de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
nginx
date
Sun, 16 Jan 2022 23:51:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip
g44l3.css
au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/
78 KB
13 KB
Stylesheet
General
Full URL
https://au.lif.co.id/wp-content/cache/wpfc-minified/knyubath/g44l3.css
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
4e431b97308b9410e643f34760001835b987e8ceff7a8c4e96b1e2915f1b0a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:46:53 GMT
server
nginx
etag
W/"6144b86d-139e3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:47 GMT
css
fonts.googleapis.com/
26 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Jan 2022 23:51:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 16 Jan 2022 23:51:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jan 2022 23:51:46 GMT
g44l3.css
au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/
179 KB
38 KB
Stylesheet
General
Full URL
https://au.lif.co.id/wp-content/cache/wpfc-minified/k2u1xmc2/g44l3.css
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
8cafaaa832d1a44fcd5bc9ef333879f4bd0c65b26908da587e38bedb7058aea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:46:53 GMT
server
nginx
etag
W/"6144b86d-2cdf0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:47 GMT
g44l4.js
au.lif.co.id/wp-content/cache/wpfc-minified/erpcz7to/
117 KB
46 KB
Script
General
Full URL
https://au.lif.co.id/wp-content/cache/wpfc-minified/erpcz7to/g44l4.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
791c8cb7086c4f68eba4d5c772fe7223b51fc9d927c57da9082a7fe32d9aba5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:46:54 GMT
server
nginx
etag
W/"6144b86e-1d5a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e97deb1637c7bbc0681db6672f4e018c330fdeb598c2dc6f24e4c2e89dae92ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51972
x-xss-protection
0
server
cafe
etag
14446205129481247449
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 23:51:51 GMT
aa3c3a5453d531faab26ee3bee55094c.jpg
i.pinimg.com/originals/aa/3c/3a/
201 KB
202 KB
Image
General
Full URL
https://i.pinimg.com/originals/aa/3c/3a/aa3c3a5453d531faab26ee3bee55094c.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe5232670299a2372dd70a4abd1c4bac640d200d34460cd46f138b5afed1d0f7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09f3
etag
"6f30611f0837b2e5356fd43767f069b7"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
205870
de00fd06aaa44f61968ef495244445ed.jpg
i.pinimg.com/originals/de/00/fd/
72 KB
72 KB
Image
General
Full URL
https://i.pinimg.com/originals/de/00/fd/de00fd06aaa44f61968ef495244445ed.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5a8b8cfaa2d33ee025e06b28e0f74a387446d420161e0b17315ceb4bdaef79f2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09f5
etag
"f3d547203a05fa6bea93552aad86bd8b"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
73680
3705570f85fdf16f7d14bc29f9b23eae.jpg
i.pinimg.com/originals/37/05/57/
99 KB
99 KB
Image
General
Full URL
https://i.pinimg.com/originals/37/05/57/3705570f85fdf16f7d14bc29f9b23eae.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
936e06681b89a3b9aae1a8ec8bdf62e197e5a01fb1c962dff547455495d0eefe

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09fa
etag
"abf22d76815a5df0465268091ce47cfd"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
101192
1eee46774cc7f3690d4dfa2a51ac1599.jpg
i.pinimg.com/originals/1e/ee/46/
155 KB
155 KB
Image
General
Full URL
https://i.pinimg.com/originals/1e/ee/46/1eee46774cc7f3690d4dfa2a51ac1599.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9af4680a9dd588d9c5e4a30598d79a58ef9ecbc08a163d6e6bfa24f14e6c522e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
88
x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09f7
x-edgeconnect-midmile-rtt
56
etag
"c8f4c6d0e9565d1d8ed1e73afc72819e"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
158587
8b14222cedf294752d61f4e2c4fc996a.jpg
i.pinimg.com/originals/8b/14/22/
244 KB
244 KB
Image
General
Full URL
https://i.pinimg.com/originals/8b/14/22/8b14222cedf294752d61f4e2c4fc996a.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
885433a1ede80712f74671694bc53a428403f1dcc13e25d9a1ebe44931f9c3ab

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09f6
etag
"6a8a2ee91494cb860bab7fa0863163ff"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
249552
c635c1aeba6159d909b86d2e10cfced1.jpg
i.pinimg.com/originals/c6/35/c1/
140 KB
141 KB
Image
General
Full URL
https://i.pinimg.com/originals/c6/35/c1/c635c1aeba6159d909b86d2e10cfced1.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a46535117eafe2df691eaca1b4625026736433b7ed1079a79aba9b755e41db2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09f9
etag
"081d6ac94d3798ba364825bb6c53ef1f"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
143668
03f949f209ffb7ba6142fba74d372e8e.jpg
i.pinimg.com/originals/03/f9/49/
105 KB
106 KB
Image
General
Full URL
https://i.pinimg.com/originals/03/f9/49/03f949f209ffb7ba6142fba74d372e8e.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dd6dfc139242c02667a86696f5ffc45a35d2f0c9f55890e2ea06c20679ccaca7

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09ec
etag
"fd0b6cf5664c5a370f7fa071b671d235"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
107694
b9fbe3084c470ab823729e64205e2171.jpg
i.pinimg.com/originals/b9/fb/e3/
18 KB
18 KB
Image
General
Full URL
https://i.pinimg.com/originals/b9/fb/e3/b9fbe3084c470ab823729e64205e2171.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d1760320459ed7fb62c0ad79c080dc84ef7d23f8396cdff2a51d9d34db6e9cc

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09ef
etag
"be93770e538cb8890f4e1efc0a5c1a29"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
18726
9d07dc2778bc87d2a4b77f61a4224d20.jpg
i.pinimg.com/736x/9d/07/dc/
33 KB
33 KB
Image
General
Full URL
https://i.pinimg.com/736x/9d/07/dc/9d07dc2778bc87d2a4b77f61a4224d20.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
320421b843e36e6f3fc32b30e09d27e3cbc409acf6c9ae97df1efb791fa8ed10

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09f0
etag
"4ecce5066d318c4ddc8ed94b5f380995"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
34015
a1f1bc8fa46e365d0d63c45d32632e2d.jpg
i.pinimg.com/474x/a1/f1/bc/
25 KB
25 KB
Image
General
Full URL
https://i.pinimg.com/474x/a1/f1/bc/a1f1bc8fa46e365d0d63c45d32632e2d.jpg
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1:4b1::1931 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4cfa05f3e97ea532f92baaf54026389ac88864d2839e98dcd03d6735e196d360

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.af0e0f17.1642377111.1dfc09ed
etag
"5280617e9bec59813d3a1a4c64e6264b"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
25506
zb.js
au.lif.co.id/wp-content/plugins/zerobounce/res/js/
238 B
451 B
Script
General
Full URL
https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
48278256ddcfe26a0ff820c23771028804c3eb712e6329f939993f8b505648d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:49 GMT
last-modified
Mon, 08 Feb 2021 18:15:50 GMT
server
nginx
etag
"60217fd6-ee"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
238
expires
Mon, 17 Jan 2022 11:51:49 GMT
jsscript.min.js
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/
45 KB
14 KB
Script
General
Full URL
https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/jsscript.min.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
c59450d753faa88015a67dcbe38fc265d60f1c220086bc2fddb6572bd4aa111c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 22:24:08 GMT
server
nginx
etag
W/"5fdd2c08-b3f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:51 GMT
rating.js
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/
1 KB
839 B
Script
General
Full URL
https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/rating.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
2636d17b8f17ecca666a78942cf022a5301d69c514abbdd242e01e4390d8287d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 22:24:08 GMT
server
nginx
etag
W/"5fdd2c08-456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:51 GMT
custom.main.js
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/
2 KB
1 KB
Script
General
Full URL
https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
0276c1ed6244ebd50f0467edb6836ab0673002c37374929442f7b94548f9c90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 22:24:08 GMT
server
nginx
etag
W/"5fdd2c08-747"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:51 GMT
wp-embed.min.js
au.lif.co.id/wp-includes/js/
1 KB
1002 B
Script
General
Full URL
https://au.lif.co.id/wp-includes/js/wp-embed.min.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 23:09:31 GMT
server
nginx
etag
W/"60a6ec2b-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:51 GMT
image.js
au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/
2 KB
893 B
Script
General
Full URL
https://au.lif.co.id/wp-content/plugins/featured-image-from-url/includes/html/js/image.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 15:13:10 GMT
server
nginx
etag
W/"6144b086-8df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Mon, 17 Jan 2022 11:51:51 GMT
js15_as.js
s10.histats.com/
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:43:12 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
1058177367
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Alight%2Clightitalic%2Cregular%2Cregularitalic%2C600%2C600italic%2Cbold%2Cbolditalic%2C800%2C800italic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://162.55.38.158
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 04:09:08 GMT
x-content-type-options
nosniff
age
416563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 04:09:08 GMT
fontawesome-webfont.woff
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/
0
0

admin-ajax.php
au.lif.co.id/wp-admin/
7 KB
3 KB
Script
General
Full URL
https://au.lif.co.id/wp-admin/admin-ajax.php?action=zbjs&task=getjs&md5=cb27f3b10a6114b9b8c84722545b75c8
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/plugins/zerobounce/res/js/zb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.38.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.38.55.162.clients.your-server.de
Software
nginx /
Resource Hash
85644de7b8a129b7eb64cc67de5e4a44507b969b9b8df4554344f531f6ab108e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:52 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=31536000
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/
278 KB
100 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9bebfca5d416c1d4df54fd99a53d40e971ab9507392a911a43328d1817e4ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102629
x-xss-protection
0
server
cafe
etag
12893140606013064107
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 23:51:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 3923
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Sun, 16 Jan 2022 03:38:25 GMT
expires
Sun, 30 Jan 2022 03:38:25 GMT
cache-control
public, max-age=1209600
age
72806
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
213 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=162.55.38.158&callback=_gfp_s_&client=ca-pub-2549139592322417
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f2.1e100.net
Software
cafe /
Resource Hash
4cefa11660e0e9cca6bf7b305c3465c0d9fbae07575a39a88496123266a316ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=162.55.38.158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=162.55.38.158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 16 Jan 2022 23:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5668
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=3873247012&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642377111&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642377111252&bpp=3&bdt=4462&idt=214&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&correlator=3880942130544&frm=20&pv=2&ga_vid=747705618.1642377111&ga_sid=1642377111&ga_hid=1495332489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31064016&oid=2&pvsid=2065433430819181&pem=953&tmod=186&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LYqWWQfQCY&p=https%3A//162.55.38.158&dtd=244
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 16 Jan 2022 23:51:51 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 998D
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&h=280&slotname=4377165457&adk=4110568496&adf=1857079971&pi=t.ma~as.4377165457&w=728&fwrn=4&fwrnh=100&lmt=1642377111&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2F162.55.38.158%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642377111255&bpp=1&bdt=4465&idt=252&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=3880942130544&frm=20&pv=1&ga_vid=747705618.1642377111&ga_sid=1642377111&ga_hid=1495332489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31064016&oid=2&pvsid=2065433430819181&pem=953&tmod=186&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6TbnEiDtRS&p=https%3A//162.55.38.158&dtd=255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 16 Jan 2022 23:51:51 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0.php
s4.histats.com/stats/
377 B
512 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1642377111636&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-175384947&@b3:1642377112&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F162.55.38.158%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
edd690a256026c398fdb7253f21319112aee797bfdc13625165353fe67d51870

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:52 GMT
Connection
close
Content-Length
377
Content-Type
text/html;charset=UTF-8
integrator.js
adservice.google.co.jp/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=162.55.38.158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 16 Jan 2022 23:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=162.55.38.158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 16 Jan 2022 23:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 482E
0
20 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2549139592322417&output=html&adk=3046330955&adf=2044148826&lmt=1642377112&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F162.55.38.158%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642377112054&bpp=3&bdt=5264&idt=3&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&nras=1&correlator=3880942130544&frm=20&pv=1&ga_vid=747705618.1642377111&ga_sid=1642377111&ga_hid=1495332489&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31064016&oid=2&pvsid=2065433430819181&pem=953&tmod=186&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 16 Jan 2022 23:51:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 16 Jan 2022 23:51:52 GMT
cache-control
private
/
e.dtscout.com/e/
7 KB
8 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4513355&@f16&@g1&@h1&@i1&@j1642377111636&@k0&@l1&@mau.lif.co.id%20%7C%20Get%20today%27s%20headlines%20and%20news&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-175384947&@b3:1642377112&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F162.55.38.158%2F&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6c77404dffe8e3435d4a92e12af88e7e17b1e3c7a43a9b81c25a3c78552d37d8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:52 GMT
X-T
0.589
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl3
Expires
Sun, 16 Jan 2022 23:51:51 GMT
fontawesome-webfont.ttf
au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/fonts/
0
0

/
t.dtscout.com/idg/ Frame F392
1 KB
753 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=4C301642377112C926B5D9CE5A4A947C
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip69.ip-51-89-24.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3562645737061823d362eb1bde416a7d985669a2e655dd481fcb46b008f63a03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 16 Jan 2022 23:51:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Sun, 16 Jan 2022 23:51:52 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.171.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-171-51.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:14:21 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
85052
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
via
1.1 263337573333cdedec0f11e424dd369c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
NRT12-C3
content-type
text/javascript
x-amz-cf-id
_ecz_y7Mvxa9Guya3msb-UIbjWTTbv9k5bJnWeoUiZKkJClwDZLBag==
/
t.dtscout.com/pv/
50 B
318 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=162.55.38.158&_ss=681q6ti93i&_pv=1&_ls=0&_u1=1&_u3=1&_cc=jp&_pl=d&_cbid=1l9j&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip69.ip-51-89-24.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e702cc68cc77750b4f24753d1bfd62d36b74ae02c7aa221ca04b01e2dc1d00ef

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:53 GMT
X-T
0.137
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Sun, 16 Jan 2022 23:51:52 GMT
/
onetag-geo.s-onetag.com/
535 B
950 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-53.nrt12.r.cloudfront.net
Software
/
Resource Hash
e725e43a8e0661261ff8f16ce5d21d2c4b56c0e7a5c7fcee62fe439ef66ee813

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:32:36 GMT
via
1.1 ca1bfbfd9295e7865d816048e88d6b34.cloudfront.net (CloudFront), 1.1 16a35f2b2822aee977100c01186bf17c.cloudfront.net (CloudFront)
age
1156
x-amzn-requestid
d208f14c-510c-485b-bd89-11e54cfbf2ae
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
NRT57-C3, NRT12-C5
x-amz-apigw-id
MD-rLHvDCYcFzlQ=
content-length
535
x-amz-cf-id
PnAm-bfPLESgvTgfHI9YHfbjLnCNJtFkPuMefjbsLx4SNBLipQE9Ww==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
836 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-77.nrt12.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:32:36 GMT
content-encoding
gzip
server
restify
age
1157
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://162.55.38.158
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
NRT12-C5
x-amz-cf-id
PlOpeKAcfTTSXVTi0Y06YAQE5c4NYzdWTWKhzmCxyf8IUx6_mWlE0A==
via
1.1 54732db85fb7104550b661299a2972ac.cloudfront.net (CloudFront)
dataBeacons.min.js
data-beacons.s-onetag.com/
6 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-64.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 16:31:37 GMT
server
AmazonS3
age
980
etag
W/"5ff42869b876a4eddafd981cab0b8818"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 929439fc8008e1e199a09db4822463c6.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Sun, 16 Jan 2022 23:35:34 GMT
x-amz-cf-pop
NRT12-C5
x-amz-cf-id
fhxOfzqzpp_RG-Oc0jYyDw4bvjszzpFGccCdoMQtn-ESjCD-aFl5sA==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
461 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5dee20f7dcbb1143f379b760f147862c5bb55532ad0c6c4b9489db6eedf17ef2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sun, 16 Jan 2022 23:51:53 GMT
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
461 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
78bb8b09d1a4c89c77800cfedf2f7b3a83f01eedc208d1e5920c950315968966

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sun, 16 Jan 2022 23:51:53 GMT
Access-Control-Allow-Origin
https://162.55.38.158
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
43 KB
14 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-64.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f5fafca53e303f739660340b7354ea21f79ccb6f80aed85f4110c941b6cfc9

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:33:17 GMT
content-encoding
gzip
etag
W/"e8e52baa0cf6ccb764f317323674bacd"
last-modified
Mon, 10 Jan 2022 15:33:32 GMT
server
AmazonS3
age
83917
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 96e29e2d286e9945c6f86b08bdd9beb2.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
NRT12-C5
x-amz-cf-id
iXwqBWTPD3PCtB8m2jRpBUJQs8Lh8zyA9460lbGHHSmX751On5HNkQ==
/
t.dtscdn.com/widget/
0
406 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=4C301642377112C926B5D9CE5A4A947C&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F162.55.38.158%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F162.55.38.158%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:49:12 GMT
X-T
0.92
x-server
web3.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Sun, 16 Jan 2022 23:49:11 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301642377112C926B5D9CE5A4A947C
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a952ea485971cb0fb9fd0056da50b36f
  • https://spl.zeotap.com/?zdid=1332&zcluid=b741533f2b673c14
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4b85686-7612-45af-7279-eafd46669e15&reqId=b7e79874-7450-4611-452a-b013133f3119&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAWNs7HcP3VklHThQPN-LTY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4b85686-7612-45af-7279-eafd46669e15&reqId=b7e79874-7450-4611-452a-b01...
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAWNs7HcP3VklHThQPN-LTY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4b85686-7612-45af-7279-eafd46669e15&reqId=b7e79874-7450-4611-452a-b013133f3119&zcluid=b741533f2b673c14&zdid=1332
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://162.55.38.158
access-control-allow-credentials
true
cf-ray
6ceb41270a3a80f3-NRT
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 16 Jan 2022 23:51:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAWNs7HcP3VklHThQPN-LTY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b4b85686-7612-45af-7279-eafd46669e15&reqId=b7e79874-7450-4611-452a-b013133f3119&zcluid=b741533f2b673c14&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=76596
  • https://ce.lijit.com/merge?pid=2&3pid=21B2F126724B438A8B291D0094AD78A4
0
460 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=21B2F126724B438A8B291D0094AD78A4
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jan 2022 23:51:54 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 16 Jan 2022 23:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=21B2F126724B438A8B291D0094AD78A4
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 15 Jan 2022 23:51:54 GMT
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d7c0065068e469656c1e82de
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=d7c0065068e469656c1e82de&_li_chk=true&previous_uuid=0f5f05ceff784b9db981c0d28427a8fb
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
43 B
510 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date
Sun, 16 Jan 2022 23:51:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
59074
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c&_li_chk=true&previous_uuid=1bacc74e95824c17bfc9a120c94cb56f
  • https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c
43 B
447 B
Image
General
Full URL
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:55 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
8ab5c570997a400f
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=5886ebcfc7f237a5981e7a8c
Date
Sun, 16 Jan 2022 23:51:54 GMT
Connection
keep-alive
trace-id
7afbf604e2abb326
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
merge
ce.lijit.com/
Redirect Chain
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=5886ebcfc7f237a5981e7a8c&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
  • https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=5886ebcfc7f237a5981e7a8c&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
  • https://ce.lijit.com/merge?pid=5014&3pid=b788a4158b7d4c946b56840da19f21c3
0
460 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=5014&3pid=b788a4158b7d4c946b56840da19f21c3
Requested by
Host: 162.55.38.158
URL: https://162.55.38.158/
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jan 2022 23:51:54 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 16 Jan 2022 23:51:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='NON DSP COR CONi OUR BUS CNT'
location
https://ce.lijit.com/merge?pid=5014&3pid=b788a4158b7d4c946b56840da19f21c3
cf-ray
6ceb4122f8fa8a6e-NRT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_fy2019.js?bust=31064016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c6dd66bfafd57ef4e61407adf9ab2eab87745f8f4ab9a037f02be2053025f36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 16 Jan 2022 23:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8830
x-xss-protection
0
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f05a:100:face:b00c:0:3 Tai Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e41538e21d4c97d477f6785c2e12c26fa12adb5ef69d19e4fd7c841e8ca89837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
u0MXlvJvIpPYERQBBaxeKA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
FpZS3SAvp5FXZGOaKq+hopd/x8N3C9mwLL3f5hS5bM1wiDl5RWjd9KhCptViOhpIvDq1DxcF1RAzuB0J0cXUMA==
x-fb-trip-id
1679558926
x-fb-content-md5
02b4cf475766cb4e5e24fef5c7c7b057
x-frame-options
DENY
date
Sun, 16 Jan 2022 23:51:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"54bbeb5d534b8c9bb7213e5123e1d3a9"
timing-allow-origin
*
expires
Mon, 17 Jan 2022 00:05:01 GMT
plusone.js
apis.google.com/js/
52 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/C0qZd+8ui19SdIrJlCfwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 23:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"c9f5a685272db812846def3c0d393045"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-/C0qZd+8ui19SdIrJlCfwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 16 Jan 2022 23:51:56 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: au.lif.co.id
URL: https://au.lif.co.id/wp-content/themes/flatsimplebingit/includes/assets/js/custom.main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (tkb/72AA) /
Resource Hash
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://162.55.38.158/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 23:51:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 20:08:29 GMT
Server
ECS (tkb/72AA)
Age
636
Etag
"b607db789ce85f01d2c97329a89acfde+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29153
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-64.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://162.55.38.158/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jan 2022 23:32:40 GMT
content-encoding
gzip
age
1157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 15:33:32 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
NRT12-C5
x-amz-cf-id
kNzAb3dSuIDkFVGQwNVZpDclhSMgLlAlZEG9qivmAXWthvp62ScAmA==
data